CISA and NSA Offer MFA and SSO Guidelines for Developers, Vendors
Developers and tech vendors need to improve multifactor authentication (MFA) and single sign-on (SSO) tools and make them easier for organizations to use to reduce the threat of phishing, password spraying, and similar cyberattacks, according to the nation’s largest cybersecurity agencies. The Cybersecurity and Infrastructure Security Agency (CISA) and National ... Read More
Qakbot Hackers Delivering Ransomware Despite FBI Takedown
The raid two months ago that shut down the infrastructure of the notorious Qakbot malware group doesn’t seem to have been the kill shot that the FBI and other law enforcement agencies had hoped. The gang’s operators have been running a campaign since early August – before the August 29 ... Read More
Two Campaigns Drop Malicious Packages into NPM
The popular NPM code registry continues to be a target of bad actors looking to sneak their malicious packages into open-source code used by software developers. Researchers with Fortinet’s FortiGuard Labs this week said they found almost three dozen malicious packages in the registry that contain scripts that make them ... Read More
AWS’ MadPot Honeypot Operation Corrals Threat Actors
Engineers with Amazon Web Services more than a decade ago began developing tools to better collect intelligence on the cyberthreats coming into the giant cloud provider’s IT environment Fast forward to now, and AWS’s sophisticated suite of tools – called MadPot – comprises myriad monitoring sensors and automated response features ... Read More
Threat Groups Accelerating the Use of Dual Ransomware Attacks
Ransomware groups are shrinking the time between attacks on the same victim, sometimes targeting the same company twice within 48 hours using different malware variants, according to the FBI. In a notice late last month, the agency noted that since June, bad actors have been seen accelerating their efforts in ... Read More
Network Security Firm IronNet Ends Operations, Plans for Bankruptcy
IronNet, the once high-flying network security vendor founded in 2014 by a former U.S. intelligence agency official, is shutting down operations after almost two years of financial struggles. The company, whose money problems began to emerge last year and which in early September furloughed almost all of its workers and ... Read More
CISA Rolls Out a HBOM Framework to Secure Hardware Components
The federal government for the past few years has focused on protecting the software supply chain in the wake of such high-profile incidents as the SolarWinds hack in 2020 and the Log4j vulnerability a year later. A key part of that has been software bills-of-materials (SBOMs), an inventory of the ... Read More
Lawsuit Filed Against Google, Meta, H&R Block for Sharing Taxpayer Data
Meta, Google, and giant tax preparer H&R Block are being accused of conspiring to illegally use spyware from the tech giants to collect and share tax return information from hundreds of taxpayers that could be used to generate targeted online ads. The three companies – along with Google parent Alphabet ... Read More
US: China’s BlackTech Group Hacks Cisco Firmware in Cyberattacks
A China-linked threat group has been manipulating routers from Cisco and possibly other vendors to establish and maintain a presence in the networks of U.S. and East Asian multinational companies and quietly move from international subsidiaries into corporate headquarters. The state-sponsored BlackTech group – also known as Palmerworm, Temp.Overboard, Circuit ... Read More
ZenRAT Targets Windows Users with Fake Bitwarden Site
Hackers are using a bogus download page for Bitwarden’s password manager solution to target Windows users with a new remote access trojan (RAT) that’s designed to steal credentials and a range of information about the compromised system. Threat intelligence researchers with cybersecurity firm Proofpoint are still sorting through all aspects ... Read More
