News
News (2850)
Thursday, 22 June 2023 09:26
Flaw in MS Azure AD OAuth Could Allow for Complete Account Take Over
Written by Sean Kalinich
Microsoft’s Azure AD, the cloud-based flavor of the on-premises service is an interesting construct. On the surface you think that it has some decent protections enabled by default. The sad truth of the matter is that this is not the…
Read 667 times
Published in
News
Monday, 19 June 2023 14:04
New Info Stealer Malware, Mystic Stealer, can Target an Impressive 40 Web Browsers
Written by Sean Kalinich
There is nothing like hearing about a new information stealer on a Monday. In this case the malware in question goes by the name of Mystic Stealer and was first pushed onto the world in April of 2023. It boasts…
Read 633 times
Published in
News
Monday, 19 June 2023 11:19
Fragments of a New Sophisticated macOS Toolkit found in the Wild
Written by Sean Kalinich
As I have often said, the idea that an operating system, or brand of computer is somehow immune to attack or malware is just a false one. We have seen time and time again where attackers are all too capable…
Read 477 times
Published in
News
Monday, 19 June 2023 10:12
Microsoft Says June Azure Outages Caused by Coordinated DDoS Attack
Written by Sean Kalinich
According to a statement that Microsoft released on Friday, several outrages in their Azure environment were caused by a large-scale Distributed Denial of Service attack. The attack began in early June 2023 when “surges in traffic” began causing availability impacts.…
Read 760 times
Published in
News
Friday, 16 June 2023 13:15
DNS over HTTPS Tunneling Found in New Linux Backdoor from ChamelGang
Written by Sean Kalinich
There is a new threat in town from the ChamelGang. This new threat is a Linux backdoor that just been identified and shows that the threat group is expanding their capabilities. Identified by Stairwell and dubber ChamelDoH (for DNS over…
Read 725 times
Published in
News
Friday, 16 June 2023 10:41
Russian National Magomedovich Astamirov Arrested in Arizona Suspected of being a LockBit Affiliate
Written by Sean Kalinich
A 20-year-old Russian National Magomedovich Astamirov was arrested in Arizona and had his initial appearance in court yesterday. The arrest and charges come after a lengthy investigation into the Ransomware as a Service Group, LockBit. This is the second arrest…
Read 896 times
Published in
News
Friday, 16 June 2023 09:46
The MOVEit Saga continues, More Flaws found and Cl0p Begins to Extort Victims
Written by Sean Kalinich
Here we are with another story about MOVEit and just how bad things have gotten for the Managed File Transfer application and their parent company Progress Software. The group behind the attack, Cl0p ransomware gang, has started to extort the…
Read 572 times
Published in
News
Thursday, 15 June 2023 12:59
Microsoft Reveals new GRU Related Threat Group with Low Success Rate
Written by Sean Kalinich
On Wednesday Microsoft’s threat group unveiled information about a new Russian Threat Group with ties to the GRU. As part of the announcement, they also noted that the group has a low success rate and poor operational security. The group,…
Read 416 times
Published in
News
Thursday, 15 June 2023 11:38
Hygiene Matters as Abandoned S3 Buckets Used in New Supply Chain Attack
Written by Sean Kalinich
If there is one thing you can say about modern threat groups, it is that they are clever. The new tactics and techniques they identify, and implement are impressive. A recent technique identified is the use of abandoned S3 buckets.…
Read 698 times
Published in
News
Monday, 12 June 2023 13:53
Fortinet Pre-Authentication RCE flaw Found in SSL VPN Function
Written by Sean Kalinich
The last couple of months have been rather busy with the identification of critical vulnerabilities. Multiple Zero-Days were found in different pieces of software including Remote Code Execution, data modification and theft, and complete compromise of other devices that require…
Read 770 times
Published in
News
Monday, 12 June 2023 12:34
MOVIEit is having a Very Bad Week as more Flaw Found after Security Audit
Written by Sean Kalinich
MOVEit has been in the news quite a bit lately. First it was the disclosure of a Zero-Day that was actively being exploited since October 2022. Next up was the fact that the group exploiting the flaw was probably tinkering…
Read 653 times
Published in
News
Friday, 09 June 2023 14:59
Just When you Thought it was Safe to go Back to the Bank, Microsoft Finds Banking Attacks Targeting Financial Institutions
Written by Sean Kalinich
Although Banking, Mortgage, and other financial institutions are always under attack, it is never a good thing to see a coordinated campaign targeting them. Microsoft has disclosed once such campaign using Attacker (Adversary, Man)-in -the-Middle tactics for phishing and BEC…
Read 542 times
Published in
News
Friday, 09 June 2023 11:18
MOVEit Zero-Day May Have Been Known by Threat Groups Since 2021
Written by Sean Kalinich
In today’s episode of why we need to change how we do things; it has come to light that the critical MOVEit zero-day that allowed complete control over targeted file transfer platforms may have been identified by the Cl0p ransomware…
Read 878 times
Published in
News
Thursday, 08 June 2023 16:03
Bring on the Ransomware Beta Test as Royal Begins Seems to be testing a New Encryptor called BlackSuit
Written by Sean Kalinich
The fine folks at the Royal ransomware group have begun testing a new flavor of encryptor that is being called BlackSuit (The hat was already taken). First identified in January of this year (2023), Royal is believed to be Conti…
Read 1203 times
Published in
News
Thursday, 08 June 2023 15:12
Google and Microsoft Share a Zero Day as both Chrome and Edge get Patch Now Guidance.
Written by Sean Kalinich
Google has pushed out a new patch for Chrome to deal with a zero-day vulnerability tracked as CVE-2023-3079. In the patch release Google is clear that this vulnerability is actively being exploited in the wild and that users of both…
Read 1125 times
Published in
News
Thursday, 08 June 2023 12:33
Barracuda Email Security Gateway Appliances that were Exploited due to Zero-Day Must Be Replaced, not Patched
Written by Sean Kalinich
After the disclosure of a serious Zero-Day that allowed an unauthenticated user to basically own the device. Barracuda is now saying that remediation action for any device that was compromised is a full replacement regardless of the firmware version. It…
Read 592 times
Published in
News
Page 2 of 179