Uncovering (and Understanding) the Hidden Risks of SaaS Apps – post by LinkCyb
Recent data breaches across CircleCI, LastPass, and Okta underscore a common theme: The enterprise SaaS stacks connected to these industry-leading apps can be at serious risk for compromise. CircleCI, for example, plays an integral, SaaS-to-SaaS role for SaaS app development. Similarly, tens of thousands of organizations rely on Okta and LastPass security roles for SaaS […]
Pakistani Hackers Use Linux Malware Poseidon to Target Indian Government Agencies – post by LinkCyb
Apr 19, 2023Ravie LakshmananLinux / Malware The Pakistan-based advanced persistent threat (APT) actor known as Transparent Tribe used a two-factor authentication (2FA) tool used by Indian government agencies as a ruse to deliver a new Linux backdoor called Poseidon. “Poseidon is a second-stage payload malware associated with Transparent Tribe,” Uptycs security researcher Tejaswini Sandapolla said […]
How ChatGPT—and Bots Like It—Can Spread Malware – post by LinkCyb
However, these protections aren’t too difficult to get around: ChatGPT can certainly code, and it can certainly compose emails. Even if it doesn’t know it’s writing malware, it can be prompted into producing something like it. There are already signs that cybercriminals are working to get around the safety measures that have been put in […]
U.S. and U.K. Warn of Russian Hackers Exploiting Cisco Router Flaws for Espionage – post by LinkCyb
Apr 19, 2023Ravie LakshmananNetwork Security / Cyber Espionage U.K. and U.S. cybersecurity and intelligence agencies have warned of Russian nation-state actors exploiting now-patched flaws in networking equipment from Cisco to conduct reconnaissance and deploy malware against select targets. The intrusions, per the authorities, took place in 2021 and targeted a small number of entities in […]
Iranian Government-Backed Hackers Targeting U.S. Energy and Transit Systems – post by LinkCyb
Apr 19, 2023Ravie LakshmananCyber Threat / SCADA An Iranian government-backed actor known as Mint Sandstorm has been linked to attacks aimed at critical infrastructure in the U.S. between late 2021 to mid-2022. “This Mint Sandstorm subgroup is technically and operationally mature, capable of developing bespoke tooling and quickly weaponizing N-day vulnerabilities, and has demonstrated agility […]
Critical Flaws in vm2 JavaScript Library Can Lead to Remote Code Execution – post by LinkCyb
Apr 19, 2023Ravie LakshmananSandbox / Software Security A fresh round of patches has been made available for the vm2 JavaScript library to address two critical flaws that could be exploited to break out of sandbox protections and achieve code execution. Both the flaws – CVE-2023-29199 and CVE-2023-30547 – are rated 9.8 out of 10 on […]
YouTube Videos Distributing Aurora Stealer Malware via Highly Evasive Loader – post by LinkCyb
Apr 18, 2023Ravie LakshmananThreat Intelligence / Cyber Risk Cybersecurity researchers have detailed the inner workings of a highly evasive loader named “in2al5d p3in4er” (read: invalid printer) that’s used to deliver the Aurora information stealer malware. “The in2al5d p3in4er loader is compiled with Embarcadero RAD Studio and targets endpoint workstations using advanced anti-VM (virtual machine) technique,” […]
When will AI be integrated into cyber security? – post by LinkCyb
ChatGPT, a machine learning (ML)-powered chatbot, is rapidly growing across all sectors. The app’s developer, OpenAI, reported that it gained one million users in just five days. The app has now been visited over two billion times, according to research by Similarweb. This being said, concerns have been raised about the use of the intelligent […]
Goldoson Android Malware Infects Over 100 Million Google Play Store Downloads – post by LinkCyb
Apr 18, 2023Ravie LakshmananMobile Security / Hacking h A new Android malware strain named Goldoson has been detected in the official Google Play Store spanning more than 60 legitimate apps that collectively have over 100 million downloads. An additional eight million installations have been tracked through ONE store, a leading third-party app storefront in South […]
DFIR via XDR: How to expedite your investigations with a DFIRent approach – post by LinkCyb
Rapid technological evolution requires security that is resilient, up to date and adaptable. In this article, we will cover the transformation in the field of DFIR (digital forensics and incident response) in the last couple years, focusing on the digital forensics’ aspect and how XDR fits into the picture. Before we dive into the details, […]