Just two months ago, researchers from Vienna conducted a study that revealed the abuse of dangling DNS records to hijack subdomains of numerous major organizations, highlighting the potential vulnerability of thousands of entities. The researchers targeted subdomains belonging to various government organizations, political parties, universities, media companies, and financial institutions. They managed to take control of these subdomains to demonstrate the risk associated with this vulnerability.

Patience is one of those time-dependent, and often situational circumstances we experience. Few things define relativity better than patience. Think of the impatience of people who have to wait ten minutes in a line at a gas station, yet the thought of waiting ten minutes for a perfectly brewed cup of coffee seems entirely reasonable. It can’t be about the cost, since even the smallest cup of coffee is equal to, if not more expensive than a gallon of gasoline.

An account takeover attack is a form of identity theft in which a cybercriminal takes over someone else’s online account. Cybercriminals steal a victim’s login credentials without them knowing through methods such as brute force attacks and phishing. Once the cybercriminal gains access to a victim’s account, they change the login credentials to prevent the victim from logging back in.

On September 4, 2023, CERT-UA revealed a meticulously planned cyberattack targeting Ukraine's critical energy infrastructure. The attack's modus operandi was distinct; it utilized deceptive emails containing bait links, luring victims into downloading a seemingly innocuous ZIP archive. This archive, however, harbored malicious files designed to hijack the victim's computer, redirecting data flows and exfiltrating sensitive information using services like mockbin.org and mocky.io.

In the last few weeks, Arctic Wolf Labs has noted an increase in threat activity targeting Okta as an attack vector. The relevant Techniques, Tools, and Procedures (TTPs) span across several different types of attacks. This bulletin will review several key aspects of these attacks.

The recent cyberattack on MGM Resorts International has raised serious concerns about the security of sensitive data and the vulnerabilities organizations face in today’s digital landscape. In this blog post, we will dive into the details of the attack based on the information currently available, analyze its root causes and discuss key takeaways to help organizations strengthen their security posture.

Malicious packages consist of software embedded with code that is capable of causing harm to an entire system or network. This is a rapidly growing threat affecting open-source software and the software supply chain. This attack method has seen a nearly 12,000% increase from 2022 to 2023, as reported by Synk. Some reasons include its technical feasibility, the potential for high returns, and the widespread distribution of open-source offerings, Common types of malicious packages encompass.

Many organizations today rely only on “unauthenticated” web application security scans, leaving their admin and user portals unchecked. While it is crucial to protect your system against external automated attacks, you shouldn’t ignore the possibility of a targeted attack from someone with valid logins. If your app lets anyone signup online, it could easily expose your business to attackers.

The latest MGM Resorts ransomware attack demonstrates why cyber insurance is critical as part of a multi-layered security strategy. In our last blog, we discussed the recent Las Vegas cyber incidents and how no organization is completely safe. The original cyber incident at MGM Resorts occurred on September 10, 2023 — nearly two weeks ago now – and the company and its valued customers are still feeling its effects.

Save The Children is an organization that specializes in helping children live healthy lives. The non-profit works in multiple countries, helping to provide for children's needs, especially in areas affected by war or tragedy. This organization was recently the target of a ransomware hacker group and suffered huge data losses as a result of that targeting.