Okta, a leading Identity and Access Management (IAM) company, warns that since April, credential stuffing attacks have targeted a Customer Identity Cloud (CIC) feature. Credential stuffing attacks involve threat actors creating large lists of usernames and passwords stolen in data breaches or by malware to break into online accounts. Okta found credential stuffing attacks targeting endpoints utilizing CIC's Cross-Origin Resource Sharing (CORS) feature. This article continues to discuss the credential stuffing attacks targeting Okta's CORS feature.

Sonatype has disclosed the malicious PyPI package "Pytoileur," which is designed to download and install trojanized Windows binaries that are capable of surveillance, commandeering persistence, and stealing cryptocurrency. This package is part of the "Cool package" campaign, an initiative to infiltrate the coding community. The recently published PyPI package "Pytoileur" was detected by an automated malware detection system operated by Sonatype. It had been downloaded 264 times since its release before Sonatype notified PyPI administrators to remove it.

According to Cado Security, current incident response is too time-consuming and manual, leaving organizations vulnerable to cyber threats. Enterprises rapidly deploy cloud and container-based technologies and adopt a multi-cloud strategy, complicating incident response. Incident response is crucial to organizations, but the report found widespread shortcomings that leave them vulnerable to delays in incident resolution and regulatory noncompliance. Before containing and investigating, 90 percent of organizations suffer damage.

​First American Financial Corporation, the second-largest title insurance company in the United States, recently revealed that a December cyberattack led to a breach impacting 44,000 individuals.  On December 21, 2023, the company provided very few details regarding the nature of the incident and was forced to take some of its systems offline to contain the impact of the cyberattack.  Five months later, the title insurance provider disclosed in a filing with the U.S.

The Treasury Department recently announced sanctions against three Chinese nationals accused of creating and operating a botnet named 911 S5. The Treasury's Office of Foreign Assets Control (OFAC) has designated Yunhe Wang, Jingping Liu, and Yanni Zheng, as well as Spicy Code Company Limited, Tulip Biz Pattaya Group Company Limited, and Lily Suites Company Limited, which are Thailand-based companies that are allegedly owned or controlled by Wang. According to the Department of Justice (DoJ), Wang was the primary administrator of 911 S5, while Liu was responsible for laundering cri

The Internet Archive has been hit with Distributed Denial-of-Service (DDoS) attacks. The non-profit research library offers free access to millions of historical documents, preserved websites, and media content. Since May 26, the site has received tens of thousands of fake information requests per second, forcing it offline intermittently for the past three days. The DDoS attacks have also impacted access to the Internet Archive Wayback Machine that preserves the history of over 866 billion web pages.

Microsoft reports that a new North Korean threat actor called "Moonstone Sleet" (formerly "Storm-1789") is attacking education, the Defense Industrial Base (DIB), Information Technology (IT) companies, and more to conduct espionage and generate revenue. Moonstone Sleet, a state-sponsored group, has become a well-resourced adversary by combining tactics, techniques, and procedures (TTPs) from other North Korean threat actors with its own. This article continues to discuss findings regarding Moonstone Sleet.

By aekwall 

The National Institute of Standards and Technology (NIST) is launching a Testing, Evaluation, Validation, and Verification (TEVV) program to improve understanding of Artificial Intelligence (AI) capabilities and impacts. The objective of the "Assessing Risks and Impacts of AI" (ARIA) program is to help organizations and individuals determine whether a specific AI technology will be valid, reliable, safe, secure, private, and fair upon deployment.

The US Treasury Department sanctioned three Chinese nationals and three Thailand-based companies linked to a botnet controlling a residential proxy service called "911 S5." About two years ago, researchers at the Canadian University of Sherbrooke discovered that this illegitimate residential proxy service offered free Virtual Private Network (VPN) services as a lure to install malware that adds potential victims' IP addresses to the 911 S5 botnet.