Security News
Advance Auto Parts' CISO just revealed for the first time the number of individuals affected when criminals broke into its Snowflake instance - a hefty 2.3 million. Steiger's letter also said Advance Auto Parts became aware of the intrusion on May 23, but now understands that the cybercriminal(s) behind the attack maintained access to its Snowflake instance between April 14 and May 24.
Do you use Authy for your multi-factor authentication needs? If you do, you should keep an eye out for phishing attempts, as well as implement defenses against SIM swapping attacks. On July 1, Twilio - the company that develops the Authy MFA mobile app - shared with the public that attackers have leveraged one of its unauthenticated API endpoints to compile a list of phone numbers and other data belonging to Authy users.
The China-linked advanced persistent threat group codenamed APT41 is suspected to be using an "Advanced and upgraded version" of a known malware called StealthVector to deliver a previously undocumented backdoor dubbed MoonWalk. The new variant of StealthVector - which is also referred to as DUSTPAN - has been codenamed DodgeBox by Zscaler ThreatLabz, which discovered the loader strain in April 2024.
Small to medium-sized organizations often lack the resources and expertise for robust privileged identity management. Recognizing the demand for accessible solutions, these vendors provide affordable options tailored to organizations aiming to meet stringent compliance standards or enhance security practices, requiring minimal installation and maintenance to gain full access controls.
Garg's former roommate, identified as "Victim 1" in court documents, received thousands of threatening emails, phone calls, texts, and social media messages in which Garg threatened to murder, torture, and rape her. Garg then targeted that victim's uncle - the attorney who represented her in obtaining the protection order - plus her boyfriend, a Seattle police detective who investigated the threats, and the deputy prosecuting attorney working on Garg's stalking case.
Spanish language victims are the target of an email phishing campaign that delivers a new remote access trojan called Poco RAT since at least February 2024. Infection chains begin with phishing messages bearing finance-themed lures that trick recipients into clicking on an embedded URL pointing to a 7-Zip archive file hosted on Google Drive.
TL;DR: Train for highly respected CompTIA certifications recognized by IT departments worldwide with The Complete 2024 CompTIA Course Super Bundle by IDUNOVA while the price has been dropped to just $50. Starting an IT career is probably not nearly as difficult as you might imagine. With this bundle, you can train at your own pace to prepare for valuable IT certifications with The Complete 2024 CompTIA Course Super Bundle by IDUNOVA for just $49.97.
Another new ransomware gang, this one dubbed EstateRansomware, is exploiting a Veeam vulnerability that was patched more than a year ago to drop file-encrypting malware, a LockBit variant, and extort payments from victims. Veeam fixed the flaw, tracked as CVE-2023-27532, in March 2023 for versions 12/11a and later of its backup and replication software.
The Japanese Space Exploration Agency discovered it was under attack using zero-day exploits while working with Microsoft to probe a 2023 cyberattack on its systems. Then there's the mention of zero-day attacks in the last sentence of a section about countermeasures like closer network monitoring and improve remote access security the agency adopted.
The vulnerability in question is CVE-2024-4577, which allows an attacker to remotely execute malicious commands on Windows systems using Chinese and Japanese language locales. The disclosure comes as Cloudflare said it recorded a 20% year-over-year increase in DDoS attacks in the second quarter of 2024, and that it mitigated 8.5 million DDoS attacks during the first six months.