The Public Cloud and Security Responsibility Across many businesses, leveraging services offered and hosted by public cloud providers such as AWS proves to be extremely advantageous for both improving operational efficiencies, cost savings, scaling, and for security. For AWS customers, Lambda functions are a great example of this advantage in providing a useful way to execute … [Read more...] about Detecting Targeted Attacks on Public Cloud Services with Cisco Secure Cloud Analytics
attacks
Lazarus Group Behind $540 Million Axie Infinity Crypto Hack and Attacks on Chemical Sector
The U.S. Treasury Department has implicated the North Korea-backed Lazarus Group (aka Hidden Cobra) in the theft of $540 million from video game Axie Infinity's Ronin Network last month. On Thursday, the Treasury tied the Ethereum wallet address that received the stolen funds to the threat actor and sanctioned the funds by adding the address to the Office of Foreign Assets … [Read more...] about Lazarus Group Behind $540 Million Axie Infinity Crypto Hack and Attacks on Chemical Sector
15-Year-Old Bug in PEAR PHP Repository Could’ve Enabled Supply Chain Attacks
A 15-year-old security vulnerability has been disclosed in the PEAR PHP repository that could permit an attacker to carry out a supply chain attack, including obtaining unauthorized access to publish rogue packages and execute arbitrary code. "An attacker exploiting the first one could take over any developer account and publish malicious releases, while the second bug would … [Read more...] about 15-Year-Old Bug in PEAR PHP Repository Could’ve Enabled Supply Chain Attacks
Russian Hackers Target Ukrainians, European Allies via Phishing Attacks
A broad range of threat actors, including Fancy Bear, Ghostwriter, and Mustang Panda, have launched phishing campaigns against Ukraine, Poland, and other European entities amid Russia's invasion of Ukraine. Google's Threat Analysis Group (TAG) said it took down two Blogspot domains that were used by the nation-state group FancyBear (aka APT28) – which is attributed to Russia's … [Read more...] about Russian Hackers Target Ukrainians, European Allies via Phishing Attacks
Hackers Abuse Mitel Devices to Amplify DDoS Attacks by 4 Billion Times
Threat actors have been observed abusing a high-impact reflection/amplification method to stage sustained distributed denial-of-service (DDoS) attacks for up to 14 hours with a record-breaking amplification ratio of 4,294,967,296 to 1. The attack vector – dubbed TP240PhoneHome (CVE-2022-26143) – has been weaponized to launch significant DDoS attacks targeting broadband access … [Read more...] about Hackers Abuse Mitel Devices to Amplify DDoS Attacks by 4 Billion Times
The Easy Solution for Stopping Modern Attacks
Modern cyberattacks are multifaceted, leveraging different tools and techniques and targeting multiple entry points. As noted in the CrowdStrike 2022 Global Threat Report, 62% of modern attacks do not use traditional malware and 80% of attacks use identity-based techniques, meaning that attacks target not only endpoints, but also cloud and identity layers with techniques that … [Read more...] about The Easy Solution for Stopping Modern Attacks
HermeticRansom used as a smokescreen for wiper attacks
Our researchers analyzed the HermeticRansom malware also known as Elections GoRansom. By and large, this is a fairly simple cryptor. What is interesting in this case is the purpose for which attackers are using it. HermeticRansom goals HermeticRansom attacked computers at the same time as another malware known as HermeticWiper, and based on publicly available information from … [Read more...] about HermeticRansom used as a smokescreen for wiper attacks
CrowdStrike Protects from Wiper Malware Used in Ukraine Attacks
On Feb. 23, 2022, a new wiper malware was reported targeting Ukraine systems The wiper destroys files on infected Windows devices by corrupting specific elements of connected hard drives CrowdStrike Intelligence refers to this destructive malware as DriveSlayer DriveSlayer is the second recent destructive malware targeting Ukraine, following WhisperGate The CrowdStrike Falcon® … [Read more...] about CrowdStrike Protects from Wiper Malware Used in Ukraine Attacks
Researchers Link ShadowPad Malware Attacks to Chinese Ministry and PLA
Cybersecurity researchers have detailed the inner workings of ShadowPad, a sophisticated and modular backdoor that has been adopted by a growing number of Chinese threat groups in recent years, while also linking it to the country's civilian and military intelligence agencies. "ShadowPad is decrypted in memory using a custom decryption algorithm," researchers from Secureworks … [Read more...] about Researchers Link ShadowPad Malware Attacks to Chinese Ministry and PLA
CISA, FBI, NSA Issue Advisory on Severe Increase in Ransomware Attacks
Cybersecurity authorities from Australia, the U.K., and the U.S. have published a joint advisory warning of an increase in sophisticated, high-impact ransomware attacks targeting critical infrastructure organizations across the world in 2021. The incidents singled out a broad range of sectors, including defense, emergency services, agriculture, government facilities, IT, … [Read more...] about CISA, FBI, NSA Issue Advisory on Severe Increase in Ransomware Attacks