US Gov Slaps Visa Restrictions on Spyware Honchos
The State Department can now deny entrance to the US for individuals accused of profiting from spyware-related human rights abuses, and their immediate family members.
https://www.darkreading.com/cybersecurity-operations/us-gov-visa-restrictions-spyware-honchos
Russia's Fancy Bear Pummels Windows Print Spooler Bug
The infamous Russian threat actor has created a custom tool called GooseEgg to exploit CVE-2022-38028 in cyber-espionage attacks against targets in Ukraine, Western Europe, and North America.
https://www.darkreading.com/endpoint-security/russia-fancy-bear-pummels-windows-print-spooler-bug
Teetering on the Edge: VPNs, Firewalls' Nonexistent Telemetry Lures APTs
State-sponsored groups are targeting critical vulnerabilities in virtual private network (VPN) gateways, firewall appliances, and other edge devices to make life difficult for incident responders, who...
https://www.darkreading.com/endpoint-security/edge-vpns-firewalls-nonexistent-telemetry-apts
Licensed to Bill? Nations Mandate Certification & Licensure of Cybersecurity Pros
Malaysia, Singapore, and Ghana are among the first countries to pass laws that require cybersecurity firms — and in some cases, individual consultants — to obtain licenses to do business, but concerns...
ToddyCat APT Is Stealing Data on 'Industrial Scale'
The threat actor is deploying multiple connections into victim environments to maintain persistence and steal data.
https://www.darkreading.com/cyber-risk/-toddycat-apt-is-stealing-data-on-an-industrial-scale-
Nespresso Domain Serves Up Steamy Cup of Phish, No Cream or Sugar
An open direct vulnerability in the Nespresso Web domain lets attackers bypass detection as they attempt to steal victims' Microsoft credentials.
https://www.darkreading.com/cyberattacks-data-breaches/nespresso-domain-phish-cream-sugar
MITRE ATT&CKED: InfoSec's Most Trusted Name Falls to Ivanti Bugs
The irony is lost on few, as a Chinese threat actor used eight MITRE techniques to breach MITRE itself — including exploiting the Ivanti bugs that attackers have been swarming on for months.
Zero-Trust Takes Over: 63% of Orgs Implementing Globally
Though organizations are increasingly incorporating zero-trust strategies, for many, these strategies fail to address the entirety of an operation, according to Gartner.
Where Hackers Find Your Weak Spots
The five intelligence sources that power social engineering scams.
https://www.darkreading.com/vulnerabilities-threats/where-hackers-find-your-weak-spots
CISO Corner: Breaking Staff Burnout, GPT-4 Exploits, Rebalancing NIST
SecOps highlights this week include the executive role in "cyber readiness;" Cisco's Hypershield promise; and Middle East cyber ops heat up.
FBI Director Wray Issues Dire Warning on China's Cybersecurity Threat
Chinese actors are ready and poised to do "devastating" damage to key US infrastructure services if needed, he said.
Miggo Launches Application Detection and Response (ADR) Solution
Multiple LastPass Users Lose Master Passwords to Ultra-Convincing Scam
CryptoChameleon attackers trade quantity for quality, dedicating time and resources to trick even the most diligent user into handing over their high-value credentials.
UNDP, City of Copenhagen Targeted in Data-Extortion Cyberattack
A ransomware gang claimed responsibility for the attack, though it is unknown if a ransom was demanded or paid.
Rethinking How You Work With Detection and Response Metrics
Airbnb's Allyn Stott recommends adding the Human Maturity Model (HMM) and the SABRE framework to complement MITRE ATT&CK to improve security metrics analysis.
AI Lowers Barrier for Cyber-Adversary Manipulation in 2024 Election
Securing the presidential election requires vigilance and hardened cybersecurity defenses.
Cisco's Complex Road to Deliver on its Hypershield Promise
The tech giant tosses together a word salad of today's business drivers — AI, cloud-native, digital twins — and describes a comprehensive security strategy for the future, but can the company build th...
'MagicDot' Windows Weakness Allows Unprivileged Rootkit Activity
Malformed DOS paths in file-naming nomenclature in Windows could be used to conceal malicious content, files, and processes.
https://www.darkreading.com/vulnerabilities-threats/magicdot-windows-weakness-unprivileged-rootkit
Cyberattack Takes Frontier Communications Offline
The local phone and business communications company said that attackers accessed unspecified PII, after infiltrating its internal networks.
https://www.darkreading.com/ics-ot-security/cyberattack-takes-frontier-communications-offline
Evil XDR: Researcher Turns Palo Alto Software Into Perfect Malware
It turns out that a powerful security solution can double as even more powerful malware, capable of granting comprehensive access over a targeted machine.