Cybersecurity analysts at FortiGuard Labs have warned of a significant uptick in cyber threats targeting the upcoming Paris 2024 Olympics. The researchers noted that cybercriminals have been intensifying their efforts for more than a year, gearing up with sophisticated tools and tactics aimed at exploiting the global event.  The researchers said there was a substantial surge in darknet activity, with an 80-90% increase observed between the second half of 2023 and the first half of 2024.  The researchers say they saw a huge increase in phishing kits tailored for the Olympics.

A threat actor recently released over 15 million email addresses associated with Trello accounts that were collected using an unsecured API in January.  Trello is an online project management tool owned by Atlassian.  Businesses commonly use it to organize data and tasks into boards, cards, and lists.  In January, a threat actor known as "emo" was selling profiles for 15,115,516 Trello members on a popular hacking forum.  The leaked data includes email addresses and public Trello account information, including the user's full name.

A research team led by faculty from Binghamton University's School of Management (SOM), in collaboration with scholars from Vietnam National University and Liverpool John Moores University, has been investigating whether there is a link between mass layoffs and data breaches. According to the study, layoffs increase stress or job insecurity for employees, making them more likely to engage in risky behaviors that leave their company vulnerable to data breaches. This article continues to discuss findings from the study "The Impacts of Layoffs Announcement on Cybersecurity Breaches."

Researchers have found a critical Remote Code Execution (RCE) vulnerability in the MHTML protocol handler, which the Advanced Persistent Threat (APT) group "Void Banshee" exploited. The APT group exploited the flaw in a sophisticated attack chain to steal sensitive data and achieve financial gain. This article continues to discuss findings regarding the exploitation of a critical RCE flaw within the MHTML protocol handler by the Void Banshee APT group.

Hackers have compromised multiple domain names registered with Squarespace, leaving several cryptocurrency platforms scrambling to regain control of their Domain Name System (DNS) records. The recent attacks impacted domains transferred to Squarespace after the domain registrar acquired domain registrations and customers from Google Domains in 2023. This article continues to discuss the exploitation of a flaw to hijack cryptocurrency domains migrated from Google Domains to Squarespace.

The US cybersecurity agency CISA recently urged federal agencies to patch a critical severity vulnerability in GeoServer as soon as possible, warning of evidence of active exploitation.  The bug is tracked as CVE-2024-36401 (CVSS score of 9.8) and is described as the unsafe evaluation of property names as XPath expressions, which could allow unauthenticated attackers to execute code remotely through crafted input against a default GeoServer installation.

A hacktivist group recently claimed to have stolen and leaked over a terabyte of data from Diseny's internal slack channels.  The 1.1 terabyte of data includes a complete 10,000 channel data dump that encompasses files, messages, unreleased projects, raw images, and code.  The group also claims to have stolen some logins, links to internal API/web pages, and more.  Disney has confirmed to BBC that it is now investigating the hack.  The attacker, NullBulge, claims to be a hacktivist group protecting artists' rights and ensuring fair compensation for their work. 

Reconnaissance is one of the most time-consuming parts of network attack planning for adversaries. As Application Programming Interfaces (APIs) are exposed to the public, attackers spend less time finding attack vectors into the API's network, making APIs an easier target for breaches. If poorly designed, APIs can increase a network's attack surface and cause serious security issues. Since microservice architectures are increasingly replacing monolithic software architectures, APIs are more common than ever.