Month: August 2024
The State of Ransomware Palo Alto Networks published its semi-annual report on ransomware. From the Executive Summary: Unit 42 monitors ransomware and extortion leak sites closely to keep tabs on threat activity. We reviewed compromise announcements from 53 dedicated leak sites in the first half of 2024 and found 1,762 new posts. This averages to…
Read More
Aug 19, 2024Ravie LakshmananCloud Security / Threat Intelligence Malicious actors are using a cloud attack tool named Xeon Sender to conduct SMS phishing and spam campaigns on a large scale by abusing legitimate services. “Attackers can use Xeon to send messages through multiple software-as-a-service (SaaS) providers using valid credentials for the service providers,” SentinelOne security…
Read More
Ironically, the answer on updates is in large part because many enterprises have historically found CrowdStrike’s quality to be quite high. “We trusted them too far because they have been really good for too long,” Zalewski said, stressing that the decision was also made because enterprise IT was cutting back extensively. “We didn’t have the…
Read MoreAccess Denied You don’t have permission to access “http://cybersecurity.att.com/blogs/security-essentials/how-to-use-mailvelope-for-encrypted-email-on-gmail” on this server. Reference #18.e4d7ce17.1724061832.16b871f6 https://errors.edgesuite.net/18.e4d7ce17.1724061832.16b871f6 Source link lol
Read More
Aug 19, 2024Ravie LakshmananVulnerability / Zero-Day A newly patched security flaw in Microsoft Windows was exploited as a zero-day by Lazarus Group, a prolific state-sponsored actor affiliated with North Korea. The security vulnerability, tracked as CVE-2024-38193 (CVSS score: 7.8), has been described as a privilege escalation bug in the Windows Ancillary Function Driver (AFD.sys) for…
Read More
At one time, Microsoft created a custom version of Windows 10 in order to comply with and respond to the Chinese government’s concerns. There were rumors that Microsoft was slowly moving AI researchers out of China to Canada, but it’s unclear if that is what is truly going on. Almost every device has software at…
Read More
Aug 19, 2024Ravie LakshmananCybercrime / Network Security Cybersecurity researchers have discovered new infrastructure linked to a financially motivated threat actor known as FIN7. The two clusters of potential FIN7 activity “indicate communications inbound to FIN7 infrastructure from IP addresses assigned to Post Ltd (Russia) and SmartApe (Estonia), respectively,” Team Cymru said in a report published…
Read More
Lateral movement inside AWS environments In the hands of knowledgeable hackers, leaked secrets can be very powerful and dangerous. For example, the attackers behind this operation exhibited advanced knowledge of AWS APIs.After obtaining an AWS access key the attackers used it to run a GetCallerIdentity API call to verify the identity or role assigned to…
Read More
Windows 11 Build 27686 has a few noteworthy improvements, such as 2TB support for FAT32 storage. It also improves Windows Sandbox and offers greater control over HDR settings, but there’s an undocumented change – the ability to set power mode for different power states. As shown in the screenshot below, Windows 11 will finally let you set different…
Read More
Google will redact your credit card details, passwords and other sensitive information in Chrome when you’re sharing or recording your screen on Android. Google Chrome doesn’t allow you to capture anything when used in incognito mode, but that’s not the case in regular tabs. If you’re recording or sharing your screen, you’re also leaking your…
Read More