Tag AWS

October 22, 2024

New “ALBeast” Misconfiguration Reveals Vulnerabilities in AWS Application Load Balancer

Recent investigations have uncovered a significant cybersecurity vulnerability affecting approximately 15,000 applications that utilize Amazon Web Services’ (AWS) Application Load Balancer (ALB) for authentication purposes. This configuration issue could enable malicious actors to bypass access controls, thereby compromising the security of these applications. The research, conducted by the Israeli cybersecurity…

October 16, 2024

Data Breach May Compromise Information of Millions from Booking.com and Expedia

Data Breach Exposes Millions of Hotel Customers’ Sensitive Information A significant data breach at Prestige Software, a provider of hotel reservation systems, has potentially compromised the sensitive information of millions of hotel customers. The breach was uncovered by cybersecurity research firm Website Planet, which reported that the company’s Cloud Hospitality…

October 16, 2024

THN Cybersecurity Highlights: Key Threats and Trends (Sept 30 – Oct 6)

Cybersecurity Weekly Recap: Takedowns, DDoS Attacks, and Emerging Threats The realm of cybersecurity continues to evolve with alarming speed, as evidenced by the latest developments in the threat landscape. One significant topic this week is the prevalence of "pig butchering" scams, alongside impactful government interventions and a staggering array of…

October 15, 2024

Cisco Probes Data Breach Following Sale Announcement on BreachForums

A prominent data leaker has claimed to have successfully infiltrated Cisco, a leading networking technology firm, and exfiltrated sensitive company data. This discovery has prompted Cisco to initiate an investigation into the incident. Earlier this week, a cybercriminal operating under the alias IntelBroker took to BreachForums, a well-known hacking marketplace,…

October 15, 2024

Intel Broker Alleges Cisco Data Breach, Peddling Stolen Information from Leading Companies

Major Data Breach Allegedly Targets Cisco Systems: Intel Broker Claims Responsibility Intel Broker, a notorious figure in the realm of cybercrime, has asserted that he successfully breached Cisco Systems, Inc., resulting in the theft of a significant trove of sensitive data, including source codes, confidential documents, and various credentials. The…

October 13, 2024

Getting Started with CTEM: A Beginner’s Guide When You’re Uncertain

Understanding Continuous Threat Exposure Management (CTEM): A Comprehensive Overview Continuous Threat Exposure Management (CTEM) provides a strategic framework designed to help organizations continually evaluate and manage cyber risks. This approach deconstructs the intricate process of addressing security threats into five clear stages: Scoping, Discovery, Prioritization, Validation, and Mobilization. Each stage…

October 11, 2024

Identity at Risk: Tackling the National Public Data Breach

Identity Under Siege: Analyzing the National Public Data Breach In a significant cybersecurity incident, recent reports have indicated that cybercriminals have compromised 277 gigabytes of sensitive data, claiming to have accessed records belonging to approximately 2.9 billion individuals from a source identified as National Public Data. This alarming data breach…

October 1, 2024

Analyzing AD CS Vulnerabilities: Key Insights for Information Security Professionals

The Hidden Threat of Active Directory Certificate Services Vulnerabilities In the ever-evolving landscape of cybersecurity, vulnerabilities are discovered at an alarming pace, challenging organizations to keep their defenses up-to-date. Among these threats lies a particularly insidious issue: vulnerabilities within Active Directory Certificate Services (AD CS). These vulnerabilities, often understated, pose…