Threat Post

U.S. Water Utilities Prime Cyberattack Target, Experts

Water may be the greatest vulnerability in our national infrastructure, said Samantha Ravich, chair of CCTI. Much of the problem lies in just how decentralized water systems are, she explained.

Scammers Target NFT Discord Channel

Discord a public chat application designed for gamers has grown popular among crypto owners all over the world. Attackers are targeting the Discord servers of several popular nonfungible token (NFT) projects.

Cybergang Claims REvil is Back, Executes DDoS Attacks

The defunct REvil ransomware gang is claiming responsibility for a recent distributed denial of service (DDoS) campaign against a hospitality customer of cloud networking provider Akamai.

APTs Overwhelmingly Share Known Vulnerabilities Rather Than Attack O-Days

Of the 86 APTs that researchers investigated, only eight–Stealth Falcon, APT17, Equation, Dragonfly, Elderwood, FIN8, DarkHydrus and Rancor—exploited vulnerabilities that others didn’t, researchers found.

Malware Builder Leverages Discord Webhooks

Researchers discovered a simple malware builder designed to steal credentials, then pinging them to Discord webhooks. A Discord user with the handle “Portu” was found advertising this new password-stealing malware builder.

Bad Actors Are Maximizing Remote Everything

Bad actors are gaining access to more tools to help them pull off their nefarious deeds – like exploit kits. At the same time, the attack surface has rapidly expanded and continues to do so.

Protecting Against Container Threats in the Cloud

As adoption increases, so does the interest of cybercriminals. A June Red Hat survey found that a whopping 94 percent of respondents had suffered a Kubernetes security incident over the previous 12 months.

Attacker Breach ‘Dozens’ of GitHub Repos Using Stolen OAuth Tokens

GitHub shared the timeline of breaches in April 2022, this timeline encompasses the information related to when a threat actor gained access and stole private repositories belonging to dozens of organizations.

Firms Push for CVE-Like Cloud Bug System

Big gaps exist in the 22-year-old Common Vulnerability and Exposures (CVE) system that do not address dangerous flaws in cloud services that drive millions of apps and backend services.

Rethinking Cyber-Defense Strategies in the Public-Cloud Age

In a September 2021 report from the Cloud Security Alliance (CSA), nearly 70% of respondents reported that their company’s cloud security, IT operations, and developer teams are misaligned on security policies and/or enforcement strategies.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags