Cybersecurity

TA422’s Dedicated Exploitation Loop—the Same Week After Week  | Proofpoint US

December 05, 2023 Greg Lesnewich, Crista Giering and the Proofpoint Threat Research Team Key takeaways  Since March 2023, Proofpoint researchers have observed regular TA422 (APT28) phishing activity, in which the threat actor leveraged patched vulnerabilities to send, at times, high-volume campaigns to targets in Europe and North America.  TA422 used the vulnerabilities as initial access […]

Cybersecurity

CISA performance goals program trims exploited CVEs

Dive Brief: The Cybersecurity and Infrastructure Security Agency said it is making progress toward reducing security risk since the October 2022 release of its cybersecurity performance goals program, the agency said Tuesday.  Since the release of the CPG program, organizations enrolled in the agency’s vulnerability scanning service have reduced their average number of known exploited […]

Cybersecurity

Alert: Threat Actors Can Leverage AWS STS to Infiltrate Cloud Accounts

Dec 06, 2023NewsroomAccess Management / Cloud Security Threat actors can take advantage of Amazon Web Services Security Token Service (AWS STS) as a way to infiltrate cloud accounts and conduct follow-on attacks. The service enables threat actors to impersonate user identities and roles in cloud environments, Red Canary researchers Thomas Gardner and Cody Betsworth said […]