Security News > 2023 > February

With that said, application security and API security are two critical components of a comprehensive security strategy. To be clear, API Security is different enough from 'traditional' Application Security that it requires specific consideration.

The threat actor known as Blind Eagle has been linked to a new campaign targeting various key industries in Colombia. Blind Eagle, also known as APT-C-36, was recently covered by Check Point Research, detailing the adversary's advanced toolset comprising Meterpreter payloads that are delivered via spear-phishing emails.

The miscreants who infiltrated News Corporation's corporate IT network spent two years in the media monolith's system before being detected early last year. The super-corp, which owns The Wall Street Journal, New York Post, UK publications including The Sunday Times, and a broad array of other entities around the world, first reported the intrusion in February 2022, saying the snoops got into email accounts and gained access to employees' data and business documents.

A series of distributed-denial-of-service attacks shut down nine Danish hospitals' websites for a few hours on Sunday, but did not have any life-threatening impact on the medical centers' operations or digital infrastructure. "Region H the hospitals' websites are down," it read, in Danish.

The US Marshals Service, the enforcement branch of the nation's federal courts, has admitted to a "Major" breach of its information security defenses allowed a ransomware infection and exfiltration of "Law-enforcement sensitive information". NBC broke news of the incident, which Marshals Service spokesperson Drew Wade described as having impacted a system that "Contains law enforcement sensitive information, including returns from legal process, administrative information, and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees."

The U.S. Cybersecurity and Infrastructure Security Agency has added a high-severity flaw affecting the ZK Framework to its Known Exploited Vulnerabilities catalog based on evidence of active exploitation. Tracked as CVE-2022-36537, the issue impacts ZK Framework versions 9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2, and 8.6.4.1, and allows threat actors to retrieve sensitive information via specially crafted requests.

LastPass, which in December 2022 disclosed a severe data breach that allowed threat actors to access encrypted password vaults, said it happened as a result of the same adversary launching a second attack on its systems. "The threat actor leveraged information stolen during the first incident, information available from a third-party data breach, and a vulnerability in a third-party media software package to launch a coordinated second attack," the password management service said.

After working strictly in the cloud with industry-leading enterprises for the past six years, I've seen it all and can sympathize with CISOs facing cloud security challenges. The overall risk level in key areas such as cloud security posture management, cloud infrastructure entitlement management, cloud workload protection platform and data are considered "High"' While a few organizations were at only a "Medium" level in some areas, none were at "Low" risk.

BEC attacks have become increasingly prevalent in recent years, with cybercriminals using a variety of tactics to gain access to sensitive information and steal money from businesses. While many people may assume that these attacks are primarily an English language phenomenon, the truth is that they can occur in multiple languages.

While these SaaS-to-SaaS connections provide enhanced features that boost workflow efficiency, they also give permission for apps to read, update, create, delete, or otherwise engage with corporate and personal data. In its report, Adaptive Shield identifies how many SaaS apps are being connected to the core SaaS stack, specifically Microsoft 365 and Google Workspace and business-critical apps such as Salesforce and Slack, the types of permissions being granted to these applications, and the risk level these apps present.