State-backed advanced persistent threat (APT) actors are likely among those who have been actively exploiting a recently found bug in a Zoho single sign-on and password management tool since early last month, according to the FBI, CISA, and the US Coast Guard Cyber Command (CGCYBER).

Because the Zoho ManageEngine ADSelfService Plus is a self-service password management and single sign-on (SSO) platform for Active Directory and cloud apps, any cyberattacker who gains control of the platform will have multiple pivot points into both mission-critical apps (and their sensitive data) and other parts of the corporate network via Active Directory. It is, in other words, a powerful, highly privileged application that may serve as an easy point-of-entry for both users and attackers into areas deep within an enterprise's footprint. <a style="color:red" href="https://threatpost.com/cisa-fbi-state-backed-apts-exploit-critical-zoho-bug/174768/">Read More</a>.

Since early August, a recently discovered problem in a Zoho single sign-on and password management product has been actively exploited.

large_Zoho_headquarters_in_chennai.jpg

medium_Zoho_headquarters_in_chennai.jpg

small_Zoho_headquarters_in_chennai.jpg

thumbnail_Zoho_headquarters_in_chennai.jpg

Zoho_headquarters_in_chennai.jpg

State-sponsored APTs may be exploiting a critical Zoho bug, according to CISA and the FBI

"The virus leverages modern address resolution techniques for command and control communications to bypass standard detection measures and virtual network access controls," Cado Labs researcher Matt Muir said of the malware, dubbed "Denonia" after the domain it interacts with.

On February 25, 2022, the item evaluated by the cybersecurity firm was published to the VirusTotal database under the name "python" and packed as a 64-bit ELF executable.

Amazon said in a statement to The Hacker News that "Lambda is safe by default, and AWS continues to work as planned," adding that customers who violate the company's acceptable usage policy (AUP) will be barred from utilizing its services. <a style="color:red" href="https://thehackernews.com/2022/04/first-malware-targeting-aws-lambda.html">Read More</a>

A first-of-its-kind malware targeting Amazon Web Services' (AWS) Lambda serverless computing platform has been discovered in the wild.

thumbnail_aws.jpg

aws.jpg

Malware aimed at the AWS Lambda Serverless Platform has been discovered for the first time.

According to a press release issued by VNTANA on Thursday, the connection would allow marketers to submit 3D models of their items to social media platforms and instantly transform them into commercials. 

'The move is a first step toward advertising in the metaverse, a future concept that refers to a collection of virtual worlds that can be accessed by various devices such as headsets.' VNTANA's CE Ashley Crowder added.

Crowder described the metaverse as "essentially the spatial internet." "Having the correct 3D models of your items opens up a new universe of possibilities."<a style="color:red" href="https://www.khaleejtimes.com/tech/3d-ads-come-to-facebook-instagram-in-step-toward-metaverse">Read More</a>

Through a new agreement with an e-commerce technology startup, Meta Platforms Inc will make it easier for marketers to run three-dimensional ads on Facebook and Instagram.

medium_meta.png

small_meta.png

thumbnail_meta.png

meta.png

In a move toward the metaverse, 3D adverts are now available on Facebook and Instagram.

The Threat Analysis Group (TAG) at Google has offered a unique insight inside the operations of a cybercriminal known as "Exotic Lily," who appears to be an initial-access broker for both the Conti and Diavol ransomware groups.

The group's business-like approach to brokering initial access into companies' networks using a variety of approaches, according to researchers, reveals the group's business-like approach to allowing its partners to engage in additional hostile behavior.

In the post, Google TAG researchers Vlad Stolyarov and Benoit Sevens said, "It's a full-time job." "These groups specialize in breaking into a target in order to open the doors — or the Windows — to the highest-bidding bad actor."<a style="color:red" href="https://threatpost.com/google-conti-diavol-ransomware-access-broker/178981/">Read More</a>

Exotic Lily, a full-time cybercriminal initial-access gang that utilizes phishing to penetrate businesses' networks for subsequent destructive behavior, has been discovered by researchers.

small_lily exotic.jpg

thumbnail_lily exotic.jpg

lily exotic.jpg

Conti, Diavol Ransomware Access-Broker Ops: Google Blows the Lid Off

In a tweet on Monday, Israel's National Cyber Directorate revealed that a denial-of-service (DDoS) assault against a telecoms provider had brought down many government and non-government websites. According to authorities, the hack was the greatest ever against Israel, prompting the Directorate to proclaim a state of emergency for a short time.

"Update: A [DDoS] assault has been spotted on a communications provider in the last few hours, which has resulted in access to a variety of sites, including government sites, being blocked for a brief period," the Cyber Israel account tweeted.

The webpages for the Israeli ministries of interior, health, justice, and welfare, as well as the Prime Minister's office, were taken down, according to Haaretz (services are now restored). The enormity of the attack, according to a source named by Haaretz as a member of the "defense establishment," could only have been carried out by a threat actor sponsored by a nation-state. <a style="color:red" href="https://threatpost.com/cyberattacks-israeli-government-sites-largest/178927/">Read More</a>

Government websites were taken down as a result of DDoS assaults against Israeli telecom firms, prompting a short state of emergency.

small_largest attack.jpg

thumbnail_largest attack.jpg

largest attack.jpg

'Largest in the Country's History' describes the Cyberattacks against Israeli Government Sites.

Technology advances at a breakneck pace, to the point that the phone in your pocket is millions of times more powerful than all of NASA's combined processing power in 1969, when two astronauts walked on the moon.

More devices become relics of the past as we continue to make advancements. We've compiled a list of 10 obsolete devices that you no longer require in this post.

1. Typewriters
2. Payphones
3. Photographic Films
4. Answering Machines
5. Pagers (Beepers)
6. Cassette Tape
7. Floppy Disks
8. Portable Music Players
9. CDs
10. DVD Players
<a style="color:red" href="https://www.makeuseof.com/tech-you-dont-need-anymore/">Read More</a>

The are ancient and out of use , and you should think about saving up that space.

Saudi Arabia

United Arab Emirates

Email

Recent Posts

State-sponsored APTs may be exploiting a critical Zoho bug, according to CISA and the FBI