AT&T Alien Labs does a tremendous job of developing and maintaining a database of observed Indicators of Compromise (IOC) that have been involved with at least one customer through the Open Threat Exchange (OTX).
During the course of 2022, SecurityScorecard has been tracking multiple DDoS campaigns that have been targeting entities within the Ukrainian government, as well as other European government targets that are perceived to be allied with Ukraine government interests. One of the groups at the forefront of these DDoS attacks is the hacking collective known as KillNet.
Snyk recently discovered overt 200 malicious packages in the npm registry. While we acknowledge that vulnerability fatigue is an issue for developers, this article is not about the typical case of typosquatting or random malicious package. This article shares the findings of targeted attacks aimed at businesses and corporations that Snyk was able to detect and share the insights.
When relying on a 3rd-party package from a non-commercial entity, there is always the risk of lack of support, especially when it comes to outdated packages and versions. If the package stops being maintained, nobody will implement a new feature we might need or fix a newly-discovered security vulnerability. Consider, for example, CVE-2019-17571. A critical remote code vulnerability which was never fixed in Log4j 1.x, since it was not supported anymore, and only fixed in Log4j 2.x.
Many modern businesses in almost every sector of the economy are adopting the latest technologies for greater connectivity and efficiency. However, while many of these technologies offer myriad benefits, they can also create new cybersecurity vulnerabilities. While much of the focus has remained on manufacturers and how they can bolster their cybersecurity efforts, another group of businesses also needs to improve their cybersecurity.
Content Security Policy (CSP) is a W3C standard that helps defend web applications against cross-site scripting (XSS), clickjacking, and other code injection attacks. CSP is often deployed by using an HTTP header (or, less commonly, a element) to specify which types of resources are allowed to load on your site and where those resources can come from.
Multi-factor authentication (MFA) exploits and countermeasure tooling are evolving in real time and at a rapid pace. Some threat actors aim to bypass this security feature for financial gain, while other groups seek to control the flow of information.
Read also: Conti threatens to overthrow the Costa Rican government, the US warns of risks of hiring North Korean tech workers, and more.
Spoofing attacks are on the rise. What is a spoofing attack, you ask? Essentially, it attempts to gain unauthorised access to systems, devices or networks by masquerading as a valid user. In other words, spoofing attackers try to mimic or copy the behaviour of authorised users to steal information or gain access.