Tag: CLOUD

Russia jails hacker for two years over cyberattack on local tech company
Summary: A Russian citizen was sentenced to two years in a penal colony for orchestrating a DDoS attack against a local tech company that is part of the nation’s critical information infrastructure, alongside a fine of 500,000 rubles. This case highlights the increasing number of prosecutions related to cybercrimes in Russia, particularly involving local hackers accused of collaboration with foreign entities.…
Read More
Cybercriminals are trying to loot Australian pension accounts in new campaign
Summary: Hackers are targeting pension savings in Australia, with attempted breaches reported by the Association of Superannuation Funds of Australia (ASFA). While many attacks were thwarted, AustralianSuper confirmed that hackers successfully stole AU0,000 from four members’ accounts. The Australian government is aware of the situation and is planning a response amidst rising cyberattacks in the country.…
Read More
Have We Reached a Distroless Tipping Point?
Summary: The article discusses the evolution of containerization technologies and their pivotal role in shaping modern cloud-native software development. It highlights key innovations, such as LXC, Docker, and the Open Container Initiative (OCI), that have paved the way for standardized, efficient, and secure software delivery. Chainguard OS is introduced as the next generation of open-source software delivery, focused on minimizing vulnerabilities and maximizing performance through a distroless approach.…
Read More
Lawmakers seek to close loophole limiting Secret Service investigations into cyber laundering
Summary: Two U.S. senators have reintroduced a bill aimed at empowering the Secret Service to combat money laundering linked to cybercrime. The Combatting Money Laundering in Cyber Crime Act seeks to lift jurisdictional restrictions, allowing the agency to investigate unlicensed money transmitting businesses effectively. This legislation comes in response to the increasing sophistication of cybercrime, particularly in light of recent high-profile money laundering cases involving digital assets.…
Read More
OH-MY-DC: OIDC Misconfigurations in CI/CD
Unit 42’s investigation into OpenID Connect (OIDC) within CI/CD environments revealed significant vulnerabilities that could allow threat actors unauthorized access to restricted resources. Key risks stem from loose identity federation policies, reliance on user-controllable claim values, and potential exploitation of poisoned pipeline execution. It is critical for organizations to strengthen OIDC policies and CI/CD security.…
Read More
Oracle Confirms Cloud Hack
Summary: Oracle has privately confirmed to certain customers that its cloud systems have been breached, despite initially denying any such incidents. A hacker claimed to possess data of over 140,000 Oracle Cloud tenants and is attempting to sell it, while Oracle maintains that the long-standing environment impacted poses minimal risk.…
Read More
Movie Security Stories: Understanding Cyber Threats and the Need for Integrated Security Through Film
The article discusses the evolution of cyber threats in the modern digital era, comparing real-world scenarios to movie plots, such as “Die Hard 4.0” and “Skyfall.” It highlights the increasing complexity of ransomware attacks, supply chain hacks, and insider threats, stressing the need for comprehensive security strategies that incorporate automation and real-time intelligence.…
Read More
Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability CVE-2025-22457 Google Cloud Blog
A critical security vulnerability, CVE-2025-22457, was disclosed by Ivanti, affecting Ivanti Connect Secure (ICS) VPN appliances. The vulnerability allows for remote code execution through buffer overflow and has been observed actively exploited in the wild. Two new malware families, TRAILBLAZE and BRUSHFIRE, have been deployed as part of the exploit.…
Read More
Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary Code
Summary: A critical security vulnerability, tracked as CVE-2025-30065, has been identified in Apache Parquet’s Java Library, allowing remote attackers to execute arbitrary code via specially crafted Parquet files. The vulnerability affects all versions up to and including 1.15.0 and has been resolved in version 1.15.1. Although there is currently no evidence of exploitation, the flaw poses risks to data pipelines and analytics systems using untrusted sources.…
Read More
Haugh fired from leadership of NSA, Cyber Command
Summary: President Trump has fired Air Force Gen. Timothy Haugh from his position as head of U.S. Cyber Command and the NSA, prompting concerns about national security and potential future changes to the leadership structure. This decision comes amid a broader shakeup within the military’s digital and intelligence agencies, and it may lead to the separation of leadership for Cyber Command and the NSA.…
Read More
Wiz Threat Research has identified an ongoing campaign by the threat actor JINX-0126, targeting poorly configured and publicly exposed PostgreSQL servers. By exploiting weak login credentials, the actor gains access to deploy XMRig-C3 cryptominers, impacting over 1,500 victims. The attacker employs advanced techniques to evade detection while continuously scanning for vulnerable systems.…
Read More
Texas city warns thousands of utility payment site breach
Summary: Hackers compromised the utility payment website of Lubbock, Texas, stealing sensitive financial information from over 12,000 individuals. This breach affected anyone who made utility payments during the timeframe of December 18, 2024, to January 6, 2025. City officials identified a malicious pop-up window that captured users’ payment card details without breaching the city’s internal network.…
Read More
Threat actors leverage tax season to deploy tax-themed phishing campaigns
As the tax season approaches in the U.S., Microsoft has noted an increase in phishing campaigns using tax-related themes to steal sensitive information and deploy malware. These campaigns exploit various techniques, including URL shorteners, QR codes, and legitimate file-hosting services to evade detection. The reported threats include credential theft linked to platforms like RaccoonO365 and various malware types such as Remcos and Latrodectus.…
Read More
Oracle privately confirms Cloud breach to customers
Summary: Oracle has confirmed a data breach involving legacy client credentials after attackers exploited vulnerabilities in 2017 systems, affecting user emails and hashed passwords. Despite Oracle’s claims that the breach did not impact Oracle Cloud, evidence suggests otherwise. Additionally, Oracle Health has also experienced a security incident that compromised patient data from U.S.…
Read More
Ivanti patches Connect Secure zero-day exploited since mid-March
Summary: Ivanti has issued security updates to address a critical remote code execution vulnerability (CVE-2025-22457) exploited by Chinese espionage actors to deploy malware. The vulnerability affects multiple Ivanti products, including older Pulse Connect Secure versions, and was initially misclassified as a bug. Users are urged to update to the latest versions to mitigate risks from active exploitation observed in the wild.…
Read More
Hackers hit Ukrainian state agencies, critical infrastructure with new ‘Wrecksteel’ malware
Summary: In March, Ukraine experienced at least three cyberattacks targeting government agencies and critical infrastructure, utilizing a new malware known as Wrecksteel. The attacks involved phishing emails that led to the extraction of sensitive data and screenshots from infected devices. Ukrainian cyber authorities linked these activities to a newly identified hacking group, UAC-0219, while also suggesting potential ties to Russian-backed cyber operations.…
Read More