Cloud Attacks Are Bypassing MFA, Feds Warn
CISA has issued an alert warning that cloud services at U.S. organizations are being actively and successfully targeted.
Source: Threat Post –
[...]
attacks
Catch the Unknown Cyber-Attacks with Threat Hunting
The “reactive trend” of Cyberthreat monitoring is a very essential issue since it demonstrates that most organizations don’t hunt until the event is
[...]
DoJ's Microsoft 365 Email Accounts Compromised in SolarWinds Attacks
Three percent of email accounts were breached, the Department of Justice reports.
Source: Dark Reading – Threat Intelligence – DoJ’s Microsoft 365
[...]
FBI warns of Swatting Attacks Targeting smart home devices with voice and video Capabilities
The Federal Bureau of Investigation (FBI) issued a notice, to warn users of smart home devices with cameras and voice capabilities to use
[...]
Third-Party APIs: How to Prevent Enumeration Attacks
Jason Kent, hacker-in-residence at Cequence, walks through online-retail card fraud and what to do about it.
Source: Threat Post – Web Security
[...]
NSA Warns of Cloud Attacks on Authentication Mechanisms
The US National Security Agency (NSA) published a security advisory, warning about two techniques abused by threat actors for escalating attacks from local
[...]
FBI Warns of DoppelPaymer Attacks on Critical Infrastructure
The operators behind DoppelPaymer have begun calling victims to pressure them into paying ransom, officials say.
Source: Dark Reading – Threat Intelligence
[...]
'SocGholish' Attack Framework Powers Surge in Drive-By Attacks
Menlo Labs research team says framework’s social engineering toolkit helps criminals impersonate software updates.
Source: Dark Reading – Threat Intelligence – ‘SocGholish’
[...]
PgMiner Botnet Attacks PostgreSQL Databases to Install a Cryptocurrency Miner
Unit 42 researchers at Paloalto discovered a cryptocurrency mining botnet named “PGMiner”. It is a Linux based cryptocurrency botnet that exploits a disputed
[...]
Defending the Intelligent Edge from Evolving Attacks
Fortinet’s Aamir Lakhani discusses best practices for securing company data against next-gen threats, like edge access trojans (EATs).
Source: Threat Post –
[...]