Author: nlqip
Mar 13, 2024The Hacker NewsSaaS Security / Webinar Identities are the latest sweet spot for cybercriminals, now heavily targeting SaaS applications that are especially vulnerable in this attack vector. The use of SaaS applications involves a wide range of identities, including human and non-human, such as service accounts, API keys, and OAuth authorizations. Consequently, any…
Read More
Well, here’s a shocker. Incognito Market, a darknet platform connecting sellers of narcotics to potential buyers, has turned out to be not entirely trustworthy. Drug vendors and buyers alike are being extorted. They are being threatened that their supposedly secure (and in some cases supposedly deleted) private chats will be made public unless they give…
Read More
Mar 13, 2024NewsroomPhishing Attack / Threat Intelligence A new phishing campaign has been observed delivering remote access trojans (RAT) such as VCURMS and STRRAT by means of a malicious Java-based downloader. “The attackers stored malware on public services like Amazon Web Services (AWS) and GitHub, employing a commercial protector to avoid detection of the malware,”…
Read More
Streaming company Roku has revealed that over 15,000 customers’ accounts were hacked using stolen login credentials from unrelated data breaches. In data breach notices to the Attorneys General for Maine and California, Roku said hackers accessed the accounts of 15,363 US residents in a campaign that lasted from December 28, 2023, to February 21, 2024.…
Read More
Configuring alerts The primary reason to have a modern SIEM is for sophisticated real-time monitoring of your systems. But that has little value unless a human is monitoring the system for alerts or notifications (in the form of emails, text messages, or push notifications to mobile devices). The problem with alerts and notifications, as any…
Read More
Mar 13, 2024NewsroomPatch Tuesday / Software Update Microsoft on Tuesday released its monthly security update, addressing 61 different security flaws spanning its software, including two critical issues impacting Windows Hyper-V that could lead to denial-of-service (DoS) and remote code execution. Of the 61 vulnerabilities, two are rated Critical, 58 are rated Important, and one is…
Read More
Critical Infrastructure What cyberthreats could wreak havoc on elections this year and how worried should we as voters be about the integrity of our voting systems? 12 Mar 2024 • , 4 min. read This year, billions of people will go to the polls to decide their next political leaders. From India to the US,…
Read MoreApply the stable channel update provided by Adobe to vulnerable systems immediately after appropriate testing. (M1051: Update Software)o Safeguard 7.1 : Establish and Maintain a Vulnerability Management Process: Establish and maintain a documented vulnerability management process for enterprise assets. Review and update documentation annually, or when significant enterprise changes occur that could impact this Safeguard.o…
Read MoreMS-ISAC ADVISORY NUMBER: 2024-027 DATE(S) ISSUED: 03/12/2024 OVERVIEW: Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or…
Read More
There’s no shortage of cybersecurity tools for today’s Security Operations Centers (SOCs). As it turns out, however, that’s part of the problem in addressing the overwhelming task of monitoring, detecting, and responding to potential threats. This is the hangover from layered security strategies that have evolved as computer environments expanded from mainframes to encompass client-server…
Read More