Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The MOVEIt data breach continues to impact a number of both private and government groups across the US and Europe by exposing confidential data. With breaches like this becoming increasingly common, it can be easy to blame advanced persistent threat (APT) groups and other malicious actors; however, there is a valuable lesson to learn from the MOVEit breach: it is essential to be proactive about these threats, Not doing so may lead to a breach.

In quick succession at the end of May into mid-June, software developer Progress released three advisories that any customers using its popular managed file transfer (MFT) solution MOVEit should immediately update to the latest release. In this time, they were made aware of three critical vulnerabilities, CVE-2023-34362 on May 31, CVE-2023-35036 on June 9, and CVE-2023-35708 on June 15.

The U.S. Federal Trade Commission (FTC) has published a data spotlight outlining the most common text message scams in 2022. Below are the top five text scams reported by the FTC: Phony bank fraud prevention alerts were the most common type of text scam last year.

A researcher was alerted to a fake website containing fake quotes that appeared to be written by himself. The age of generative artificial intelligence (AI) toying with our public personas has truly arrived. As cybersecurity professionals we must ask, what are the implications of fake-news-at-scale-and-quality for individuals and organizations?

If you’re busy securing the perimeter, mandating strong authentication practices, and restricting software downloads, you may be missing the mark. (Just to be clear: if you are doing those things, keep it up. You’re off to a good start, and none of what follows here replaces classic and vital cybersecurity measures.) Protecting your organization from outside threats is foundational to any effective cybersecurity strategy.

In the early days of computer networking, the idea of restricted permissions was shunned. Network administrators could access every system in the environment. In some extreme cases, a CEO would demand full administrative access to a network, thinking that this would protect against a rogue employee. As you can imagine, this set up a point of failure beyond logic.

Chinese hackers use DNS-over-HTTPS for Linux malware communication, a new Golang-based Skuld malware strand steals Discord and browser data from Windows PCs, and a massive phishing campaign uses 6,000 sites to impersonate brands.

Netskope Threat Labs is tracking phishing campaigns targeting customers of seven different financial institutions across North, Central, and Latin America, aiming to steal their credentials to make fraudulent transactions. Attackers are abusing the Royal Web Hosting company, which provides a free web hosting plan, to host the malicious pages.

In the December of last year, we reported CVE-2022-1471 to you. This unsafe deserialization problem could easily lead to arbitrary code execution under the right circumstances. In the deep-dive blog post “Unsafe deserialization vulnerability in SnakeYaml (CVE-2022-1471)”, I explained the problems in this library and how it could be executed. The gist of the problem was that by default SnakeYaml parsed the incoming yaml to the generic object type.

The Bank of NY Mellon is one of the largest financial institutions in the world and the largest custodian bank in the world. The company is based in 35 countries, manages $1.9 Trillion in assets, and generates more than $16 Billion in annual revenue. This mammoth bank just suffered from a data breach that exposed consumer data to the public. The data taken could result in identity theft issues and more. The Emerson Law Firm is currently investigating this data breach.