The other week, BitSight published research identifying thousands of organizations using internet-facing and exposed webcams with many video and audio feeds susceptible to spying. The potential consequences are serious – an attacker could potentially view private activities and eavesdrop on sensitive conversations, presenting a variety of privacy and security concerns. Below are some of the screenshots BitSight captured from exposed devices (blurred for privacy).

According to CrowdStrike Report, a 50% increase has been analyzed in active intrusions and cyber-attacks in 2022. And the number may increase in 2023 too. With more and more applications becoming a target of hackers, it getting complex for developers to identify relevant security approaches. Development teams are somewhere unable to select the best mechanism, which would be compatible, high-performing, and strong enough to prevent attacks.

In our new threat briefing, Forescout’s Vedere Labs details tactics, techniques and procedures (TTPs) commonly adopted by ransomware groups and provides specific mitigation recommendations. In addition to basic cyber hygiene practices, we recommend using Forescout XDR for extended detection and response. Its 1,500+ detection rules cover hundreds of the TTPs most commonly used by ransomware.

Cross-site request forgery (CSRF) attacks are a form of cyberattack from malicious websites, emails, blogs, instant messages, or applications. This type of attack tricks the user's web browser into executing an unwanted action on a secure website. Browsers typically attach session cookies when making a request to a website. Thus, it becomes difficult for the site to differentiate between legitimate requests that are authorized and forged requests that have been authenticated.

Malicious packages are often spread by the open source NPM and PyPI package repositories, with few other repositories affected. Specifically – there was no public evidence of severe malicious activity in the NuGet repository other than spam packages used for spreading phishing links. As with other repositories, the JFrog Security Research team regularly monitors the NuGet repository for malicious packages, including manual analysis of suspicious code.

Silicon Valley Bank (SVB) experienced a rapid implosion last week after a historic bank run. While many are discussing the immediate financial impacts to the bank accounts — which were largely held by venture capitalists, investors, and technology business owners — and the larger impact on banking in general, it’s important to note that there will be a secondary impact. Hackers and scammers are going to take advantage of the confusion to launch a barrage of social engineering attacks.

The Minneapolis public school district includes approximately 100 primary and secondary public schools. Between the many different schools, approximately 36,000 students are served by about 1,500 teachers. The district is currently suffering from a ransomware attack supposedly and is being extorted for a $1 Million payment by a ransomware gang.

A major logistics company was hit by a ransomware attack at a time when it was reviewing and upgrading its cybersecurity defense. Kroll provided seamless incident response to enable the company to act quickly to mitigate and minimize the damage caused by the attack. The company also deployed Kroll Responder, Kroll’s award-winning Managed Detection and Response (MDR) solution, giving it comprehensive 24/7 visibility and management of threats and enhancing its long-term cyber resilience.

CrowdStrike has discovered the first-ever Dero cryptojacking operation targeting Kubernetes infrastructure. Dero is a relatively new and privacy-focused cryptocurrency that uses directed acyclic graph (DAG) technology to claim complete anonymity of its transactions. The combination of anonymity and the higher rewards ratio makes it potentially lucrative to cryptojacking groups compared to Monero, which is commonly used cryptocurrency by attackers or groups running miner operations.