Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In June 2022, Cyberint observed a new hacktivist campaign targeting multiple Israeli organizations and enterprises coordinated via different social media platforms. The campaign is led by hacktivists originating in a group called GhostSec. GhostSec was first identified in 2015 and was initially founded to attack ISIS in the cyber realm as part of the fight against Islamic extremism.

The JFrog Security research team continuously monitors popular open-source software (OSS) repositories with our automated tooling to avert potential software supply chain security threats, and reports any vulnerabilities or malicious packages discovered to repository maintainers and the wider community. At times, we notice trends that are worth analyzing and learning from.

In the early 2000s, Lockheed Martin defined the cyberattack chain framework to identify what adversaries must complete in order to achieve their objective. Today, we look at how the growing sophistication of adversaries and sheer number of threats is intensifying pressure on CISOs and IT teams and is increasing their workloads, which all has negative impacts on businesses and organizations.

Temperatures rose in June, and the threat of serious cyber attacks soared along with them. The start of summer saw revelations of major breaches in confidential medical information, a case study for changing-up hacked passwords, another round of victimization for people whose data has already been sold once before, and one high-profile threat to undermine an entire democracy. Let’s take a closer look at these troubling instances, plus one controversial effort to rein in the crimewave.

During the recent Rootedcon conference in Spain, we delivered a talk about ransomware, and this blog post serves as a commentary of the insights presented about Ransomware as a Service (RaaS): how it really works; how the threat actors operate these attacks; and how organizations can analyze the attacks and take preemptive measures in the event of future attacks.

Apple has previewed a new feature which aims to harden high-risk users from the serious threat of being spied upon by enemy states and intelligence agencies. “Lockdown Mode” is scheduled to arrive later this year with the release of Apple iOS 16 and macOS Ventura. It’s an optional feature for users who believe their computers and smartphones face a real risk of being targeted by sophisticated state-sponsored spyware.

While the attack needed for such a single-click account takeover would be complex, the research by Frans Rosén, Security Advisor at Detectify, discovered that some of the most popular consumer and business websites in the world currently are not following the OAuth specification best practices and thus are vulnerable to the attack chain. Rosén recently undertook extensive research on how OAuth tokens could be stolen.

CI/CD pipeline attacks are a growing threat to enterprise security. In this article, we’ll provide an overview of CI/CD for non-developers, discuss the cybersecurity issues involved, and offer some recommendations for developers, companies, and security teams.

Cyberattacks often target the retail sector, although many of these threats are aimed at the e-commerce channel, businesses have also reported incidents where in-store Wi-Fi access points and even IoT devices are exploited as attack vectors. This is reflected in several studies, which reveal that, together with the education sector, the fashion industry was one of the hardest hit last year and 60% of retail companies are at risk of suffering an attack.