BlazeStealer Malware Found in Python Packages on PyPI
In a recent security revelation, a series of malicious Python packages have infiltrated the Python Package Index (PyPI), posing a significant threat to developer systems. Uncovered by Checkmarx, these seemingly benign packages harbor a malware named BlazeStealer. Read more
Researchers Expose Covert Crypto Mining on Azure Automation
Cybersecurity experts have uncovered the first fully undetectable cloud-based cryptocurrency miner that uses the Microsoft Azure Automation service. SafeBreach, a prominent player in the cybersecurity landscape, identified three distinct methods for executing the miner, one of which operates stealthily within a victim’s environment without raising any alarms. Read more
High-Severity SLP Vulnerability Actively Exploited: CISA Issues Warning
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has flagged a critical vulnerability in the Service Location Protocol (SLP), elevating it to the Known Exploited Vulnerabilities (KEV) catalog due to confirmed instances of active exploitation. Read more
Tufin’s Advanced Visibility and Policy Automation Help Enterprises to Optimize SASE
Tufin Orchestration Suite Enhances Network Visibility Tools, Incorporates Audit and Compliance Tools, and Adds Support for Palo Alto Prisma, Cisco Viptela, Check Point Quantum, VMware NSX-T on AWS, and More. Read more
ObjCShellz: New macOS Malware Linked to North Korea’s BlueNoroff”
A new strain of macOS malware, named ObjCShellz, has been discovered. This malware is believed to be linked to the North Korea-affiliated group, BlueNoroff, known for its financial crimes and attacks on the banking and crypto sectors. Read more
How to Choose the Best Cloud Security Posture Management Tools
Cloud security posture management tools go beyond mere surveillance; they provide a comprehensive view of workloads, offering contextual insights that enable organizations to prioritize vulnerabilities and issues effectively. As noted by Charlie Winckless, Senior Director Analyst at Gartner, these tools empower companies to discern the real risks, prioritize important ones, and strategically address security concerns. Read more
Farnetwork’s Ransomware-as-a-Service Business Model Exposed
Singapore-based cybersecurity firm Group-IB successfully uncovered the identity of a prolific threat actor known as Farnetwork. This individual has left a digital trail across five distinct ransomware-as-a-service (RaaS) programs over the past four years. Group-IB attempted to infiltrate a private RaaS program utilizing the Nokoyawa ransomware strain. Read more
Security Breach at Okta Traced Back to Worker’s Personal Google Account
After recently disclosing a security compromise, Okta, the cloud-based identity and authentication management provider, revealed that an unidentified threat actor had infiltrated files belonging to 134 customers. The breach occurred when an employee signed in to a personal Google profile using the Chrome browser on an Okta-managed laptop. Read more
SideCopy Exploits WinRAR Vulnerability in Targeted Campaigns on Indian Government
In recent developments, the Pakistan-linked threat actor, SideCopy, has strategically exploited a WinRAR security vulnerability to target Indian government entities. This campaign involves the deployment of remote access trojans (RATs), including AllaKore RAT, Ares RAT, and DRat. SEQRITE, an enterprise security firm, has identified the attack as multi-platform, extending its reach to Linux systems with a compatible version of Ares RAT. Read more
Critical Vulnerabilities Identified in Veeam ONE IT Monitoring Software
Veeam, a leading player in IT monitoring and analytics, has rolled out security updates targeting four vulnerabilities within its ONE platform, with two of them carrying a critical severity rating. Read more
Ransomware Threat Actors Exploit Atlassian and Apache Flaws
In recent developments, various ransomware groups are exploiting vulnerabilities in Atlassian Confluence and Apache ActiveMQ. The cybersecurity watchdog, Rapid7, has reported the exploitation of CVE-2023-22518 and CVE-2023-22515 in multiple customer environments. Read more
Zscaler ThreatLabz Finds a 400% Increase in IoT and OT Malware Attacks Year-over-Year
Zscaler ThreatLabz 2023 Enterprise IoT and OT Threat Report Uncovers Manufacturing and Education Sectors Targeted the Most, with Education Realizing a Nearly 1000% Increase in IoT Malware Attacks. Read more
