GhostToken Flaw Could Let Attackers Hide Malicious Apps in Google Cloud Platform – Article by Linkcyb Team
Apr 21, 2023Ravie LakshmananCloud Security / Vulnerability Cybersecurity researchers have disclosed details of a now-patched zero-day flaw in Google Cloud Platform (GCP) that could have enabled threat actors to conceal an unremovable, malicious application inside a victim’s Google account. Dubbed GhostToken by Israeli cybersecurity startup Astrix Security, the shortcoming impacts all Google accounts, including enterprise-focused […]
14 Kubernetes and Cloud Security Challenges and How to Solve Them – Article by Linkcyb Team
Recently, Andrew Martin, founder and CEO of ControlPlane, released a report entitled Cloud Native and Kubernetes Security Predictions 2023. These predictions underscore the rapidly evolving landscape of Kubernetes and cloud security, emphasizing the need for organizations to stay informed and adopt comprehensive security solutions to protect their digital assets. In response, Uptycs, the first unified […]
Elon Musk Targeted By Anonymous Sudan – Article by Linkcyb Team
Anonymous Sudan has claimed to attack Twitter, demanding to bring Starlink to Sudan. Sharing a screenshot of the Twitter website displaying the “This page is down” message on their Telegram channel, the group stated that through this attack, they are sending a message to Elon Musk to bring Starlink in Sudan. Several Twitter users reported […]
The War on Passwords Enters a Chaotic New Phase – post by LinkCyb
There was never a question that it would take years to transition the world away from passwords. The digital authentication technology, though deeply flawed, is pervasive and inveterate. Over the last five years, though, the secure-authentication industry association known as the FIDO Alliance has been making real progress promoting “passkeys,” a password-less alternative for signing […]
Did you mistakenly sell your network access? – Week in security with Tony Anscombe
Many routers that are offered for resale contain sensitive corporate information and allow third-party connections to corporate networks Did you mistakenly sell access to your network when you sold a decommissioned router? Recently, ESET researchers purchased several used core routers to set up a test environment, only to find that, in many cases, the previously […]
N.K. Hackers Employ Matryoshka Doll-Style Cascading Supply Chain Attack on 3CX – Article by Linkcyb Team
The supply chain attack targeting 3CX was the result of a prior supply chain compromise associated with a different company, demonstrating a new level of sophistication with North Korean threat actors. Google-owned Mandiant, which is tracking the attack event under the moniker UNC4736, said the incident marks the first time it has seen a “software […]
Indian Cyber Mafia Targeting Indonesia Triggers Reactions – Article by Linkcyb Team
A new group of hackers, which calls itself the ‘Indian Cyber Mafia’, has allegedly launched cyberattacks on Indonesian universities. This was in retaliation to hacking by Indonesian groups on Indian entities, a post by the Indian Cyber Mafia on the dark web stated. Cybersecurity researcher and analyst Dominic Alvieri confirmed with The Cyber Express that […]
Can you really have fun with FORTRAN? – Naked Security – Article by Linkcyb Team
DOUG. Juicejacking, public psychotherapy, and Fun with FORTRAN. All that and more on the Naked Security podcast. [MUSICAL MODEM] Welcome to the podcast, everybody. I am Doug Aamoth; he is Paul Ducklin. Paul, how do you do today, Sir? DUCK. I’m very well, Douglas. I’m intrigued by your phrase “Fun with FORTRAN”. Now, I do know FORTRAN […]
The Huge 3CX Breach Was Actually 2 Linked Supply Chain Attacks – post by LinkCyb
The cybersecurity industry has scrambled in recent weeks to understand the origins and fallout of the breach of 3CX, a VoIP provider whose software was corrupted by North Korea–linked hackers in a supply chain attack that seeded out malware to potentially hundreds of thousands of its customers. Cybersecurity firm Mandiant now has an answer to […]
Members of congress affected by data breach – Article by Linkcyb Team
DC Health Link, the provider of health insurance for those in the United States (US) Government, has suffered a data breach that affects over 50,000 people. The breach, which took place on March 6, saw an unauthorized party gain access to the data of 56,415 current and past customers of DC Health Link, including 585 […]