CData software company reported that 68% of IT workers feel overwhelmed by the number of technical resources that are required to access the data they need to work, and 81% believe other employees at their organization feel the same. The report found that increasing data requests overwhelm IT teams, but security concerns hinder their ability to provide employees with access to timely data and the majority of Ops professionals feel that they are prohibited from accessing the data they need to make quick business decisions, which can lead to bad practices that impact the business’ ability to quickly grow revenue and improve operational efficiency.
The top three challenges preventing IT employees at organizations from most effectively providing other teams with relevant data include:
1. security controls around data (61%),
2. limited access to operational data itself (47%) and
3. challenges to data sharing (46%).
The Redmond, Wash. software giant said the APT group, known as Midnight Blizzard/Nobelium, used a password spray attack to compromise a legacy non-production test tenant account and gain a foothold and then used the account’s permissions to access a tiny percentage of Microsoft corporate email accounts
“[They] exfiltrated some emails and attached documents,” Microsoft said in a filing with the Securities and Exchange Commission (SEC).
The company said its security team detected the nation-state attack on its corporate systems on January 12, 2024, and traced the infection back to November 2023.
The company said members of its senior leadership team were among the victims. It noted that the hackers initially targeted email accounts for information related to Redmond’s knowledge of the APT operation.
This event underscores the importance of robust cybersecurity measures, especially for high-ranking officials who may be targeted for their access to sensitive information. It’s a reminder that even large, tech-savvy corporations are not immune to cyber-attacks.
.
Security researchers have discovered two malicious packages on the npm open source package manager that used GitHub to store stolen Base64-encrypted SSH keys from developer systems. The packages, named warbeast2000 and kodiak2k, have been removed from npm. The attack trend involves cybercriminals exploiting open source package managers for malicious software supply chain campaigns, with a reported 1300% increase in malicious packages between 2020 and the end of 2023. Both packages exhibited malicious behavior, with warbeast2000 uploading stolen SSH keys to a GitHub repository, and kodiak2k having additional functionalities, including invoking the Mimikatz hacking tool. ReversingLabs warned of the threat to SSH keys, potentially compromising GitHub repositories and proprietary code. Despite limited impact, concerns arise about malicious actors increasingly relying on open source software and platforms like GitHub for hosting components of malicious command-and-control infrastructure. The advisory recommends developers conduct security assessments before incorporating software from package managers.
IOS 17.3 and Sonoma 14.3 had fixed at least 16 vulnerabilities that would end up exposing apple users to code execution, denial of service and data exposure attacks. No technical details were released but the Cupertino company called to attention some defects that had already exploited some zero-day attacks. If you process maliciously crafted web content it could lead to arbitrary code execution. A person that can be affected by this code is by clicking on a link on the internet that is designed to harm your device. One way to get this solution fixed would be to contact apple support with your problem and what you have experienced.
The news describes a significant data breach at Xfinity, affecting approximately 36 million customers. The breach, resulting from a vulnerability in Citrix software used by Xfinity, led to unauthorized access to internal systems. Personal information such as usernames, hashed passwords, and potentially other sensitive data like contact details and partial Social Security numbers were compromised. Xfinity has advised customers to reset their passwords and enable two-factor authentication for added security.
The article explores “Spire,” a developed software created by Johns Hopkins University to safeguard the U.S. Power grid, against cyberattacks. After being tested in Hawaii Spire demonstrated its ability to withstand hacking attempts raising hopes, for maintaining power grid operations in the face of cyber threats. This software is a part of initiatives to enhance the security of national infrastructure. https://hub.jhu.edu/2018/02/21/hacker-resistant-software-hawaii-power-grid/
Subway is conducting an investigation following a claim by the LockBit ransomware group that they successfully hacked into the company’s systems and accessed extensive information. The cybercriminals announced on Subway’s website that they extracted data from their internal system, containing substantial amounts of financial data such as employee salaries, franchise royalty payments, and restaurant turnovers. The group threatens to sell the information to competitors if a ransom is not paid by Subway before February 2. Subway, with around 20,000 global locations and over 400,000 employees, is currently assessing the validity of the claim, and the incident highlights the ongoing challenges posed by ransomware attacks on large organizations.
New Study Finds That IT Overload and Security Concerns Remain Major Barriers to Timely Data Access and Decision-Making
https://www.cdata.com/company/press/missing-link-for-it-study-2024/
CData software company reported that 68% of IT workers feel overwhelmed by the number of technical resources that are required to access the data they need to work, and 81% believe other employees at their organization feel the same. The report found that increasing data requests overwhelm IT teams, but security concerns hinder their ability to provide employees with access to timely data and the majority of Ops professionals feel that they are prohibited from accessing the data they need to make quick business decisions, which can lead to bad practices that impact the business’ ability to quickly grow revenue and improve operational efficiency.
