In Q1 2024, Check Point Research (CPR) witnessed a notable increase in the average number of cyber attacks per organization per week, reaching 1308. This marked a 5% increase from Q1 2023 and a 28% increase from the last quarter…
Category: EN
XZ backdoor story – Initial analysis
Kaspersky analysis of the backdoor recently found in XZ, which is used in many popular Linux distributions and in OpenSSH server process. This article has been indexed from Securelist Read the original article: XZ backdoor story – Initial analysis
Palo Alto Networks firewalls under attack, hotfixes incoming! (CVE-2024-3400)
Attackers are exploiting a command injection vulnerability (CVE-2024-3400) affecting Palo Alto Networks’ firewalls, the company has warned, and urged customers to implement temporary mitigations and get in touch to check whether their devices have been compromised. “Palo Alto Networks is…
Cado Security teams up with Wiz to accelerate forensic investigations and minimize cloud threats
Cado Security has uveiled its partnership with Wiz and joins Wiz Integration (WIN) Platform. Cado Security enhances WIN by bringing the power of the Cado Security platform to the partner ecosystem so that Wiz customers can seamlessly integrate Cado into…
Midnight Blizzard’s Microsoft Corporate Email Hack Threatens Federal Agencies: CISA Warns
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive concerning a breach in Microsoft’s corporate email system. The directive, ED 24-02, outlines the urgent steps required to mitigate the risks posed by Midnight Blizzard, a nation-state-sponsored cyber…
Palo Alto Networks enhances Cortex XSIAM to help SecOps teams identify cloud threats
Palo Alto Networks announced a new milestone in how security operations centers (SOC) secure the cloud. The new innovations as part of Cortex XSIAM for Cloud bolster the Palo Alto Networks Cortex XSIAM platform to natively deliver Cloud Detection and…
YouTube being used by hackers to spread Malware
When you’re casually browsing through YouTube channels and encounter a tempting link in the description, think twice before clicking. There’s a rising trend where these links can lead unsuspecting users straight into the jaws of malware. As the demand for…
Safeguarding Your Data: Strategies to Mitigate AI-Related Security Risks
In an age where data is king, the proliferation of artificial intelligence (AI) brings both promise and peril to the security of sensitive information. As AI systems become increasingly integrated into various aspects of our lives, from smart home devices…
French issue alerte rouge after local governments knocked offline by cyber attack
Embarrassing, as its officials are in the US to discuss Olympics cyber threats Several French municipal governments’ services have been knocked offline following a “large-scale cyber attack” on their shared servers.… This article has been indexed from The Register –…
Sneaky Credit Card Skimmer Disguised as Harmless Facebook Tracker
Cybersecurity researchers have discovered a credit card skimmer that’s concealed within a fake Meta Pixel tracker script in an attempt to evade detection. Sucuri said that the malware is injected into websites through tools that allow for custom code, such as WordPress…
Building a Live SIFT USB with Persistence, (Fri, Apr 12th)
The SIFT Workstation[1] is a well-known Linux distribution oriented to forensics and incident response tasks. It is used in many SANS training as the default platform. This is also my preferred solution for my day-to-day DFIR activities. The distribution is…
CISA: Russian Hackers Stole Emails Between U.S. Agencies and Microsoft
Russian state-sponsored hackers who broke into Microsoft’s corporate email accounts during the monthslong hack stole email messages between the enterprise software giant and a number of U.S. federal agencies, adding to an ongoing series of revelations about the attack. The…
Apple stops warning of ‘state-sponsored’ attacks, now alerts about ‘mercenary spyware’
Report claims India’s government, which is accused of using Pegasus at home, was displeased Apple has made a significant change to the wording of its threat notifications, opting not to attribute attacks to a specific source or perpetrator, but categorizing…
Strategies to cultivate collaboration between NetOps and SecOps
In this Help Net Security interview, Debby Briggs, CISO at Netscout, discusses breaking down silos between NetOps and SecOps. Practical steps include scheduling strategy meetings, understanding communication preferences, and fostering team collaboration. With evolving cloud models, collaboration and clear role…
U.S. Federal Agencies Ordered to Hunt for Signs of Microsoft Breach and Mitigate Risks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday issued an emergency directive (ED 24-02) urging federal agencies to hunt for signs of compromise and enact preventive measures following the recent compromise of Microsoft’s systems that led to the…
The next wave of mobile threats
According to McAfee, apps, whether for communication, productivity, or gaming, are among the biggest threats to mobile security. Technavio expects the global mobile security software market to grow by $2.75 billion between 2020 and 2025, expanding at a CAGR of…
Why women struggle in the cybersecurity industry
The workplace experiences of women in cybersecurity are dramatically worse than men across virtually every category, according to a WiCyS and Aleria survey. Previous studies have illustrated that the representation of women in cybersecurity is much lower than it should…
NIPS Troubleshooting Steps for No Log
NIPS aims to accurately monitor abnormal network traffic, automatically blocking various types of aggressive traffic in real-time, particularly application layer threats. It aims to take proactive measures instead of merely providing alerts at the time of or after detecting malicious…
New infosec products of the week: April 12, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Akamai, Bitdefender, Siemens, Veriato, and Index Engines. SINEC Security Guard identifies vulnerable production assets The SINEC Security Guard offers automated vulnerability mapping and security management…
ISC Stormcast For Friday, April 12th, 2024 https://isc.sans.edu/podcastdetail/8936, (Fri, Apr 12th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Friday, April 12th, 2024…