Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

After shutting down a ‘phishing-as-a-service’ operation that impacted thousands of victims in 43 countries, INTERPOL recently noted, “Cyberattacks such as phishing may be borderless and virtual in nature, but their impact on victims is real and devastating.” Business email compromise (BEC), a type of malware-less attack that tricks recipients into transferring funds — for example — has cost victims worldwide more than $50 billion, according to the FBI.

The Trusted Information Security Assessment Exchange (TISAX) is the certification process for engaging in the Verband der Automobilindustrie (VDA), the German Association of the Automotive Industry, Information Security Assessment (ISA). The ENX Association, a collection of automobile manufacturers, suppliers, and four national automotive associations, established TISAX to create an overarching industry standard and make reporting more efficient.

This is the first of a series of posts about ways we use Tines at Tines to simplify our processes. I’m Izabela from the engineering team and will share how we improve the on-call experience with our own product. When it comes to on-call, there are differing views. For some, it comes as an easy and enjoyable task. For others, a stressful time on their calendars. At Tines, we have two types of on-call: daytime and out-of-hours.

There are three vulnerabilities impacting Ivanti Endpoint Manager Mobile (EPMM), formerly known as MobileIron Core: CVE-2023-35078 and CVE-2023-35082, which both enable authenticated bypass for unauthorized access; and CVE-2023-35081, which allows directory traversal with privilege escalation and arbitrary file write. These Ivanti EPMM vulnerabilities have been observed in active cyber attacks on systems using the affected versions.

Hello Teleport Community, Our team has just returned from Hacker Summer Camp (bSides Las Vegas, Blackhat and DEFCON). I met many customers, OSS users, hackers and security engineers at bSides. I had lots of great conversations at the bSides, and it was good to chat with both red and blue teams. This month’s newsletter is a review of some of my conversations from the week.

Cloud takeover campaign targets top-level executives, Rhysida ransomware threatens the healthcare sector, and LOLKEK ransomware continues to evolve.

On April 21st, 2023, AT&T Managed Extended Detection and Response (MXDR) investigated an attempted ransomware attack on one of our clients, a home improvement business. The investigation revealed the attacker used AuKill malware on the client's print server to disable the server's installed EDR solution, SentinelOne, by brute forcing an administrator account and downgrading a driver to a vulnerable version.

AT&T Alien Labs researchers recently discovered a massive campaign of threats delivering a proxy server application to Windows machines. A company is charging for proxy service on traffic that goes through those machines. This is a continuation of research described in our blog on Mac systems turned into proxy exit nodes by AdLoad.

From ChatGPT to DALL-E to Grammarly, there are countless ways to leverage generative AI (GenAI) to simplify everyday life. Whether you’re looking to cut down on busywork, create stunning visual content, or compose impeccable emails, GenAI’s got you covered—however, it’s vital to keep a close eye on your sensitive data at all times.

The past three months witnessed several notable changes impacting privacy obligations for businesses. Coming into the second quarter of 2023, the privacy space was poised for action. In the US, state lawmakers worked to push through comprehensive privacy legislation on an unprecedented scale, we saw a major focus on children's data and health data as areas of concern, and AI regulation took center stage as we examined the intersection of data privacy and AI growth.