Keypoints :
Silverfort’s research reveals a misconfiguration in Group Policy that allows NTLMv1 authentications to continue.…
Keypoints :
Single-page applications (SPAs) are popular for their dynamic interfaces but can introduce security vulnerabilities.…_blickwinkel_Alamy.jpg?disable=upscale&width=1200&height=630&fit=crop "1Password Acquires SaaS Access Management Provider Trelica")
Threat Actor: N/A | N/A Victim: N/A | N/A
Key Point :
1Password’s acquisition of Trelica strengthens its offerings in access management and security.…
Keypoints :
The Azure Machine Learning (AML) service is used for data processing and integrates with other Azure services.…Threat Actor: Cybercriminals | cybercriminals Victim: Organizations using Argo Workflows | organizations using Argo Workflows
Key Point :
Default Unauthenticated Access: Many instances lack authentication, allowing unrestricted access to workflows.…Threat Actor: ShinyHunters | ShinyHunters Victim: Snowflake | Snowflake
Key Point :
ShinyHunters exploited a misconfiguration to breach over 165 organizations, emphasizing the importance of proper security measures.…Summary :
Unit 42 researchers uncovered a phishing campaign targeting European companies, particularly in the automotive and chemical sectors, aiming to harvest Microsoft Azure credentials. The campaign peaked in June 2024, impacting around 20,000 users through malicious links and documents. #Phishing #CyberSecurity #CredentialHarvesting
Keypoints :
The phishing campaign targeted European companies, primarily in the automotive and chemical industries.…### #PhishingAsAService #AiTMattacks #CredentialTheft
Summary: A new phishing-as-a-service platform, ‘Rockstar 2FA,’ has emerged, enabling large-scale adversary-in-the-middle attacks to steal Microsoft 365 credentials by bypassing multifactor authentication. This service, which has gained traction in the cybercrime community, offers various features to facilitate phishing operations.
Threat Actor: Cybercriminals | Rockstar 2FA Victim: Microsoft 365 users | Microsoft 365
Key Point :
Rockstar 2FA allows attackers to intercept valid session cookies, enabling access to accounts even with MFA enabled.…Summary: This blog post discusses phishing techniques used by the threat actor 0ktapus to compromise cloud identities and outlines methods for investigating phishing campaigns. It provides a comprehensive framework for identifying phishing infrastructure and highlights the importance of ongoing vigilance in cybersecurity practices.
Threat Actor: 0ktapus | 0ktapus Victim: Various organizations | various organizations
Key Point :
0ktapus employs sophisticated phishing techniques, including smishing, vishing, and MFA fatigue, to target IT service desk workers and gain access to cloud environments.…Summary:
Phishing remains a prevalent tactic among threat actors, particularly in targeting cloud identities. This article explores various investigative techniques for analyzing phishing campaigns, with a focus on the 0ktapus threat actor. By examining their methods and infrastructure, the post aims to provide insights into detecting and mitigating future phishing attempts.…Summary: GitHub has issued security updates for GitHub Enterprise Server to fix two vulnerabilities, including a critical flaw that could allow attackers to bypass authentication. The most severe vulnerability, CVE-2024-9487, poses a significant risk due to improper verification in the SAML SSO authentication mechanism.
Threat Actor: Unknown | unknown Victim: GitHub Enterprise Server Users | GitHub Enterprise Server Users
Key Point :
The critical vulnerability (CVE-2024-9487) has a CVSS score of 9.5 and allows bypassing of SAML SSO authentication.…Summary: Microsoft has issued a warning about cyber attack campaigns that exploit legitimate file hosting services like SharePoint, OneDrive, and Dropbox to evade defenses and conduct various forms of fraud. These attacks utilize a method known as living-off-trusted-sites (LOTS) to compromise identities and facilitate business email compromise (BEC) schemes.…
AWS IAM Identity Center Tutorial Summary
Short SummaryThe video discusses how to level up your AWS skills by teaching viewers about AWS Identity Center, emphasizing its importance in cloud security and providing a step-by-step guide on its setup and integration with existing identity providers.
Key Points The demand for cloud security skills, particularly in AWS, is growing rapidly.…Short Summary:
Check Point Research has identified a cyber-enabled disinformation campaign, dubbed Operation MiddleFloor, targeting Moldova’s government and education sectors. The campaign, which began in early August, aims to influence the upcoming elections and referendum by spreading negative perceptions about European values and Moldova’s pro-European leadership through fake emails and documents.…
The article discusses a phishing campaign utilizing the Mamba 2FA phishing kit, which mimics Microsoft 365 login pages and employs advanced techniques to capture user credentials and multi-factor authentication (MFA) inputs. The campaign has shown significant evolution and commercialization, indicating a widespread threat to users of Microsoft services.…