Threat Landscape Briefing – November 2023
In this month’s briefing we explore:
- ServiceNow vulnerability exposes sensitive data (timestamp – 01:05)
- ServiceNow issued a fix for a misconfigured widget that exposes data after a researcher published a method unauthenticated attackers can use to steal an organization’s sensitive files.
- See Info-Tech’s Build a Zero Trust Roadmap.
- HTTP/2 Rapid Reset attacks mark the largest recorded DDoS attack in internet history (timestamp – 04:13)
- Large cloud service providers such as Google, AWS, and CloudFlare observed a series of distributed denial of service attacks facilitated by the exploitation of a weakness in the implementation of HTTP/2.
- See Info-Tech’s Define Your Cloud Vision.
- The Art of Concealment, what to know about the new Magecart campaign (timestamp – 07:23)
- The Akamai Security Intelligence Group has detected a new Magecart web skimming campaign that is targeting a large number of websites, including large organizations in the food and retail industries.
- See Info-Tech’s Embed Security Into the DevOps Pipeline.
- Hackers exploit zero-day on Cisco devices (timestamp – 11:11)
- Cisco issued an advisory warning on October 16 that hackers were actively exploiting a critical vulnerability in IOS XE, the software that operates its networking devices.
- See Info-Tech’s Implement Risk-Based Vulnerability Management.
- ToddyCat using spear phishing to deliver disposable malware in Asia (timestamp – 14:33)
- A malware campaign known as “Stayin’ Alive” is continuing to target Asian telecom and governmental organizations and is believed to be perpetrated by ToddyCat, a group linked to China.
- See Info-Tech’s Develop a Security Awareness and Training Program That Empowers End Users.
- WordPress sites targeted with backdoor malware disguised as a plugin (timestamp – 15:56)
- A new malware has been targeting WordPress websites by masquerading as a legitimate caching plugin.
- See Info-Tech’s Develop and Implement a Security Incident Management Program.
If you have a question or would like to receive these monthly briefings via email, submit a request here.