What’s Happening in Cybersecurity This Week? Hey there! It’s time for your weekly roundup featuring all the latest happenings in cybersecurity. Trust me, you NEED to be in the loop this time. This week is packed with crucial updates that range from zero-day exploits and rogue AI activities to the FBI stepping into the crypto…
The Importance of Detection and Response (DR) in Cloud Security The link between detection and response (DR) practices and cloud security has often been undervalued. As global organizations increasingly adopt cloud environments, security strategies have primarily focused on “shift-left” practices. These practices involve securing code, ensuring proper cloud posture, and fixing misconfigurations. While these steps…
Security Flaws in Ivanti Cloud Service Appliance Recent reports have highlighted alarming news about a suspected nation-state adversary actively weaponizing three significant security flaws in the Ivanti Cloud Service Appliance (CSA). According to Fortinet FortiGuard Labs, these vulnerabilities have been exploited to carry out malicious actions. Notably, a zero-day vulnerability has allowed unauthorized access to…
Active Threats Targeting Veeam Backup & Replication Threat actors are actively attempting to exploit a recently patched security flaw in Veeam Backup & Replication. This flaw, identified as CVE-2024-40711, has garnered the attention of cybersecurity experts. According to research conducted by Sophos, hackers have been leveraging this vulnerability to deploy Akira and Fog ransomware. Understanding…
OilRig Exploits Windows Kernel Flaw in Cyber Espionage The Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the Windows Kernel. This action is part of a broader cyber espionage campaign targeting the United Arab Emirates (U.A.E.) and the Gulf region. The sophistication of OilRig's tactics makes them…
Operation Token Mirrors: Major Fraud Investigation Targets Digital Asset Manipulation The U.S. Department of Justice (DoJ) has revealed significant arrests and charges against various individuals and entities. These actions are linked to alleged manipulation of digital asset markets, as part of a widespread fraud operation known as Operation Token Mirrors. This law enforcement initiative comes…
New Malware Campaign Targets Insurance and Finance Sectors A new tax-themed malware campaign is gaining traction among cybercriminals, specifically targeting the insurance and finance sectors. Threat actors are leveraging GitHub links in phishing emails to bypass security measures and deliver Remcos Remote Access Trojan (RAT). This indicates a shift in tactics, making it essential for…
Threat actors constantly evolve their strategies to bypass cybersecurity measures. They develop innovative tactics to steal user credentials, one of which is hybrid password attacks. These attacks blend various cracking techniques, making them more powerful and harder to defend against. In this post, we’ll dive into hybrid attacks, unpacking their methods and implications. What Are…
CISA Warns of Threat Actors Exploiting Unencrypted Cookies The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about cyber threats linked to unencrypted persistent cookies. These cookies are being managed by the F5 BIG-IP Local Traffic Manager (LTM) module. This issue allows attackers to conduct reconnaissance on targeted networks. Attackers can exploit…
GitLab Security Updates: Critical Vulnerability Addressed GitLab has recently released important security updates for its Community Edition (CE) and Enterprise Edition (EE). These updates are crucial as they address eight security flaws, including a critical vulnerability that could potentially allow attackers to run Continuous Integration and Continuous Delivery (CI/CD) pipelines on arbitrary branches. This vulnerability…