Singapore cyber defenders fight simulated attacks on AI-enabled systems in 4-day exercise

More technology is moving onto the cloud – meaning its data is hosted on remote servers rather than on personal devices – and integrating artificial intelligence (AI), which opens it up to new kinds of malicious attacks. To improve Singapore’s Read More …

CVE-2024-9379: Ivanti Cloud Service Appliance Authenticated SQL Injection

The SonicWall Capture Labs threat research team became aware of an authenticated SQL injection vulnerability affecting Ivanti Cloud Service Appliances (CSA). Identified as CVE-2024-9379 and with a moderate score of 6.5 CVSSv3, the vulnerability is more severe than it initially Read More …

Code Injection in Spring Cloud: CVE-2024-37084

The SonicWall Capture Labs threat research team became aware of the threat CVE-2024-37084, assessed its impact, and developed mitigation measures for this vulnerability. CVE-2024-37084 is a critical vulnerability affecting Spring Cloud Data Flow versions 2.11.0 through 2.11.3. A malicious user Read More …

Fake LockBit, Real Damage: Ransomware Samples Abuse AWS S3 to Steal Data

From infostealer development to data exfiltration, cloud service providers are increasingly being abused by threat actors for malicious schemes. While in this case the ransomware samples we examined contained hard coded AWS credentials, this is specific to this single threat Read More …

Burning Zero Days: Suspected Nation-State Adversary Targets Ivanti CSA

Today FortiGuard Labs is releasing this blog post about a case where an advanced adversary was observed exploiting three vulnerabilities affecting the Ivanti Cloud Services Appliance (CSA). At the time of the investigation, two out of the three identified vulnerabilities Read More …

Awareness of Cyber Risks to Healthcare Organizations is not Always Translating to Adequate Protections

Despite growing awareness and widespread acknowledgment of the impact of cyber threats facing the healthcare industry, many within it are still struggling to keep them at bay. The third annual Ponemon Institute Report, commissioned by Proofpoint, found that 92% of Read More …

Storm-0501: Ransomware attacks expanding to hybrid cloud environments

Microsoft has observed the threat actor tracked as Storm-0501 launching a multi-staged attack where they compromised hybrid cloud environments and performed lateral movement from on-premises to cloud environment, leading to data exfiltration, credential theft, tampering, persistent backdoor access, and ransomware Read More …

AT&T to pay $13 million to settle FCC probe over cloud data breach

AT&T has agreed to pay $13 million to settle a federal investigation into whether the mobile phone service provider failed to protect customer information in connection with a data breach last year, the Federal Communications Commission said Tuesday. The FCC’s Read More …

Fortinet confirms data breach after allegedly refusing to pay ransom

In an announcement posted on Fortinet’s website, the company said that someone gained access to a “limited number of files” stored on its instance of an unnamed third-party cloud-based shared file drive. The files included “limited data related to a Read More …