Saturday, July 20, 2024

Critical Memory Corruption In Cloud Logging Infrastructure Enables Code Execution Attack

Fluent Bit, a widely used open-source data collector and processor, has been found to have a major memory loss flaw.Many big cloud providers use...

New LLMjacking Used Stolen Cloud Credentials to Attack Cloud LLM Servers

Researchers have identified a new form of cyberattack termed "LLMjacking," which exploits stolen cloud credentials to hijack cloud-hosted large language models (LLMs).This sophisticated attack...

Attackers Leverage Sidecar Container Injection Technique To Stay Stealthy

Kubernetes (K8s) is an open-source container orchestration platform designed to automate application container deployment, scaling, and running. Containers are isolated software packages that are lightweight...

Ahoi Attacks – New Attack Breaking VMs With Malicious Interrupts

Ahoy, which is often associated with communicating to ships, has now been playfully adopted in pirate language.We coin 'Ahoi,' an anagram of 'Iago,'...

DarkGate Malware Abusing Cloud Storage & SEO Following Delivery Over Teams

DarkGate loader delivery surged after the Qakbot takedown, with financially motivated actors like TA577 and ransomware groups (BianLian, Black Basta) using it to target...

Microsoft To Ban 50+ Products For Users In Russia

Softline Group, a major IT solutions provider, has confirmed the suspension of access to cloud products offered by Microsoft, Amazon, and Google for Russian...

Microsoft Notifies of Major Domain Change With Teams is Coming

In April 2023, Microsoft announced that it would be undertaking a multi-year effort to reduce domain fragmentation among authenticated, user-facing Microsoft 365 apps and services by...

CloudGrappler: Open Source Tool that Detects Hacking Activity

CloudGrappler is an innovative open-source tool designed to detect the presence of notorious threat actors in cloud environments.This tool is a beacon of...
NSP Top Ten Cloud Security Practices

NSA Releases Top Ten Best Practices For Cloud Environments

Threat actors aim at Cloud environments because of their wide acceptance and one-stop storage of important information. Exploiting shortcomings in cloud security may enable unauthorized...

New OilRig Downloaders Abusing Microsoft Cloud APIs for C&C Communications

Threat actors engage in cyberespionage to gain the following advantages:-StrategicPoliticalEconomicMilitaryHackers do so by stealing the following key things from the targeted organizations or nations:-Confidential...

Managed WAF protection


Recent Articles