The suspected Conti offshoot group’s latest attacks display new tactics and a new file encryptor variant — and have included quick use of the recent VMware ESXi authentication bypass flaw.
Attackers collected Amazon Web Services keys and access tokens to various cloud services from environment variables insecurely stored in tens of thousands of web applications.
APT42 has combined capabilities from previous malware scripts into a single new trojan written in PowerShell that is likely part of a larger campaign against Israeli and US targets.
Build artifacts generated by GitHub Actions often contain access tokens that can be abused by attackers to push malicious code into projects or compromise cloud infrastructure.
Customers of Oracle subsidiary NetSuite’s ERP offering may be unaware that their custom record types grant unauthenticated access to sensitive data readily consumable via NetSuite’s APIs.
Microsoft’s August Patch Tuesday covered 10 zero-day flaws, of which six are being exploited in the wild and four are publicly disclosed.
Immer mehr Hacker-Gruppen, auch staatlich gesteuerte, nutzen frei verfügbare Cloud-Dienste als Plattform für ihre Angriffe.
Security reseachers estimate the ‘Sinkclose’ vulnerability affects ‘hundreds of millions of laptops, desktops, and servers,’ allowing attackers to execute malicious code on the most privileged execution mode on a computer.