This Week in Cybersecurity – Nov 06 – Nov 10

Written by Andrew Doyle

November 11, 2023

This Week in Cybersecurity – Nov 06 - Nov 10

BlazeStealer Malware Found in Python Packages on PyPI

In a recent security revelation, a series of malicious Python packages have infiltrated the Python Package Index (PyPI), posing a significant threat to developer systems. Uncovered by Checkmarx, these seemingly benign packages harbor a malware named BlazeStealer. Read more

Researchers Expose Covert Crypto Mining on Azure Automation

Cybersecurity experts have uncovered the first fully undetectable cloud-based cryptocurrency miner that uses the Microsoft Azure Automation service. SafeBreach, a prominent player in the cybersecurity landscape, identified three distinct methods for executing the miner, one of which operates stealthily within a victim’s environment without raising any alarms. Read more

High-Severity SLP Vulnerability Actively Exploited: CISA Issues Warning

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has flagged a critical vulnerability in the Service Location Protocol (SLP), elevating it to the Known Exploited Vulnerabilities (KEV) catalog due to confirmed instances of active exploitation. Read more

Tufin’s Advanced Visibility and Policy Automation Help Enterprises to Optimize SASE

Tufin Orchestration Suite Enhances Network Visibility Tools, Incorporates Audit and Compliance Tools, and Adds Support for Palo Alto Prisma, Cisco Viptela, Check Point Quantum, VMware NSX-T on AWS, and More. Read more

ObjCShellz: New macOS Malware Linked to North Korea’s BlueNoroff”

A new strain of macOS malware, named ObjCShellz, has been discovered. This malware is believed to be linked to the North Korea-affiliated group, BlueNoroff, known for its financial crimes and attacks on the banking and crypto sectors. Read more

How to Choose the Best Cloud Security Posture Management Tools

Cloud security posture management tools go beyond mere surveillance; they provide a comprehensive view of workloads, offering contextual insights that enable organizations to prioritize vulnerabilities and issues effectively. As noted by Charlie Winckless, Senior Director Analyst at Gartner, these tools empower companies to discern the real risks, prioritize important ones, and strategically address security concerns. Read more

Farnetwork’s Ransomware-as-a-Service Business Model Exposed

Singapore-based cybersecurity firm Group-IB successfully uncovered the identity of a prolific threat actor known as Farnetwork. This individual has left a digital trail across five distinct ransomware-as-a-service (RaaS) programs over the past four years. Group-IB attempted to infiltrate a private RaaS program utilizing the Nokoyawa ransomware strain. Read more

Security Breach at Okta Traced Back to Worker’s Personal Google Account

After recently disclosing a security compromise, Okta, the cloud-based identity and authentication management provider, revealed that an unidentified threat actor had infiltrated files belonging to 134 customers. The breach occurred when an employee signed in to a personal Google profile using the Chrome browser on an Okta-managed laptop. Read more

SideCopy Exploits WinRAR Vulnerability in Targeted Campaigns on Indian Government

In recent developments, the Pakistan-linked threat actor, SideCopy, has strategically exploited a WinRAR security vulnerability to target Indian government entities. This campaign involves the deployment of remote access trojans (RATs), including AllaKore RAT, Ares RAT, and DRat. SEQRITE, an enterprise security firm, has identified the attack as multi-platform, extending its reach to Linux systems with a compatible version of Ares RAT. Read more

Critical Vulnerabilities Identified in Veeam ONE IT Monitoring Software

Veeam, a leading player in IT monitoring and analytics, has rolled out security updates targeting four vulnerabilities within its ONE platform, with two of them carrying a critical severity rating. Read more

Ransomware Threat Actors Exploit Atlassian and Apache Flaws

In recent developments, various ransomware groups are exploiting vulnerabilities in Atlassian Confluence and Apache ActiveMQ. The cybersecurity watchdog, Rapid7, has reported the exploitation of CVE-2023-22518 and CVE-2023-22515 in multiple customer environments. Read more

Zscaler ThreatLabz Finds a 400% Increase in IoT and OT Malware Attacks Year-over-Year

Zscaler ThreatLabz 2023 Enterprise IoT and OT Threat Report Uncovers Manufacturing and Education Sectors Targeted the Most, with Education Realizing a Nearly 1000% Increase in IoT Malware Attacks. Read more

Related Articles

Stay Up to Date With The Latest News & Updates

Join Our Newsletter


Subscribe To Our Newsletter

Sign up to our weekly newsletter summarizing everything thats happened in data security, storage, and backup and disaster recovery

You have Successfully Subscribed!