Understanding the Growing Risks of Employee-Led SaaS Adoption As technology adoption has shifted to be employee-led, just in time, and from any location or device, IT and security teams face a daunting challenge. They must manage the ever-expanding Software as a Service (SaaS) attack surface, much of which remains unknown or unmanaged. This situation greatly…
Federal prosecutors in the United States have charged two Sudanese brothers with running a distributed denial-of-service (DDoS) botnet for hire. This botnet has been responsible for an astonishing 35,000 DDoS attacks in just one year. Notably, some of these attacks targeted widely used services like Microsoft in June 2023. The brothers allegedly leveraged a powerful…
Critical Security Flaw in Kubernetes Image Builder A severe security flaw has been identified in the Kubernetes Image Builder. This vulnerability, classified as CVE-2024-9486, could potentially allow attackers to gain root access to the system under specific conditions. The CVSS score of this vulnerability is an alarming 9.8, indicating its high severity. The maintainers of…
Threat Actors Misusing EDRSilencer Tool to Evade Detection Threat actors are increasingly attempting to exploit the open-source EDRSilencer tool to tamper with endpoint detection and response (EDR) solutions. This alarming trend highlights the evolving nature of cyberattacks, where attackers repurpose legitimate tools for malicious purposes. Recently, Trend Micro reported that "threat actors are attempting to…
FIDO Alliance’s Efforts for Credential Interoperability The FIDO Alliance is making significant strides to improve credential provider interoperability. With over 12 billion online accounts accessible through passwordless sign-in methods, simplifying the export of passkeys and other credentials across different providers is crucial. This initiative will enhance user experience and security by allowing seamless transitions between…
Understanding the ScarCruft Threat Actor and RokRAT Malware ScarCruft is a North Korean threat actor notorious for its cyberattack strategies. Recently, they have been linked to the exploitation of a serious zero-day vulnerability in Windows. This vulnerability, known as CVE-2024-38178, has a CVSS score of 7.5 and is classified as a memory corruption bug. It…
The Rise of Cybercriminals Using AI Artificial intelligence (AI) is changing how we interact with technology. Unfortunately, this also opens doors for cybercriminals who leverage AI and exploit its vulnerabilities. In this post, we will explore how these cybercriminals operate and the threats they pose to systems, users, and even other AI applications. How Cybercriminals…
Understanding the Current Cyber Threat Landscape To defend your organization against cyber threats, it’s essential to grasp the current threat landscape fully. Being aware of new and ongoing threats will guide your efforts effectively. One key approach involves gathering cyber threat intelligence. This blog post explores five techniques to enhance your threat investigations, focusing particularly…
New Spear-Phishing Campaign Targets Brazil with Astaroth Banking Malware A new spear-phishing campaign has emerged in Brazil, delivering a dangerous banking malware known as Astaroth, also referred to as Guildma. This campaign uses obfuscated JavaScript to bypass security measures, raising alarm among security experts. According to Trend Micro, the impact of this spear-phishing campaign affects…
CISA Warns of Critical Vulnerability in SolarWinds Web Help Desk The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently highlighted a severe security flaw within SolarWinds Web Help Desk (WHD) software. Tracked as CVE-2024-28987, this vulnerability has a high CVSS score of 9.1. Alarmingly, there are signs of active exploitation, making it crucial for organizations…