What’s the Difference Between CSPM & SSPM? – post by LinkCyb
Cloud Security Posture Management (CSPM) and SaaS Security Posture Management (SSPM) are frequently confused. The similarity of the acronyms notwithstanding, both security solutions focus on securing data in the cloud. In a world where the terms cloud and SaaS are used interchangeably, this confusion is understandable. This confusion, though, is dangerous to organizations that need to secure
Google Uncovers APT41’s Use of Open Source GC2 Tool to Target Media and Job Sites – post by LinkCyb
A Chinese nation-state group targeted an unnamed Taiwanese media organization to deliver an open source red teaming tool known as Google Command and Control (GC2) amid broader abuse of Google’s infrastructure for malicious ends. The tech giant’s Threat Analysis Group (TAG) attributed the campaign to a threat actor it tracks under the geological and geographical-themed moniker HOODOO, which is
Tour of the Underground: Master the Art of Dark Web Intelligence Gathering – post by LinkCyb
The Deep, Dark Web – The Underground – is a haven for cybercriminals, teeming with tools and resources to launch attacks for financial gain, political motives, and other causes. But did you know that the underground also offers a goldmine of threat intelligence and information that can be harnessed to bolster your cyber defense strategies? […]
Vice Society Ransomware Using Stealthy PowerShell Tool for Data Exfiltration – post by LinkCyb
Threat actors associated with the Vice Society ransomware gang have been observed using a bespoke PowerShell-based tool to fly under the radar and automate the process of exfiltrating data from compromised networks. “Threat actors (TAs) using built-in data exfiltration methods like [living off the land binaries and scripts] negate the need to bring in external tools that might […]
New Zaraza Bot Credential-Stealer Sold on Telegram Targeting 38 Web Browsers – post by LinkCyb
A novel credential-stealing malware called Zaraza bot is being offered for sale on Telegram while also using the popular messaging service as a command-and-control (C2). “Zaraza bot targets a large number of web browsers and is being actively distributed on a Russian Telegram hacker channel popular with threat actors,” cybersecurity company Uptycs said in a report published last week. “Once the
Google Releases Urgent Chrome Update to Fix Actively Exploited Zero-Day Vulnerability – post by LinkCyb
Google on Friday released out-of-band updates to resolve an actively exploited zero-day flaw in its Chrome web browser, making it the first such bug to be addressed since the start of the year. Tracked as CVE-2023-2033, the high-severity vulnerability has been described as a type confusion issue in the V8 JavaScript engine. Clement Lecigne of Google’s Threat Analysis […]
Russia-Linked Hackers Launches Espionage Attacks on Foreign Diplomatic Entities – post by LinkCyb
The Russia-linked APT29 (aka Cozy Bear) threat actor has been attributed to an ongoing cyber espionage campaign targeting foreign ministries and diplomatic entities located in NATO member states, the European Union, and Africa. According to Poland’s Military Counterintelligence Service and the CERT Polska team, the observed activity shares tactical overlaps with a cluster tracked by Microsoft as
Kodi Confirms Data Breach: 400K User Records and Private Messages Stolen – post by LinkCyb
Open source media player software provider Kodi has confirmed a data breach after threat actors stole the company’s MyBB forum database containing user data and private messages. What’s more, the unknown threat actors attempted to sell the data dump comprising 400,635 Kodi users on the now-defunct BreachForums cybercrime marketplace. “MyBB admin logs show the account of a trusted but currently
Severe Android and Novi Survey Vulnerabilities Under Active Exploitation – post by LinkCyb
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The two flaws are listed below – CVE-2023-20963 (CVSS score: 7.8) – Android Framework Privilege Escalation Vulnerability CVE-2023-29492 (CVSS score: TBD) – Novi Survey Insecure Deserialization Vulnerability
Webinar: Tips from MSSPs to MSSPs – Building a Profitable vCISO Practice – post by LinkCyb
In today’s fast-paced and ever-changing digital landscape, businesses of all sizes face a myriad of cybersecurity threats. Putting in place the right people, technological tools and services, MSSPs are in a great position to ensure their customers’ cyber resilience. The growing need of SMEs and SMBs for structured cybersecurity services can be leveraged by MSPs […]