Month: May 2024
An international law enforcement operation codenamed ‘Operation Endgame’ has seized over 100 servers worldwide used by multiple major malware loader operations, including IcedID, Pikabot, Trickbot, Bumblebee, Smokeloader, and SystemBC. The action, which occurred between May 27 and 29, 2024, involved 16 location searches across Europe and led to the arrest of four individuals, one in…
Read MoreAn international law enforcement operation codenamed ‘Operation Endgame’ has seized over 100 servers worldwide used by multiple major malware loader operations, including IcedID, Pikabot, Trickbot, Bumblebee, Smokeloader, and SystemBC. The action, which occurred between May 27 and 29, 2024, involved 16 location searches across Europe and led to the arrest of four individuals, one in…
Read MoreMay 30, 2024NewsroomCredential Stuffing / Incident Response Okta is warning that a cross-origin authentication feature in Customer Identity Cloud (CIC) is susceptible to credential stuffing attacks orchestrated by threat actors. “We observed that the endpoints used to support the cross-origin authentication feature being attacked via credential stuffing for a number of our customers,” the Identity…
Read MoreEffective security awareness training The emphasis here is should probably be on effective. That’s because, according to Arctic Wolf, 88% of companies worldwide already have some form of IT security training in place, and another 10% are in the process of introducing such a program within the next 12 months. But not all security awareness training programs are equal.…
Read MoreMicrosoft Defender for Cloud Apps: Microsoft Defender for Cloud Apps is a full-featured CASB focused on protection for SaaS applications. It includes shadow IT discovery, visibility into cloud app usage, protection against app-based threats, information protection, and compliance assessments. Advanced capabilities include SaaS security posture management (SSPM), which enables security teams to improve the organization’s…
Read MoreHundreds of cybersecurity professionals, analysts and decision-makers came together earlier this month for ESET World 2024, a conference that showcased the company’s vision and technological advancements and featured a number of insightful talks about the latest trends in cybersecurity and beyond. The topics ran the gamut, but it’s safe to say that the subjects that…
Read MoreApply appropriate patches provided by FortiNet to vulnerable systems immediately after appropriate testing. (M1051: Update Software)o Safeguard 7.1: Establish and Maintain a Vulnerability Management Process: Establish and maintain a documented vulnerability management process for enterprise assets. Review and update documentation annually, or when significant enterprise changes occur that could impact this Safeguard.o Safeguard 7.4: Perform…
Read MoreCybercriminals are abusing Stack Overflow in an interesting approach to spreading malware—answering users’ questions by promoting a malicious PyPi package that installs Windows information-stealing malware. Sonatype researcher Ax Sharma (and a writer at BleepingComputer) discovered this new PyPi package is part of a previously known ‘Cool package’ campaign, named after a string in the package’s metadata,…
Read MoreMicrosoft has released the May 2024 non-security preview update for Windows 11 versions 22H2 and 23H2, which includes 32 fixes and changes. Among this cumulative update’s highlights, Microsoft mentions fixing an issue causing the Windows File Explorer to freeze when swiping from the screen edge after turning off edge swiping and a second bug fix…
Read MoreMicrosoft has released the optional KB5037849 Preview cumulative update for Windows 10 22H2 with nine fixes or changes. This release is primarily a maintenance release, fixing numerous bugs causing crashes or network connection issues. However, Microsoft released two new enterprise features and improved Chinese fonts and input. This cumulative update preview allows Windows admins and…
Read More