Amazon Stymies APT29 Credential Theft Campaign
A group linked to Russian intelligence services redirected victims to fake Cloudflare verification pages and exploited Microsoft’s device code authentication flow.
-
-
WordPress Woes Continue Amid ClickFix Attacks, TDS Threats
Vulnerable and malicious plug-ins are giving threat actors the ability to compromise WordPress sites and use them as a springboard to a variety of cyber threats and scams.
-
Zscaler, Palo Alto Networks Breached via Salesloft Drift
Two major security firms suffered downstream compromises as part of a large-scale supply chain attack involving Salesloft Drift, a marketing SaaS application from Salesforce.
-
Jaguar Land Rover Shuts Down in Scramble to Secure ‘Cyber Incident’
The luxury automaker said its retail and production activities have been “severely disrupted.”
-
Lazarus Group Expands Malware Arsenal With PondRAT, ThemeForestRAT, and RemotePE
The North Korea-linked threat actor known as the Lazarus Group has been attributed to a social engineering campaign that distributes three different pieces of cross-platform malware called PondRAT, ThemeForestRAT, and RemotePE. The attack, observed by NCC Group’s Fox-IT in 2024, targeted an organization in the decentralized finance (DeFi) sector, ultimately leading to the compromise of…
-
Researchers Warn of MystRodX Backdoor Using DNS and ICMP Triggers for Stealthy Control
Cybersecurity researchers have disclosed a stealthy new backdoor called MystRodX that comes with a variety of features to capture sensitive data from compromised systems. “MystRodX is a typical backdoor implemented in C++, supporting features like file management, port forwarding, reverse shell, and socket management,” QiAnXin XLab said in a report published last week. “Compared to…
-
Hackers Are Sophisticated & Impatient — That Can Be Good
You can’t negotiate with hackers from a place of fear — but you can turn their urgency against them with the right playbook, people, and preparation.
-
NIST Enhances Security Controls for Improved Patching
The US National Institute of Standards and Technology released Security and Privacy Control version 5.2.0 to help organizations be more proactive regarding patching.
-
JSON Config File Leaks Azure ActiveDirectory Credentials
In this type of misconfiguration, cyberattackers could use exposed secrets to authenticate directly via Microsoft’s OAuth 2.0 endpoints and infiltrate Azure cloud environments.
-
Shadow AI Discovery: A Critical Part of Enterprise AI Governance
The Harsh Truths of AI Adoption MITs State of AI in Business report revealed that while 40% of organizations have purchased enterprise LLM subscriptions, over 90% of employees are actively using AI tools in their daily work. Similarly, research from Harmonic Security found that 45.4% of sensitive AI interactions are coming from personal email accounts,…