Security News > 2022 > July

APT hacking groups and ransomware operations are moving away from Cobalt Strike to the newer Brute Ratel post-exploitation toolkit to evade detection by EDR and antivirus solutions. In 2020, Chetan Nayak, an ex-red teamer at Mandiant and CrowdStrike, released Brute Ratel Command and Control Center as an alternative to Cobalt Strike for red team penetration testing engagements.

Hotel giant Marriott International confirmed it was hit by another data breach after an unknown threat actor breached one of its properties and stole 20GB of files. "The threat actor used social engineering to trick one associate at a single Marriott hotel into providing access to the associate's computer. The threat actor did not impersonate any Marriott vendor."

Hotel giant Marriott International confirmed it was hit by another data breach after an unknown threat actor breached one of its properties and stole 20GB of files. "The threat actor used social engineering to trick one associate at a single Marriott hotel into providing access to the associate's computer. The threat actor did not impersonate any Marriott vendor."

Hotel giant Marriott International confirmed it was hit by another data breach after an unknown threat actor breached one of its properties and stole 20GB of files. "The threat actor used social engineering to trick one associate at a single Marriott hotel into providing access to the associate's computer. The threat actor did not impersonate any Marriott vendor."

NIST's post-quantum computing cryptography standard process is entering its final phases. For general encryption, used when we access secure websites, NIST has selected the CRYSTALS-Kyber algorithm.

What's the biggest threat to your business? Ransomware? A natural disaster? A critical infrastructure failure? That means understanding and protecting the data and applications your business relies on, including their complex interdependencies, as well as ensuring they're protected - and that your backups are protected too.

The FBI, CISA, and the U.S. Treasury Department issued today a joint advisory warning of North-Korean-backed threat actors using Maui ransomware in attacks against Healthcare and Public Health organizations. Starting in May 2021, the FBI has responded to and detected multiple Maui ransomware attacks impacting HPH Sector orgs across the U.S. "North Korean state-sponsored cyber actors used Maui ransomware in these incidents to encrypt servers responsible for healthcare services-including electronic health records services, diagnostics services, imaging services, and intranet services," the federal agencies revealed.

Researchers at ReversingLabs have uncovered evidence of a widespread software supply chain attack through malicious JavaScript packages picked up via NPM. NPM was acquired by Microsoft-owned GitHub in 2020 and has suffered from the odd issue or two over the years. The latest problem stems from typo-squatting, where an attacker offers up malicious packages with names similar to real packages.

Marriott Hotels has leaked data to attackers again and this time the culprits made off with 20GB of information, which reportedly included credit card info and internal company documents. The unnamed group behind the attack contacted privacy news site DataBreaches to share the news that it broke into a server at the Marriott hotel at Boston/Washington International Airport in Maryland late last month.

According to the Website Planet security team, a recent incident affected the Dodo Point loyalty point service platform and resulted in a huge exposure of personal data. Figure A. An Amazon bucket used by the company was not secured: No authentication protocol had been deployed, and no data encryption had been used on the storage, resulting in the exposure of around 73,000 files, representing over 38GB of data.