WEEKLY CYBERSECURITY NEWSLETTER NO: 262
#Weekly Cybersecurity Tip: Know your threats and perform some threat modeling exercises!
Apr 10, 2023 12:00 pm
1- Watering Hole Attacks Push ScanBox Keylogger
A China-based threat actor has ramped up efforts to distribute the ScanBox reconnaissance framework to victims that include domestic Australian organizations and offshore energy firms in the South China Sea. The bait used by the advanced threat group (APT) is targeted messages that supposedly link b...
Read More2- New Research Examines Traffers and the Business of Stolen Credentials
Today, Outpost24 released a new report revealing the underground operation of Traffers, cybercriminal organisations reshaping the business of stolen credentials. The Rising Threat of Traffers report, compiled by Outpost24’s Threat Intelligence team, KrakenLabs, provides a deep dive into the credenti...
Read More3- GUEST ESSAY: Why CISOs absolutely must take authentication secrets much more seriously
The IT world relies on digital authentication credentials, such as API keys, certificates, and tokens, to securely connect applications, services, and infrastructures. Related: The coming of agile cryptography These secrets work similarly to passwords, allowing systems to interact with one another. ...
Read More4- Security Vulnerabilities in Snipping Tools
Both Google’s Pixel’s Markup Tool and the Windows Snipping Tool have vulnerabilities that allow people to partially recover content that was edited out of images. ...
Read More