By grigby1 

By grigby1 

By krahal

The world seems to twirl faster. We have recently enjoyed a rare solar eclipse and a visit by auroras. Mother Nature has also sent tornados—all within a few weeks. So too does cyber in the tech world, and perhaps even faster. The challenge is embracing and expanding the good and controlling the bad.

A new campaign targets Brazilian banks with "AllaSenha," a custom variant of the Windows-based "AllaKore" Remote Access Trojan (RAT). The malware uses Azure cloud as Command-and-Control (C2) infrastructure, according to the cybersecurity company HarfangLab. The attack begins with a malicious Windows shortcut (LNK) file posing as a PDF document hosted on a WebDAV server. This article continues to discuss findings regarding the new AllaKore RAT variant.

Security researchers at Patstack conducted a security audit recently of the Slider Revolution plugin and uncovered two significant vulnerabilities that could compromise the security of WordPress websites. Slider Revolution is a widely used premium plugin with over 9 million active users.  It was found to have an unauthenticated stored XSS vulnerability.  This flaw could allow unauthorized users to steal sensitive information and escalate privileges on WordPress sites with a single HTTP request.

Okta, a leading Identity and Access Management (IAM) company, warns that since April, credential stuffing attacks have targeted a Customer Identity Cloud (CIC) feature. Credential stuffing attacks involve threat actors creating large lists of usernames and passwords stolen in data breaches or by malware to break into online accounts. Okta found credential stuffing attacks targeting endpoints utilizing CIC's Cross-Origin Resource Sharing (CORS) feature. This article continues to discuss the credential stuffing attacks targeting Okta's CORS feature.

Sonatype has disclosed the malicious PyPI package "Pytoileur," which is designed to download and install trojanized Windows binaries that are capable of surveillance, commandeering persistence, and stealing cryptocurrency. This package is part of the "Cool package" campaign, an initiative to infiltrate the coding community. The recently published PyPI package "Pytoileur" was detected by an automated malware detection system operated by Sonatype. It had been downloaded 264 times since its release before Sonatype notified PyPI administrators to remove it.

According to Cado Security, current incident response is too time-consuming and manual, leaving organizations vulnerable to cyber threats. Enterprises rapidly deploy cloud and container-based technologies and adopt a multi-cloud strategy, complicating incident response. Incident response is crucial to organizations, but the report found widespread shortcomings that leave them vulnerable to delays in incident resolution and regulatory noncompliance. Before containing and investigating, 90 percent of organizations suffer damage.