Mass Email Extortion Campaign Claims Server Hack
Threat actors claim they’ll destroy victims’ reputation if they don’t pay
Cyber News, Cyber Threat TrendsStories from the SOC: Fortinet authentication bypass observed in the wild
Executive summary: Fortinet’s newest vulnerability, CVE-2022-40684, allowing for authentication bypass to manipulate admin SSH keys, unauthorized downloading of configuration files, and creating of super admin accounts, is put a big target on the back’s of unpatched and exposed Fortinet devices. An AT&T Managed Extended Detection and Response (MXDR) customer was involved in a true positive […]
Cyber News, Cyber Threat TrendsUkrainian CERT Discloses New Data-Wiping Campaign
Somnia malware hijacks Telegram and VPN accounts
Cyber News, Cyber Threat TrendsUK Shoppers Lost £15m+ to Scammers Last Winter
Cyber experts urge consumers to improve online safety
Cyber News, Cyber Threat Trends
- November 14, 2022
New KmsdBot Malware Hijacking Systems for Mining Crypto and Launch DDoS Attacks
A newly discovered evasive malware leverages the Secure Shell (SSH) cryptographic protocol to gain entry into targeted systems with the goal of mining cryptocurrency and carrying out distributed denial-of-service (DDoS) attacks. Dubbed KmsdBot by the Akamai Security Intelligence Response Team (SIRT), the Golang-based malware has been found targeting a variety of companies ranging from gaming to
Cyber News, Cyber Threat Trends
- November 14, 2022
Worok Hackers Abuse Dropbox API to Exfiltrate Data via Backdoor Hidden in Images
A recently discovered cyber espionage group dubbed Worok has been found hiding malware in seemingly innocuous image files, corroborating a crucial link in the threat actor’s infection chain. Czech cybersecurity firm Avast said the purpose of the PNG files is to conceal a payload that’s used to facilitate information theft. “What is noteworthy is data collection from […]
Cyber News, Cyber Threat Trends
- November 13, 2022
How to Fix CloudFormation
ACM.110 CloudFormation is an amazing concept but it needs a little TLC This is a continuation of my series of posts on Automating Cybersecurity Metrics. In the last post we looked at adding a policy to our VPC Endpoint that provides access to CloudFormation via a private network (i.e. without traversing the Internet.) Add a Policy […]
Cyber News, Cyber Threat Trends
- November 12, 2022
Add a Policy to an AWS VPC Endpoint
ACM.109 Combining IAM and network controls to improve cloud security defenses This is a continuation of my series of posts on Automating Cybersecurity Metrics. In a prior post we created an AWS VPC Endpoint to use with CloudFormation. VPC Endpoint for CloudFormation Then we valiated that the traffic traverses a private route. Validating VPC Endpoint Connections Occur […]
Cyber News, Cyber Threat TrendsSecurity challenges facing SMBs – Week in security with Tony Anscombe
New ESET report shows how ever-growing threats impact SMB sentiment and why many SMBs are underprepared to defend against attacks The post Security challenges facing SMBs – Week in security with Tony Anscombe appeared first on WeLiveSecurity
Cyber News, Cyber Threat Trends