Sumo Logic reported a security breach on November 3, 2023, due to a compromised credential that allowed unauthorized AWS account access.

In a recently released Cybersecurity Advisory, the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) highlighted the most common cybersecurity misconfigurations in large organizations identified through blue team and red team assessments. The advisory stated that these misconfigurations illustrate systemic weakness in many large organizations, including those with mature cyber postures.

Our friends at BlackBerry recently released an in-depth blog post on a campaign by threat actors targeting online payment businesses that discusses what happens from initial compromise to the skimmer scripts themselves. You can read their blog here. This blog is focused on what we found across the AT&T Cybersecurity customer base as we looked for the indicators of compromise (IOCs) identified in the BlackBerry blog and on the quick-follow up analysis we performed and provided to our customers.

In this blog, we'll take a look at the well-known Sunburst attack of 2018 and how the specific charges stemming from this attack will impact Chief Information Security Officers (CISOs) moving forward. As a CISO, it’s my job to ensure that KnowBe4's information systems and data, including our customer’s data, remain protected from any and all cyber attacks. The state of any organization’s cybersecurity rests with the CISO (if they have one).

OpenAI has suffered a successful DDoS attack following the first-ever DevDay—where OpenAI announced ChatGPT-4 Turbo and the GPT Store. OpenAI’s ChatGPT launch was nearly a year ago and has since become the mainstream solution for AI tasks. The software hosts a hearty 180.5 million users, many of whom use the software for professional tasks. The DDoS attack is alarming, not because it happened, but because of who claims the event—Russian-backed Anonymous Sudan.

This week, a variety of cyberattacks and victims have appeared. The pilot union Allied Pilots Association (APA), representing American Airlines pilots, disclosed a ransomware attack early in the week. An active ransomware attack unfolded by Tuesday, targeting LEGO fanatic website BrickLink. Sand LifeStyle members also had exposed data following a breach in Singapore’s Marina Bay Sands resort network.

In a recent official advisory, the FBI warned about the threat of callback phishing (among other threats). Below is the relevant excerpt. If you are not familiar with callback phishing, it is usually a phishing email that arrives into a user’s email inbox, containing some sort of usual phishing message requiring the user’s urgent response. But unlike traditional email phishing, it does not contain a URL linked to a malicious site or content.