Month: April 2024
Microsoft warns that the Russian APT28 threat group exploits a Windows Print Spooler vulnerability to escalate privileges and steal credentials and data using a previously unknown hacking tool called GooseEgg. APT28 has been using this tool to exploit the CVE-2022-38028 vulnerability “since at least June 2020 and possibly as early as April 2019.” Redmond fixed the vulnerability reported…
Read More
Many companies and organizations around the world have issued mandatory work-from-home policies due to the COVID-19 pandemic. When companies find themselves in a situation like we are in today, going from a zero percent remote workforce to 100 percent in a matter of days, it can be daunting. What used to be safe, thanks to…
Read MoreIn the fall of 2020, many countries began to require that travelers test negative for the new coronavirus before crossing their borders. As with anything of value, a black market soon emerged. Travelers could illicitly purchase forged negative COVID-19 test results and try to fake their way through the checkpoint. Goodness knows, we’ve already seen…
Read MoreMS-ISAC ADVISORY NUMBER: 2023-138 DATE(S) ISSUED: 12/11/2023 OVERVIEW: A vulnerability has been discovered in Apache Struts 2, which could allow for remote code execution. Apache Struts 2 is an open-source web application framework for developing Java EE web applications. Successful exploitation could allow for remote code execution in the context of underlying operating system. Depending…
Read MoreReasons for Credential Spills In some of the incidents, organizations were willing and able to disclose the reason credentials were compromised. While every incident is a little different, we’ve highlighted a few here that are particularly instructive (or just frustrating). In short, there’s no shortage of opportunity, even for unsophisticated threats. A Breach from Beyond…
Read MoreThis is the third in our series on the Department of Defense (DoD) Cybersecurity Maturity Model Certification (CMMC). Our previous articles introduced the DoD CMMC model and how to prepare for DoD CMMC audits. This final article covers how a CMMC audit is expected to play out for an assessed organization. In an American court…
Read MoreF5 Labs in collaboration with Effluxio researches global attack traffic to gain a better understanding of cyberthreat landscape. In this episode of regional threat analysis, F5 Labs researchers break down the data collected by our sensors on attacks targeting India from October 1 through December 31, 2020. Cyberattacks happen in many forms, but it usually…
Read MoreIntroduction F5 Labs attack series education articles help you understand common attacks, how they work, and how to defend against them. What is a Trojan? A trojan is any type of malicious program disguised as a legitimate one. Often, they are designed to steal sensitive information (login credentials, account numbers, financial information, credit card…
Read MoreAccounting for the slight dip in 2019, password login attacks account for 32% of all reported SIRT incidents over the past three years. We also saw how they jumped in 2020, so we did a deeper dive into how these kinds of cyberattacks ramped up during the pandemic. Credential Stuffing Attacks at Financial Services Organizations…
Read MoreWhen Jean-Jacques Rousseau wrote The Social Contract in 1762, he argued that only humans possess sovereign power, and that they alone may choose which freedoms they surrender in exchange for the benefits and stability of government. Now, for the first time in more than a century, we are debating amending or rebalancing aspects of the…
Read More