Threat actors were found breaching AWS accounts using authentication secrets leaked as plaintext in Atlassian Bitbucket artifact objects. The issue was discovered by Mandiant, who was investigating a recent exposure of Amazon Web Services (AWS) secrets that threat actors used to gain access to AWS. Although the issue was discovered in the context of an investigation, it illustrates how data previously…
Read More
The arrival of new AI-powered capabilities and technologies such as XDR have the potential to enable faster detection of threats than was previously possible, according to executives from both companies. Cisco and Palo Alto Networks may have an intensifying rivalry in the market for security operations tools, but executives from both companies agree on this:…
Read More
Rockwell Automation warned customers to disconnect all industrial control systems (ICSs) not designed for online exposure from the Internet due to increasing malicious activity worldwide. Network defenders should never configure such devices to allow remote connections from systems outside the local network. By taking them offline, they can drastically reduce their organizations’ attack surface. This…
Read More
May 21, 2024NewsroomVulnerability / Software Development GitHub has rolled out fixes to address a maximum severity flaw in the GitHub Enterprise Server (GHES) that could allow an attacker to bypass authentication protections. Tracked as CVE-2024-4985 (CVSS score: 10.0), the issue could permit unauthorized access to an instance without requiring prior authentication. “On instances that use…
Read More
Memcyco Inc., provider of digital trust technology designed to protect companies and their customers from digital impersonation fraud, released its inaugural 2024 State of Website Impersonation Scams report. Notably, Memcyco’s research indicates that the majority of companies do not have adequate solutions to counter digital impersonation fraud, and that most only learn about attacks from…
Read More
US businesses are believed to have recruited thousands of North Korean IT workers, sending earnings (and potentially data) to North Korea. This week, an American woman named Christina Marie Chapman was arrested in Arizona. She is accused of being part of an elaborate scheme that generated almost US $7 million in funds for North Korea,…
Read More
Image: Shutterstock. Apple and the satellite-based broadband service Starlink each recently took steps to address new research into the potential security and privacy implications of how their services geo-locate devices. Researchers from the University of Maryland say they relied on publicly available data from Apple to track the location of billions of devices globally —…
Read More
Despite being one of the top SIEM tools for years, IBM QRadar is ‘basically surrendering—in the transition to the cloud—to another vendor,’ a Forrester analyst tells me. The deal was announced the same day as another surprise move in the market, in a sign of the fading fortunes of traditional SIEM vendors. If last week’s…
Read More
Paul Raffile was in national security and corporate threat assessment before (almost) running human exploitation investigations for a major social media company (therein lies this week’s tale). He talked with us about this “silent epidemic” and vanishing job offers. In this week’s Tinfoil Swan, we reiterate the need for “no-shame” conversations about what we do…
Read More
“We’re going to have a big refresh moment,” Microsoft VP Mark Linton tells CRN in an interview. Copilot+ PCs, which Microsoft bills as “the fastest, most intelligent Windows PCs ever built,” carry a massive partner opportunity as Windows 10 end of support spurs customers into looking at buying new devices. “We’re going to have a…
Read More