Boost identity protection with Axiad Cloud and Microsoft Entra ID

Boost identity protection with Axiad Cloud and Microsoft Entra ID

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA.  Passwords are a security weakness and phishing attacks to exploit accounts protected by passwords are on the rise. The last 12 months have seen an average of more than 4,000 password attacks per second an almost threefold increase from … Read more

Adopting guidance from the US National Cybersecurity Strategy to secure the Internet of Things

Adopting guidance from the US National Cybersecurity Strategy to secure the Internet of Things

The recently published United States National Cybersecurity Strategy warns that many popular Internet of Things (IoT) devices are not sufficiently secure to protect against many of today’s common cybersecurity threats.1 The strategy also cautions that many of these IoT devices are difficult—or, in some cases, impossible—to patch or upgrade. A key development occurred on July … Read more

A massive phishing campaign using QR codes targets the energy sector

A massive phishing campaign using QR codes targets the energy sector

A phishing campaign employing QR codes targeted a leading energy company in the US, cybersecurity firm Cofense reported. Starting from May 2023, researchers from Cofense discovered a large-scale phishing campaign using QR codes in attacks aimed at stealing the Microsoft credentials of users from multiple industries One of the organizations targeted by hackers is a … Read more

AI-Powered Fuzzing: Breaking the Bug Hunting Barrier

AI-Powered Fuzzing: Breaking the Bug Hunting Barrier

Dongge Liu, Jonathan Metzman, Oliver Chang, Google Open Source Security Team  Since 2016, OSS-Fuzz has been at the forefront of automated vulnerability discovery for open source projects. Vulnerability discovery is an important part of keeping software supply chains secure, so our team is constantly working to improve OSS-Fuzz. For the last few months, we’ve tested … Read more

Semperis aims to ensure security in Active Directory migrations, consolidation

Semperis aims to ensure security in Active Directory migrations, consolidation

Companies often have extended, complex Active Directory infrastructures that have been expanded over time to encompass different domains, potentially creating security issues when they move to a new AD environment. A new AD migration and consolidation offering from identity-based cybersecurity provider Semperis is designed to tackle this problem head-on, streamlining the transition process while ensuring … Read more

Report: PowerShell Gallery susceptible to typosquatting and other package-management attacks

Report: PowerShell Gallery susceptible to typosquatting and other package-management attacks

Researchers are warning in a new report that PowerShell Gallery (PSGallery), the central repository for PowerShell modules and scripts, lacks package name and ownership protections that other popular registries such as npm put in place to prevent typosquatting attacks. Furthermore, the report found that it is possible to find and access PowerShell Gallery packages that … Read more

Incident response lessons learned from the Russian attack on Viasat

Incident response lessons learned from the Russian attack on Viasat

On February 24, 2022, on the eve of Russia’s invasion of Ukraine, KA-band satellite provider Viasat became the first prominent victim of Russian cyber aggression when a wiper attack turned off tens of thousands of Viasat’s government and commercial broadband customers’ modems. At this year’s Black Hat and DEF CON conferences, Viasat representatives spelled out … Read more

Introducing Cloudflare’s 2023 phishing threats report

Introducing Cloudflare’s 2023 phishing threats report

After shutting down a ‘phishing-as-a-service’ operation that impacted thousands of victims in 43 countries, INTERPOL recently noted, “Cyberattacks such as phishing may be borderless and virtual in nature, but their impact on victims is real and devastating.” Business email compromise (BEC), a type of malware-less attack that tricks recipients into transferring funds — for example … Read more

3 strategies that can help stop ransomware before it becomes a crisis

3 strategies that can help stop ransomware before it becomes a crisis

Over the past decade, the average value of ransoms demanded by hackers has gone from hundreds of dollars to hundreds of thousands — even into the millions in some cases. With increasingly stringent regulatory requirements and CISOs being sued for not reporting a breach, the stakes of ransomware attacks are getting ever higher. But specialists … Read more

Two unauthenticated stack buffer overflows found in Ivanti Avalanche EMM

Two unauthenticated stack buffer overflows found in Ivanti Avalanche EMM

Ivanti Avalanche EMM product is impacted by two buffer overflows collectively tracked as CVE-2023-32560. Tenable researchers discovered two stack-based buffer overflows, collectively tracked as CVE-2023-32560 (CVSS v3: 9.8), impacting the Ivanti Avalanche enterprise mobility management (EMM) solution. A remote, unauthenticated attacker can trigger the vulnerabilities to execute arbitrary code on vulnerable systems. The flaw affects Ivanti … Read more

Approximately 2000 Citrix NetScaler servers were backdoored in a massive campaign

Approximately 2000 Citrix NetScaler servers were backdoored in a massive campaign

A threat actor has compromised roughly 2,000 Citrix NetScaler servers exploiting a remote code execution tracked as CVE-2023-3519. In July Citrix warned customers of a critical vulnerability, tracked as CVE-2023-3519 (CVSS score: 9.8), in NetScaler Application Delivery Controller (ADC) and Gateway that is being actively exploited in the wild The vulnerability CVE-2023-3519 (CVSS score: 9.8) is a code injection that … Read more

jsplaces