How We Broke the Cloud With Two Lines of Code: The Full Story of Chaosdb
Wiz Research Team disclosed technical details about the discovery of the ChaosDB vulnerability in Azure Cosmos DB database solution.
Source: https://QUE.com
In August, 2021 the Wiz Research Team disclosed ChaosDB – a severe vulnerability in the popular Azure Cosmos DB database solution that allowed for complete, unrestricted access to the accounts and databases of several thousand Microsoft Azure customers, including many Fortune 500 companies. This vulnerability was so severe that we didn’t want to share the full extent of it until enough time had passed to properly mitigate it. Today, at BlackHat Europe 2021, the team shared all of the technical details behind ChaosDB for the first time. We want to provide a summary of what was discussed, and share the full extent of ChaosDB, the impact it had, and the questions it raises about security in managed cloud services.
continue reading: https://securityaffairs.co/wordpress/124510/hacking/chaosdb-flaw-technical-details.html
Pentagon Set to Open Zero Trust Office in December
The US Department of Defense is stepping up its cybersecurity efforts with a dedicated Zero Trust office set to open next month, according to a senior official.
Pentagon CISO, David McKeown, said at the CyberCon event this week that the office would report into the CIO, although the senior executive in charge has not yet been named.
Leadership buy-in to Zero Trust has helped to accelerate the opening, which can be seen in part as a response to the SolarWinds campaign in which nine federal government departments were compromised by Russian spies.
continue reading: https://www.infosecurity-magazine.com/news/pentagon-open-zero-trust-office/
Murder-for-Hire, Money Laundering, and More: How Organised Criminals Work Online
Europol has released an extensive report into serious and organized crime, including how these groups use the internet to aid in their criminal behaviour.
Europol is the European Union’s (EU) law enforcement agency and it assists the EU Member States in their fight against serious international crime and terrorism. We’ll often mention them when we tell you that cybercriminals have been arrested in international cooperation between law enforcement agencies, such as the FBI, DEA, and other US agencies.
continue reading: https://blog.malwarebytes.com/reports/2021/11/murder-for-hire-money-laundering-and-more-how-organised-criminals-work-online/
Threat Actors Add Johnson Memorial Health to Dark Web Leak Site
The hackers gained access to the hospital’s network at 10:31 p.m. Friday and installed ransomware by 10:33 p.m. The hospital’s IT team discovered the attack within about 15 minutes and immediately shut down the system, said Dr. David Dunkle, the hospital’s president and CEO.
continue reading: https://www.databreaches.net/threat-actors-add-johnson-memorial-health-to-dark-web-leak-site/
Israeli Cyber Unit Action Removes Black Shadow Iran-affiliated Hacking Website
The Israeli Cyber Unit, part of the State Prosecution Office, led the removal of a website belonging to the Black Shadow Iranian-affiliated hacking website after it targeted a number of Israeli websites, Walla reported on Thursday.
“The removal of the site means a significant reduction to expose personal materials publicized by Black Shadow, a hacking group affiliated with Iran that has operated against Israeli sites in the past two years,” said the report.
continue reading: https://www.jns.org/israeli-cyber-unit-action-removes-black-shadow-iran-affiliated-hacking-website/
The BotenaGo Botnet Targets IoT Devices
AT&T Alien Labs™ has found new malware written in the open source programming language Golang. Deployed with more than 30 exploits, it has the potential of targeting millions of routers and IoT devices.
Key Takeaways:
BotenaGo has more than 30 different exploit functions to attack a target.
The malware creates a backdoor and waits to either receive a target to attack from a remote operator through port 19412 or from another related module running on the same machine.
It is yet unclear which threat actor is behind the malware and number of infected devices.
Threat Spotlight: Bait attacks
As attackers work to make their phishing attacks more targeted and effective, they’ve started researching potential victims, working to collect information that will help them improve the odds that their attacks will succeed. Bait attacks are one technique attackers are using to test out email addresses and see who’s willing to respond.
Based on analysis by Barracuda researchers, just over 35% of the 10,500 organizations analyzed were targeted by at least one bait attack in September 2021, with an average of three distinct mailboxes per company receiving one of these messages.
continue reading: https://blog.barracuda.com/2021/11/10/threat-spotlight-bait-attacks/
Read more Cyber Security News at https://que.com/tag/cybersecurity/
Thank you for reading. Stay safe and stay healthy.
@Yehey [ Witness ]