Context APT37 is a known, sophisticated North Korean state-backed actor that has historically leveraged Internet Explorer zero-days to target North Korean defectors, government officials, journalists, and activists in South Korea. Technical Details CVE-2022-41128 was patched by Microsoft on November 8, 2022. According to Microsoft, “this vulnerability requires that a user with an affected version of…
Read More
I see so many people reference zero trust as a product, something that you achieve simply by plugging it into a network or installing it on a computer, but it is, in fact, quite the contrary. Zero trust is an action, a process in which you deny everything by default and only give access to…
Read More
On December 6, 2022, Microsoft researchers reported technical details of a campaign targeting cryptocurrency organizations globally using what they describe as complex tactics. Community Impact Many retail, travel, and hospitality organizations maintain financial relationships with cryptocurrency firms for business reasons or accept cryptocurrency as payment and maintain relationships with organizing firms for financial reasons. As…
Read More
Over the last few years, zero trust has become the latest buzzword in the security industry, right up there with digital transformation and shift left. For many, zero trust is seen as a marketing ploy, designed to sell yet another product. For others, zero trust is an abstract ideal with no clear implementation path. In…
Read More
Account takeover (ATO) and fake account generation attacks have become wildly successful in recent years, so much so that the FBI’s Cyber Division issued a recent warning to businesses about the growing threat of automated attacks. To better understand the current landscape as it pertains to retailers, Kasada analyzed the National Retail Federation’s (NRF) Top…
Read More
Context On November 20, 2020, the FIFA World Cup 2022 is scheduled to begin in Qatar. Multiple retail, hospitality, and travel organizations are involved in this event to varying degrees and on various fronts and may be affected, including: Organizations, especially hospitality organizations, with a presence in Qatar Organizations that handle sports betting Organizations that…
Read More
As we approach this 2022 holiday season, retailers will be faced with myriad pressures, some a continuation of market conditions from years past, others a bit more unexpected. Supply chain challenges remain, but instead of empty shelves, there’s a twist — driven by changing consumer preferences and buying behaviors. Red-hot categories like apparel and home…
Read More
On November 9, 2022, Trend Micro researchers reported two campaigns they attribute to a new threat group Earth Longzhi, which they assess is a subgroup of APT41. Context Trend Micro researchers based the assessed connection between the groups on shared targets, shared Cobalt Strike metadata, code similarities, and shared tactics, techniques, and procedures (TTPs). Impact…
Read More
The use of mobile phones is expanding worldwide, with approximately 6.65 billion currently in use. As smartphones become ubiquitous, an increasing number of the world’s e-commerce transactions are taking place on mobile devices, leading to the coining of the term “mcommerce” to describe the new method of shopping. eMarketer predicts that by 2024 nearly 70%…
Read More
On November 3, 2022, Sentinel Labs researchers published a report linking the Black Basta Ransomware group to FIN7 (also known as Carbanak) based on shared tactics, techniques, and procedures (TTPs) between Black Basta tools and FIN7 tools. Key Takeaways Key findings for the report include: SentinelLabs researchers describe Black Basta operational TTPs in full detail,…
Read More