The top three challenges preventing IT employees at organizations from most effectively providing other teams with relevant data include:
1. security controls around data (61%),
2. limited access to operational data itself (47%) and
3. challenges to data sharing (46%).
Microsoft Says Russian Gov Hackers Stole Email Data from Senior Execs
https://www.securityweek.com/microsoft-says-russian-gov-hackers-stole-email-data-from-senior-execs/
The Redmond, Wash. software giant said the APT group, known as Midnight Blizzard/Nobelium, used a password spray attack to compromise a legacy non-production test tenant account and gain a foothold and then used the account’s permissions to access a tiny percentage of Microsoft corporate email accounts
“[They] exfiltrated some emails and attached documents,” Microsoft said in a filing with the Securities and Exchange Commission (SEC).
The company said its security team detected the nation-state attack on its corporate systems on January 12, 2024, and traced the infection back to November 2023.
The company said members of its senior leadership team were among the victims. It noted that the hackers initially targeted email accounts for information related to Redmond’s knowledge of the APT operation.
This event underscores the importance of robust cybersecurity measures, especially for high-ranking officials who may be targeted for their access to sensitive information. It’s a reminder that even large, tech-savvy corporations are not immune to cyber-attacks.
.
Malicious npm Packages Used to Target GitHub Developer SSH Keys
https://www.infosecurity-magazine.com/news/npm-packages-target-github-ssh-keys/
Security researchers have discovered two malicious packages on the npm open source package manager that used GitHub to store stolen Base64-encrypted SSH keys from developer systems. The packages, named warbeast2000 and kodiak2k, have been removed from npm. The attack trend involves cybercriminals exploiting open source package managers for malicious software supply chain campaigns, with a reported 1300% increase in malicious packages between 2020 and the end of 2023. Both packages exhibited malicious behavior, with warbeast2000 uploading stolen SSH keys to a GitHub repository, and kodiak2k having additional functionalities, including invoking the Mimikatz hacking tool. ReversingLabs warned of the threat to SSH keys, potentially compromising GitHub repositories and proprietary code. Despite limited impact, concerns arise about malicious actors increasingly relying on open source software and platforms like GitHub for hosting components of malicious command-and-control infrastructure. The advisory recommends developers conduct security assessments before incorporating software from package managers.
https://www.securityweek.com/apple-ships-ios-17-3-warns-of-webkit-zero-day-exploitation/
IOS 17.3 and Sonoma 14.3 had fixed at least 16 vulnerabilities that would end up exposing apple users to code execution, denial of service and data exposure attacks. No technical details were released but the Cupertino company called to attention some defects that had already exploited some zero-day attacks. If you process maliciously crafted web content it could lead to arbitrary code execution. A person that can be affected by this code is by clicking on a link on the internet that is designed to harm your device. One way to get this solution fixed would be to contact apple support with your problem and what you have experienced.
The news describes a significant data breach at Xfinity, affecting approximately 36 million customers. The breach, resulting from a vulnerability in Citrix software used by Xfinity, led to unauthorized access to internal systems. Personal information such as usernames, hashed passwords, and potentially other sensitive data like contact details and partial Social Security numbers were compromised. Xfinity has advised customers to reset their passwords and enable two-factor authentication for added security.
https://www.usatoday.com/story/tech/2023/12/20/xfinity-data-breach-comcast-hack/71982101007/
The article explores “Spire,” a developed software created by Johns Hopkins University to safeguard the U.S. Power grid, against cyberattacks. After being tested in Hawaii Spire demonstrated its ability to withstand hacking attempts raising hopes, for maintaining power grid operations in the face of cyber threats. This software is a part of initiatives to enhance the security of national infrastructure.
https://hub.jhu.edu/2018/02/21/hacker-resistant-software-hawaii-power-grid/
https://www.securityweek.com/sandwich-chain-subway-investigating-ransomware-groups-claims/
Subway is conducting an investigation following a claim by the LockBit ransomware group that they successfully hacked into the company’s systems and accessed extensive information. The cybercriminals announced on Subway’s website that they extracted data from their internal system, containing substantial amounts of financial data such as employee salaries, franchise royalty payments, and restaurant turnovers. The group threatens to sell the information to competitors if a ransom is not paid by Subway before February 2. Subway, with around 20,000 global locations and over 400,000 employees, is currently assessing the validity of the claim, and the incident highlights the ongoing challenges posed by ransomware attacks on large organizations.