In July of 2023, the U.S. Securities and Exchange Commission, commonly known as the SEC, adopted new rules necessitating the disclosure of material cybersecurity incidents and related risk management, strategy, and governance. One of the most notable requirements of the new regulations is that companies must report a cybersecurity incident within four business days after…
Read More
On August 14, 2023, the threat actor managing Raccoon Stealer announced the return of the tool after a six-month break, as well as an updated version 2.3.0 with updates based on “feedback and analysis of customer requirements and market trends.” Context On August 15, 2023, researchers at Cyberint reported technical details of a resurgent campaign…
Read More
Context On August 9, 2023, Akamai researchers reported a campaign they dubbed “Xurum,” which leverages the “patched critical security flaw (CVE-2022-24086, CVSS score: 9.8) in Adobe Commerce and Magento Open Source that, if successfully exploited, could lead to arbitrary code execution.” Technical Details Key takeaways from the Akamai report include: “We have observed activity in…
Read More
On August 9, 2023, researchers at Proofpoint reported the technical details of a campaign between March and June 2023 leveraging the EvilProxy Phishing as a Service (PaaS) tool to target executives at over 100 global firms with a combination of attacker in the middle (AiTM) and account takeover (ATO) tactics. Context Key takeaways from the…
Read More
Context On July 27, 2023, The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), U.S. Cybersecurity and Infrastructure Security Agency (CISA), and U.S. National Security Agency (NSA) released an advisory “to warn vendors, designers, and developers of web applications and organizations using web applications about insecure direct object reference (IDOR) vulnerabilities.” The advisory primarily consists…
Read More
Bidemi (Bid) Ologunde is an intel analyst at Expedia Group. We were able to talk with Bid about topics ranging from his own podcast and background to the future of cybersecurity. His opinions expressed are his personal opinions and do not reflect the views of Expedia Group. You are no stranger to podcasts as you…
Read More
Before publishing, Descope informed Microsoft, several “large vulnerable applications,” and two authentication platform providers of the issue and Microsoft has reportedly taken mitigating steps. Context On June 20, 2023, researchers at Descope reported the technical details of a security flaw in the Microsoft Azure Active Directory (AD) Open Authorization (OAuth) process they dubbed “n0Auth.” According…
Read More
On June 13, 2023, security researchers at Trellix reported the details of a new information stealing malware written in Golang that they dubbed “Skuld.” Context Since April 2023, Trellix researchers observed the malware active against unspecified targets in North America, Europe, and Southeast Asia. Technical Details According to the report, Skuld attempts to steal sensitive…
Read More
Rafia Noor is an information security engineer in the operation technology division at Colgate-Palmolive. We had an opportunity to sit down with Rafia to discuss her career path, intelligence sharing at RH-ISAC, and the trajectory of cybersecurity. Tell us a little about what you do at Colgate-Palmolive and what fills your day. Rafia: I…
Read More
On March 24, 2023, Proofpoint released their report, “Account Compromise, Financial Theft, and Supply Chain Attacks: Analyzing the Small and Medium Business APT Phishing Landscape in 2023.” Context The report provides insight into key trends in the increasing prevalence of sophisticated advanced persistent threats (APTs) targeting small and medium-sized businesses (SMBs). Key Takeaways Key points…
Read More
