Why SOC 2 Compliance Is a Matter of (Zero) Trust
SaaS solutions are now so entwined in business users’ daily routines that they seem to meld into one experience — or simply put, “the way I work.” Yet the reality is there are many disparate cloud applications in play across a typical enterprise — 364 on average – which means a lot of complexity and…
How to choose an XDR vendor | Kaspersky official blog
XDR (Extended Detection and Response) technology has already become one of the most conspicuous in the cybersecurity market. Its main advantage is its comprehensive approach to countering sophisticated cyberattacks. This is achieved by maximizing control over potential entry points and through the use of top-of-the-line tools for incident detection, threat hunting, investigation and response within…
Linux Systems Are Becoming Bigger Targets
When it comes to security, there are some low-lying threats that can cause big problems. One important example is malware designed to exploit Linux systems, often in the form of executable and linkable format (ELF) binaries. And, as the Linux footprint continues to expand, so, too, will attacks against it. Researchers from FortiGuard Labs noted…
FBI-Led Operation Disrupts Russian GRU Botnet
The FBI in March targeted and disabled the command and control communications of a botnet controlled by the infamous Russian General Staff Main Intelligence Directorate (GRU) hacking team Sandworm, the US Department of Justice (DoJ) announced today. The botnet used WatchGuard Technologies and ASUSTek Computer (ASUS) firewalls compromised with the so-called Cyclops Blink malware, which…
FIN7 Morphs into a Broader, More Dangerous Cybercrime Group
New research shows the notorious cybercrime group FIN7 to be behind numerous clusters of previously unattributed threat activity spanning several years and targeting organizations in multiple regions and industries. The study by Mandiant shows that the threat actor has shifted from mostly targeting the retail and hospitality sectors to aiming at organizations across a considerably…
What We Can Learn From Lapsus$ Techniques
The Lapsus$ cybercriminal collective has been making headlines in recent weeks. After several high-profile attacks, the security community is turning its gaze toward this new threat actor and its techniques. The Okta incident also reveals some details of their techniques. Microsoft has now published an in-depth blog post detailing the activities it has observed associated…
Vendors Assessing Impact of Spring4Shell Vulnerability
The developers of Spring, which is owned by VMware and said to be the world’s most popular Java application development framework, announced patches for three vulnerabilities last week. One of them is tracked as CVE-2022-22965, Spring4Shell and SpringShell, and it has been described as a critical remote code execution vulnerability in Spring Framework that can…
GitLab Patches Critical Account Takeover Vulnerability
According to the company, in GitLab Community Edition (CE) and Enterprise Edition (EE) versions prior to 14.7.7, 14.8.5, and 14.9.2, a hardcoded password was set when the account was registered using an OmniAuth provider. The critical-severity bug, which is tracked as CVE-2022-1162 (CVSS score of 9.1), could allow attackers to take over accounts. In addition…
Hive ransomware impacts California non-profit health organisation
Ransomware authors are once again targeting health services, holding important files to ransom and impacting potentially vital services. On this occasion, the victims are a non-profit organisation assisting people with their healthcare needs in California. When Hive ransomware strikes The victim, Partnership HealthPlan of California, has apparently been struggling since at least March 24 with…
