Event Logging Key to Detecting LOTL Attacks, Security Agencies Say
A report by CISA, the FBI, the NSA, and international agencies lay out the argument that event logging tools help enterprises better detect attacks that rely on LOTL techniques used by threat groups to evade security protections during an attack ... Read More
Audit: FBI is Losing Track of Storage Devices Holding Sensitive Data
DOJ inspectors have found the FBI is not labeling hard drives and other storage devices holding sensitive that are slated for destruction, making them hard to track, and that boxes of them can sit in a poorly secured facility for months ... Read More
Backdoor in RFID Cards for Offices, Hotels Can Lead to Instant Cloning
A backdoor found in millions of Chinese-made RFID cards that are used by hotels and other businesses around the world can let bad actors instantly clone the cards to gain unauthorized access into rooms or run supply chain attacks, say researchers with Paris-based Quarkslab ... Read More
Extortion Group Exploits Cloud Misconfigurations, Targets 110,000 Domains
An unknown threat group leveraged publicly exposed environment variables in organizations' AWS accounts to exfiltrate sensitive data and demand ransoms in a wide-ranging extortion campaign that targeted 110,000 domains ... Read More
Mandatory MFA is Coming to Microsoft Azure
Microsoft is making MFA mandatory for signing into Azure accounts, the latest step in the IT vendor's Secure Future Initiative that it expanded in May in the wake of two embarrassing breaches by Russian and Chinese threat groups ... Read More
Lawmakers Ask for Probe of Chinese Router Maker TP-Link
Two U.S. lawmakers are asking the Commerce Department to investigate whether the Wi-Fi routers built by Chinese company TP-Link could be used by Chinese-sponsored threat groups to infiltrate U.S. government and private networks, posing a security risk to the country ... Read More
ReliaQuest: Watch Out for Info-Stealers and RATs
ReliaQuest ranked LummaC2 and SocGholish among the top malware seen in Q2 and rounded out the top five list with AsyncRat, Oyster, and the growing numbers of info-stealers that were built using the Rust programming language ... Read More
Google: Iranian Group APT42 Behind Trump, Biden Hack Attempts
Google cybersecurity researchers confirm that the Iranian-sponsored APT42 threat group is being ongoing phishing campaigns against President Biden, Vice President Harris, and ex-President Trump in an attempt to influence the upcoming presidential elections ... Read More
FBI Disrupts Operations of the Dispossessor Ransomware Group
The FBI and law enforcement agencies from the UK and Germany seized servers and domains belonging to the Dispossessor ransomware gang, which had emerged into the spotlight following a similar operation against the notorious LockBit gang in February ... Read More
Biden-Harris Campaign, Trump Operative Stone Also Target of Hackers
Hackers, possibly from Iran, sent phishing emails to the Biden-Harris campaign and Trump operative Roger Stone hoping to gain access into the systems of both presidential campaigns. It worked with Stone, who compromised email account opened the door to the Trump campaign infrastructure ... Read More
