Grupo Bimbo Ventures Announces Investment in NanoLock Security

Blog

By January 13, 2025

Post Content

Blog

EC2 Grouper Attack

What is the Attack?FortiGuard Labs Threat Team has observed recent attacks by a Threat Actor dubbed “EC2 Grouper” that leverages AWS tools for PowerShell to carry out cloud-based attacks. It leverages APIs to inventory EC2 types and available regions before executing further API calls iteratively. The Threat Actor is seen using techniques that enable remote…

Read More EC2 Grouper Attack
Blog

Researchers Uncover Major Security Flaw in Illumina iSeq 100 DNA Sequencers

Cybersecurity researchers have uncovered firmware security vulnerabilities in the Illumina iSeq 100 DNA sequencing instrument that, if successfully exploited, could permit attackers to brick or plant persistent malware on susceptible devices. “The Illumina iSeq 100 used a very outdated implementation of BIOS firmware using CSM [Compatibility Support Mode] mode and without Secure Boot or standard

Read More Researchers Uncover Major Security Flaw in Illumina iSeq 100 DNA Sequencers
Blog

100+ Fake Chrome Extensions Found Hijacking Sessions, Stealing Credentials, Injecting Ads

An unknown threat actor has been attributed to creating several malicious Chrome Browser extensions since February 2024 that masquerade as seemingly benign utilities but incorporate covert functionality to exfiltrate data, receive commands, and execute arbitrary code. “The actor creates websites that masquerade as legitimate services, productivity tools, ad and media creation or analysis

Read More 100+ Fake Chrome Extensions Found Hijacking Sessions, Stealing Credentials, Injecting Ads
Blog

AI-Powered Presentation Tool Leveraged in Phishing Attacks

Researchers at Abnormal Security said threat actors are using a legitimate presentation and graphic design tool named “Gamma” in phishing attacks.

Read More AI-Powered Presentation Tool Leveraged in Phishing Attacks
Blog

15K Fortinet Device Configs Leaked to the Dark Web

The stolen firewall data is thorough but more than 2 years old now, meaning that most organizations following even basic security practices face minimal risk, hopefully.

Read More 15K Fortinet Device Configs Leaked to the Dark Web
Blog

Sparring in the Cyber Ring: Using Automated Pentesting to Build Resilience

“A boxer derives the greatest advantage from his sparring partner…” — Epictetus, 50–135 AD Hands up. Chin tucked. Knees bent. The bell rings, and both boxers meet in the center and circle. Red throws out three jabs, feints a fourth, and—BANG—lands a right hand on Blue down the center. This wasn’t Blue’s first day and…

Read More Sparring in the Cyber Ring: Using Automated Pentesting to Build Resilience

Related