Mar 01, 2024NewsroomLinux / Cyber Threat Cybersecurity researchers have discovered a new Linux variant of a remote access trojan (RAT) called BIFROSE (aka Bifrost) that uses a deceptive domain mimicking VMware. “This latest version of Bifrost aims to bypass security measures and compromise targeted systems,” Palo Alto Networks Unit 42 researchers Anmol Maurya and Siddharth […]
Feb 29, 2024NewsroomThreat Intelligence / Cyber Threat Cybersecurity researchers have disclosed a new attack technique called Silver SAML that can be successful even in cases where mitigations have been applied against Golden SAML attacks. Silver SAML “enables the exploitation of SAML to launch attacks from an identity provider like Entra ID against applications configured to […]
At least two different suspected China-linked cyber espionage clusters, tracked as UNC5325 and UNC3886, have been attributed to the exploitation of security flaws in Ivanti Connect Secure VPN appliances. UNC5325 abused CVE-2024-21893 to deliver a wide range of new malware called LITTLELAMB.WOOLTEA, PITSTOP, PITDOG, PITJET, and PITHOOK, as well as attempted to maintain persistent access […]
Superusers Need Super Protection: How to Bridge Privileged Access Management and Identity Management
Feb 28, 2024The Hacker NewsZero Trust / Cyber Threat Traditional perimeter-based security has become costly and ineffective. As a result, communications security between people, systems, and networks is more important than blocking access with firewalls. On top of that, most cybersecurity risks are caused by just a few superusers – typically one out of 200 […]
A new report by the Office of the National Cyber Director (ONCD) highlighted that up to 70% of security vulnerabilities are due to memory safety issues in certain programming languages.
A joint effort by SentinelLabs and ClearSky Cyber Security has uncovered a significant propaganda and disinformation campaign, possibly orchestrated by the Russia-aligned influence operation network called Doppelgänger. The campaign, which began in late November 2023, initially targeted Ukrainian affairs but has since expanded its scope to include the US, Israel, France and Germany. In Germany, Doppelgänger […]
Bumblebee malware has re-emerged following a four-month absence from the cyber threat landscape, according to Proofpoint research. The new campaign, observed in February 2024, used a “significantly different” attack chain compared to previous Bumblebee infiltrations. The return of Bumblebee coincides with the reappearance of several notorious threat actors at the start of 2024 following a […]
Feb 13, 2024NewsroomVulnerability / Cyber Threat Threat actors are leveraging a recently disclosed security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy a backdoor codenamed DSLog on susceptible devices. That’s according to findings from Orange Cyberdefense, which said it observed the exploitation of CVE-2024-21893 within hours of the public release of […]
National Cyber Director Harry Coker this week reiterated prior warnings that hackers linked to the People’s Republic of China are actively working to gain access to critical infrastructure in the U.S. to potentially launch malicious attacks. Coker, in his first major speech in Washington since he was confirmed in December, said the state-linked threat actors […]