Microsoft Embraces “Lost and Found” in Cybersecurity: The Abandoned URL Case Summary of Main Points A case of privilege escalation has been discovered linked to a Microsoft Entra ID application The cybersecurity flaw was due to an abandoned reply URL that could be exploited by attackers An attacker could utilize this URL to redirect authorization
Read More
– Developers targeted in software supply chain attacks. – Malicious packages discovered on Rust programming language’s crate registry. – Libraries uploaded between August 14 and 16, 2023. – Published by a user named “amaperf.” – Names of the packages are not disclosed, as they have been taken down. A New Twist in Cyber Crime –
Read More
Cyber Attacks: Web Applications’ Biggest Nightmare • Rising Trend of Cyber Attacks on E-commerce Platforms With e-commerce becoming the new shop around the corner, businesses are finding more omnichannel ways to sell. But just like a “for sale” sign tempts shoplifters, this digital evolution is attracting some invisible threats, aka the cyber-attackers. Seems like these
Read More
An Updated KmsdBot Botnet Malware Targets IoT Devices An updated version of KmsdBot botnet malware is now aiming at vulnerable Internet of Things (IoT) devices, extending both its functionality and its scope of attack. Security analyst Larry W. Cashdollar at Akamai revealed in a recent analysis that the malware now incorporates support for Telnet scanning
Read More
When LockBit 3.0 Ransomware Takes a Twist Main Points The unintentional release of the LockBit 3.0 ransomware builder has resulted in its gross misuse by cyber villains who are developing new variants. Russian cybersecurity firm Kaspersky has unearthed an instance of ransomware that used a variant of LockBit but had an incredibly unique ransom request
Read More
Risky Scheme Hits Kroll Due to SIM Swapping Saga Here are the most important points about this tech hiccup: – On August 19, 2023, Kroll, a risk and financial advisory solutions provider, announced that one of its employees had been victimized by a “highly sophisticated” SIM swapping attack. – The attack targeted the employee’s T-Mobile
Read More
– Two U.K. teenagers have been convicted for being part of the LAPSUS$ hacking gang. – They were responsible for high-profile hacks and demands of ransom. – The teenagers, Arthur Kurtaj and an unnamed minor, were accused of stealing data from big tech firms. The Cyber Kiddos A pair of U.K. whizz kids, more accurately
Read More
Co-Piloting Your Data Safety with AI and ML: A Case of Comcast Main Points Business data is more than just numbers but can be used for profit and enhanced AI and Machine Learning (ML) threat detection. Companies like Comcast are effectively using their business data for AI and ML threat detection. Every business recognizes its
Read More
Dealing with the Inescapable Tech Debt and Cyber Threats – Every established company, except for the brand-new startups, typically has accrued some level of tech debt due to successive solutions implemented under different leadership over time. – Aging technologies can make your organization prone to cyber threats. – Replacing old tech can be expensive but
Read More
**Main Points:** – The FBI has issued a warning regarding Barracuda Networks Email Security Gateway (ESG) appliances. – Despite recent patches for a critical security flaw, these machines are still at risk of compromise from suspected Chinese hacking groups. – The Bureau brands the fix as “ineffective”, noting ongoing intrusions and considering all affected Barracuda
Read MoreNo products in the cart.