Keeping software secure has been a big topic for a long time. Microsoft came up with a plan called SD3+C in 2004, which is now called the Security Development Lifecycle. The Department of Homeland Security and Carnegie Mellon Software Engineering Institute also created a website to help software developers and security people make software that …
A recent validation error in Microsoft’s Azure Active Directory (Azure AD) source code allowed threat actor Storm-0558 to forge tokens and breach 25 organizations. The attacker reportedly acquired an inactive Microsoft account (MSA) consumer signing key, using it to access various enterprise and consumer services. The key, initially intended only for MSA accounts, was trusted …
Intricate Cyber Espionage: The Microsoft Azure Active Directory Breach Read More »
From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud A large-scale phishing campaign that used adversary-in-the-middle (AiTM) phishing sites stole passwords, hijacked a user’s sign-in session, and skipped the authentication process even if the user had enabled multifactor authentication (MFA). The attackers then used the stolen credentials …
Microsoft issues warning on BEC phishing campaign Read More »
Log4j Vulnerability Explained Vulnerability The Log4j vulnerability allows malicious attackers to execute code remotely on any targeted computer. What is Log4j: Log4j an open source software, a logging library for Java, is widely used by businesses and web portals. Earlier this month, this open source software was in the news for its vulnerabilities. Impact Being …
SRHD Apologizes and Commits to Corrective Actions Spokane Regional Health District (SRHD) confirmed personal data may have been disclosed after the discovery of an unauthorized breach of personal health information via a phishing email, occurring on February 24, 2022.
IconBurst: NPM software supply chain attack grabs data from apps, websites ReversingLabs researchers recently discovered evidence of a widespread software supply chain Iconburst attack involving malicious Javascript packages offered via the NPM package manager. Researchers at ReversingLabs identified more than two dozen NPM packages, dating back six months, that contain obfuscated Javascript designed to steal …
IconBurst attack grabs data from multiple web apps (Supply Chain attack) Read More »
Cyber Threats in Space: The New Challenges Ahead In the last few years, a new space race has been booming among government agencies. Now private space organizations have joined the race! These agencies and organizations are now working on and off the clock to advance into the future of the space age. With the latest …
Staffing Firm Robert Half Says Hackers Targeted Over 1,000 Customer Accounts HR consulting firm Robert Half has started informing customers that their personal and financial information might have been compromised (password stuffing) after hackers targeted their RobertHalf.com accounts. Information provided by the company to the Maine Attorney General shows that threat actors targeted Robert …
What is SQL Injection? SQL Injection is a web security vulnerability that allows an attack to interfere with the queries that an application makes to its database. It generally allows an attacker to view data that they are not normally able to retrieve. This might include data belonging to other users, or any other data …
Over the Labor Day weekend, one of the United States’ largest school districts was hit by a cyberattack. LAUSD serves more than 600,000 students, between kindergarten and 12th grade, and employs more than 26,000 teachers at over 1,000 schools.
Are you practicing surface level security? We dig deeper to address the problem at its core.