A major vulnerability has been found in Argo CD, an open-source developer tool for Kubernetes. In response to this news, cyber security experts reacted below.
ISBuzz Team
The Cybereason Nocturnus Team discuss PowerLess Trojan: Iranian APT Phosphorus Adds New PowerShell Backdoor for Espionage. They observed an uptick in the activity of the Iranian group dubbed Phosphorus (AKA Charming Kitten, APT35), known for previously attacking medical research organizations in the US and Israel in 2020, and for targeting academic researchers in the US, France, and the Middle East. KEY FINDINGS Novel PowerShell Backdoor: A novel and previously undocumented PowerShell backdoor related to the Phosphorus group … dubbed PowerLess Backdoor. It supports downloading additional payloads, such as a keylogger and an info stealer.Evasive PowerShell Execution: The PowerShell code runs…
It has been announced that, following a meeting with government and industry leaders at the White House, OpenSSF has announced the Alpha-Omega Project to improve the security posture of open source software (OSS) through direct engagement of software security experts and automated security testing. Microsoft and Google are supporting the Alpha-Omega Project with an initial investment of $5 million. This builds on previous industry-wide investments into OpenSSF aiming to improve open source software security. Widely deployed OSS projects that are critical to global infrastructure and innovation have become top targets for adversarial attacks. Following new vulnerability disclosures, adversary attacks can be seen within…
Platform9 announced the results of its research, revealing that 91% of survey respondents cite security, consistent management across environments, high availability, and observability as their top concerns for operating cloud-native technologies. The research also found that despite fast growing public-cloud deployments, 67% of cloud deployments are distributed, spread out across on-premises, hybrid, and edge clouds.
Oiltanking GmbH, a German petrol distributor who supplies Shell gas stations in the country, has fallen victim to a cyberattack that severely impacted its operations. Additionally, the attack has also affected Mabanaft GmbH, an oil supplier. Both entities are subsidiaries of the Marquard & Bahls group, which may have been the breach point. Below are some comments from cybersecurity experts.
Please see below for commentary from Ed Williams, EMEA Director of SpiderLabs at Trustwave following the news that the US Cybersecurity & Infrastructure Security Agency (CISA) has added eight more flaws to its catalogue of exploited vulnerabilities that are known to be used in attacks.
Mandiant Threat Reporting research has recently disclosed 1 in 7 Ransomware Extortion Attacks Leak Critical Operational Technology Information. In 2021, Mandiant Threat Intelligence observed ransomware operators extorting thousands of victims by disclosing terabytes of stolen info on shaming sites. This trend, called “Multifaceted Extortion” impacted over 1,300 organizations from critical infrastructure and industrial production sectors in just one year. In response to these findings, an expert with Gurucul has offered perspectives.
In the wake of SAP’s announcement to collaborate with Yale University to foster and promote cybersecurity talent, cyber security experts provide an insight on the importance of diversity in cybersecurity hiring.
As reported by NME, Alexa Chung’s Twitter account appears to have been hacked by a collective of NFT scammers. The TV presenter seemed to tweet from her official account to her 1.3million followers Monday afternoon with a giveaway on behalf of an NFT community called Azuki. “GIVING AWAY THIS AZUKI NFT ($23,239) To enter – Follow me with [notifications on] – RT & like this – Tag 3 friends,” the post reads. Additional tweets have been posted from Chung’s account, one reading “Who has my notifications on?” and “Like if active, this is a test”, but it remains unclear whether…
Trellix has released the Advanced Threat Research Report: January 2022, with findings regarding ransomware between July to September 2021. Researched showed that the top three industries which were the most targeted with ransomware attacks were banking, utilities and retail. Other sectors which were significant targets for attacks included education, government and industrial services. Banking and finance showed to be the most prevalent, accounting for 22% of detected attacks. In response to these findings, an expert with Gurucul has offered perspectives.