"Thousands of Apps Using AWS ALB Exposed to Attacks Due to Configuration Issue"

"Thousands of Apps Using AWS ALB Exposed to Attacks Due to Configuration Issue"

According to the application security company Miggo, about 15,000 apps that use Amazon Web Services' (AWS) Application Load Balancer (ALB) for authentication may be vulnerable to attacks. The attacks dubbed "ALBeast" stem from a critical configuration issue, not a vulnerability in the AWS ALB solution. AWS was informed of the possible risks in April, and since then, it has updated its documentation and added new code to help prevent ALBeast attacks. This article continues to discuss the vulnerability of thousands of apps using AWS ALB to ALBeast attacks.

Submitted by Gregory Rigby on

"New MoonPeak RAT Linked to North Korean Threat Group UAT-5394"

"New MoonPeak RAT Linked to North Korean Threat Group UAT-5394"

"MoonPeak," a newly discovered Remote Access Trojan (RAT) family, has been linked to the North Korean threat group "UAT-5394." Cisco Talos research shows that this sophisticated malware, based on the open source "XenoRAT," is actively being developed to avoid detection and improve functionality.

Submitted by Gregory Rigby on

2024 National Cybersecurity Education Colloquium

Submitted by Amy Karns on

Join us for the 2024 National Cybersecurity Education Colloquium (NCEC) in St. Louis, Missouri from October 7-10, 2024. The main goal is to tackle the increasing need for cybersecurity education, training, and workforce development in the nation. Please be aware that ELF participation is by invitation only and subject to approval. Reserve your spot by registering now! The registration deadline is September 17, 2024, at 11:59 p.m. ET.

 

2024 Rowdy Datathon

Submitted by Amy Karns on

The Rowdy Datathon is a weekend-long, overnight event focused on data science where students can network, learn about data science, code, and collaborate! Team up with other students to tackle a data science challenge for a chance to win prizes!

Attend workshops, mini events, socials, and network! Attendance is FREE and all meals, snacks, and drinks are provided. We welcome students from all disciplines, backgrounds, and technical levels!

"Arden Claims Service Reports Data Breach, 139,000 Affected"

"Arden Claims Service Reports Data Breach, 139,000 Affected"

Class action litigation claims administration firm Arden Claims Service recently started notifying about 139,000 individuals that their personal information was stolen during an October 2023 data breach.  The incident was discovered on October 17, when the firm noticed unusual activity in an email account.  During an investigation, the company found that  a third party “acquired certain data without authorization on or about October 3”.

Submitted by Adam Ekwall on

"Most Ransomware Attacks Now Happen at Night"

"Most Ransomware Attacks Now Happen at Night"

According to security researchers at Malwarebytes, most ransomware attacks now occur between 1 am and 5 am to catch cybersecurity teams off guard.  To compound the challenge for network defenders, the researchers claimed it takes less time than ever to complete the entire ransomware attack chain, from initial access to encryption.  The researchers noted that it used to take weeks to work through all these steps to conduct a successful ransomware attack, but now it takes only hours.

Submitted by Adam Ekwall on

"Healthcare Hit by a Fifth of Ransomware Incidents"

"Healthcare Hit by a Fifth of Ransomware Incidents"

According to security researchers at Barracuda Networks, more than a fifth (21%) of ransomware attacks targeted healthcare in the past 12 months, up from 18% in the previous year.  The researchers analyzed 200 reported ransomware incidents from August 2023 to July 2024 during the new study.  The researchers also found that local government municipalities are also a highly targeted sector, at 17%.  Ransomware incidents affecting the education sector fell from 18% in 2022-23 to 9% in 2023-24.

Submitted by Adam Ekwall on

"Computer Scientists Discover Vulnerabilities in a Popular Security Protocol"

"Computer Scientists Discover Vulnerabilities in a Popular Security Protocol"

The Remote Authentication Dial-In User Service (RADIUS) protocol, a widely used security protocol dating back to the days of dial-up Internet, has been found to contain vulnerabilities that leave many networked devices exposed to an attack and enable an adversary to gain control of traffic on an organization's network.

Submitted by Gregory Rigby on

Hacks & Hops

"Hacks & Hops is an information security event series hosted by FRSecure.  A far cry from your average IT conference, Hacks & Hops features engaging talks from industry-leading experts, bringing security professionals together to learn and network over food and craft brews."

"Cybercriminals Exploit File Sharing Services to Advance Phishing Attacks"

"Cybercriminals Exploit File Sharing Services to Advance Phishing Attacks"

According to Abnormal Security, threat actors are using popular file-hosting or e-signature solutions to trick victims into revealing private information or downloading malware. A file-sharing phishing attack involves a cybercriminal posing as a familiar colleague, file-hosting solution, or e-signature solution and sending a malicious email with a link to what seems to be a shared file or document. Clicking on the link starts the second phase of the attack, which may involve stealing login credentials or infecting the target's device with malware.

Submitted by Gregory Rigby on
Subscribe to