BlueBravo Deploys GraphicalProton Backdoor Against European Diplomatic Entities
The Russian nation-state actor known as BlueBravo has been observed targeting diplomatic entities throughout Eastern Europe with the goal of delivering a new backdoor called GraphicalProton, exemplifying the continuous evolution of the threat. The phishing campaign is characterized by the use of legitimate internet services (LIS) for command-and-control (C2) obfuscation, Recorded Future said in
L’art de protéger les secrets : 8 concepts essentiels pour les ingénieurs en sécurité
Les professionnels de la sécurité sont censés gérer cette liste sans cesse croissante de clés, de certificats et autres jetons sensibles avec la même fluidité et les mêmes garanties de sécurité, quelle que soit l’ampleur des opérations. Le problème est que la gestion des secrets reste un défi majeur pour les organisations.
Cyberattaques : la SEC impose un signalement aux entreprises cotées en Bourse
Le régulateur financier américain (SEC) adopte de nouvelles règles pour obliger les sociétés cotées en bourse à divulguer les incidents de cybersécurité en seulement quatre jours.
Cybersecurity Agencies Warn Against IDOR Bugs Exploited for Data Breaches
Cybersecurity agencies in Australia and the U.S. have published a joint cybersecurity advisory warning against security flaws in web applications that could be exploited by malicious actors to orchestrate data breach incidents and steal confidential data. This includes a specific class of bugs called Insecure Direct Object Reference (IDOR), a type of access control flaw that occurs […]
Major Security Flaw Discovered in Metabase BI Software – Urgent Update Required
Users of Metabase, a popular business intelligence and data visualization software package, are being advised to update to the latest version following the discovery of an « extremely severe » flaw that could result in pre-authenticated remote code execution on affected installations. Tracked as CVE-2023-38646, the issue impacts open-source editions prior to 0.46.6.1 and Metabase Enterprise
New Malvertising Campaign Distributing Trojanized IT Tools via Google and Bing Search Ads
A new malvertising campaign has been observed leveraging ads on Google Search and Bing to target users seeking IT tools like AnyDesk, Cisco AnyConnect VPN, and WinSCP, and trick them into downloading trojanized installers with an aim to breach enterprise networks and likely carry out future ransomware attacks. Dubbed Nitrogen, the « opportunistic » activity is designed to […]
The 4 Keys to Building Cloud Security Programs That Can Actually Shift Left
As cloud applications are built, tested and updated, they wind their way through an ever-complex series of different tools and teams. Across hundreds or even thousands of technologies that make up the patchwork quilt of development and cloud environments, security processes are all too often applied in only the final phases of software development. Placing […]
Hackers Target Apache Tomcat Servers for Mirai Botnet and Crypto Mining
Misconfigured and poorly secured Apache Tomcat servers are being targeted as part of a new campaign designed to deliver the Mirai botnet malware and cryptocurrency miners. The findings come courtesy of Aqua, which detected more than 800 attacks against its Tomcat server honeypots over a two-year time period, with 96% of the attacks linked to the Mirai […]
Group-IB Co-Founder Sentenced to 14 Years in Russian Prison for Alleged High Treason
A city court in Moscow on Wednesday convicted Group-IB co-founder and CEO Ilya Sachkov of « high treason » and jailed him for 14 years in a « strict regime colony » over accusations of passing information to foreign spies. « The court found Sachkov guilty under Article 275 of the Russian Criminal Code (high treason) sentencing him to 14 […]
New SEC Rules Require U.S. Companies to Reveal Cyber Attacks Within 4 Days
The U.S. Securities and Exchange Commission (SEC) on Wednesday approved new rules that require publicly traded companies to publicize details of a cyber attack within four days of identifying that it has a « material » impact on their finances, marking a major shift in how computer breaches are disclosed. « Whether a company loses a factory in […]