Luxury pre-owned watch website Watchfinder has warned its user base that their personal data has been accessed after an employee’s account was broken into and a customer list accessed.
Cyber NewsThe advisory suggests Zinc has targeted media, defense and aerospace, and IT services
Cyber NewsAn espionage-focused threat actor has been observed using a steganographic trick to conceal a previously undocumented backdoor in a Windows logo in its attacks against Middle Eastern governments. Broadcom’s Symantec Threat Hunter Team attributed the updated tooling to a hacking group it tracks under the name Witchetty, which is also known as LookingFrog, a subgroup operating under […]
Cyber NewsACM.66 Why you should use Subnet NACLs even if you already use security groups and how to create them This is a continuation of my series of posts on Automating Cybersecurity Metrics. In the past few posts we automated the creation of public and private VPCs, route tables and subnets. In this post, we’ll apply network […]
Cyber NewsOnyxia, an AI-powered cybersecurity strategy and performance platform providing a centralized way for security teams to monitor and manage cybersecurity efforts in real time, has raised $5 million in seed fundraising led by World Trade Ventures with participation by Silvertech Ventures and angel investors.
Cyber NewsDouble-play 0-day in Exchange – what you need to know, and what you can do
Cyber NewsA “highly operational, destructive, and sophisticated nation-state activity group” with ties to North Korea has been weaponizing open source software in their social engineering campaigns aimed at companies around the world since June 2022. Microsoft’s threat intelligence teams, alongside LinkedIn Threat Prevention and Defense, attributed the intrusions with high confidence to Zinc, which is
Cyber NewsEndpoint devices like desktops, laptops, and mobile phones enable users to connect to enterprise networks and use their resources for their day-to-day work. However, they also expand the attack surface and make the organisation vulnerable to malicious cyberattacks and data breaches. Why Modern Organisations Need EDR According to the 2020 global risk report by Ponemon Institute, smartphones,
Cyber NewsA social engineering campaign leveraging job-themed lures is weaponizing a years-old remote code execution flaw in Microsoft Office to deploy Cobalt Strike beacons on compromised hosts. “The payload discovered is a leaked version of a Cobalt Strike beacon,” Cisco Talos researchers Chetan Raghuprasad and Vanja Svajcer said in a new analysis published Wednesday. “The beacon configuration contains
Cyber News