The Sysdig Threat Research Team (TRT) continued observation of the SSH-Snake threat actor we first identified in February 2024. New discoveries showed that the threat actor behind the initial attack expanded its operations greatly, justifying an identifier to further track and report on the actor and campaigns: CRYSTALRAY. This actor previously leveraged the SSH-Snake open source software (OSS) penetration testing tool during a campaign exploiting Confluence vulnerabilities.

Over the last five to ten years cybersecurity has become a boardroom subject in the majority of enterprises. This would have never happened without ransomware. Ransomware has been the best board-level awareness tool ever.

For both white-hat and black-hat operators, the infamous “RockYou” lists have been a staple of the cyber-security landscape for well over a decade. They are lists of passwords, compiled and repeatedly expanded upon with data leaked over the years to form, in its most recent iteration, a list of approximately 10 billion plain-text passwords.

Let’s catch up on the more interesting vulnerability disclosures and cyber security news gathered from articles across the web this week. This is what we have been reading about on our coffee break! A couple of real nasty Open Source issues in the past week. The first and most recent is Ghostscript. Could well be a lot of SaaS products affected.

Monitoring and auditing are critical components of cybersecurity, designed to detect and prevent malicious activities. Monitoring involves real-time observation of system activities, while auditing entails a systematic review of logs and interactions. Large Language Models (LLMs), such as GPT-4, are increasingly integrated into various applications, making them attractive targets for cyber threats.

Read Also: Four cybercrime ring members arrested for hacking government websites, teen gets one year in prison for hacking teacher’s laptop, and more.

The business world continues to move to a knowledge-worker-based economy. Companies derive less and less value from widgets and more from the processes, ideas, and innovations they create — their intellectual property (IP). But IP needs to be protected. IP theft is the appropriation of unique ideas, inventions, or theft of trade secrets, usually by malicious insiders.

Over the last twelve months, the Internet security landscape has changed dramatically. Geopolitical uncertainty, coupled with an active 2024 voting season in many countries across the world, has led to a substantial increase in malicious traffic activity across the Internet. In this report, we take a look at Cloudflare’s perspective on Internet application security. This report is the fourth edition of our Application Security Report and is an official update to our Q2 2023 report.

Over 100,000 websites fell victim to a recent web supply chain attack through the Polyfill JavaScript library. This incident underscores significant vulnerabilities in third-party script integration across the web. This article covers what Polyfill does, why it’s now a threat, and the steps you should take if your website relies on it.

Learn about the basics of employee experience, including how technology influences employee satisfaction and the need to enhance digital workspaces to create happier, more productive teams.