Daily Cyber Brief
The UK is spending millions to increase Ukraine's cyber posture, Microsoft fixes a RCE flaw in Azure Cosmos, and Bed Bath & Beyond falls victim to a phishing attack...
Today’s Cyber Brief is brought to you by Farnsworth Forensics.
Cybersecurity
The UK is spending millions of pounds in strengthening Ukraine’s cyber defences, protecting the country’s critical infrastructure and public services against malicious attacks, the government has revealed. In response to a rising “tempo” of Russian cyber activity after…
A“rogue employee” who last week hacked the website of The New York Post and posted a number of racist, sexist and violent headlines, has described his actions as the result of an “emotional tantrum”. Speaking to The Daily Beast newsletter Confider, Miguel Gonzalez, 25…
Dropbox has said it was successfully phished, resulting in someone copying 130 of its private GitHub code repositories and swiping some of its secret API credentials. The cloud storage locker on Tuesday detailed the intrusion, and stated "no one's content, passwords, or…
While the risk to industrial control systems (ICS) and other operational technology (OT) environments continues to be high, organizations are increasingly confident in their ability to detect malicious activity, and only a small percentage of organizations admit suffering a…
Searching for 'GIMP' on Google as recently as last week would show visitors an ad for 'GIMP.org,' the official website of the well known graphics editor, GNU Image Manipulation Program. This ad would appear to be legitimate as it'd state 'GIMP.org' as the destination…
Bed Bath & Beyond revealed last week in an SEC filing that it recently suffered a data breach after an employee fell victim to a phishing attack. Only few details have been shared by the retailer as the investigation is ongoing. The company explained that it became aware of…
The Federal Trade Commission (FTC) this week announced that it has reached an agreement with education technology provider Chegg over the company’s cybersecurity failures leading to several data breaches. The Santa Clara, California-based company provides student services…
The research comes at a time of heightened risk and awareness of cybersecurity threats facing critical infrastructure providers, particularly in the industrial space. The 2021 ransomware attacks against Colonial Pipeline and meat supplier JBS USA raised considerable…
Attempts to reorganize supply chains to cut out China and foil its attempts to build a high-tech chip industry will be costly and may simply cause the Middle Kingdom to redouble its efforts, says memory maker Kioxia. The warning came in an interview [paywalled] with the…
Analysts at Orca Security have found a critical vulnerability affecting Azure Cosmos DB that allowed unauthenticated read and write access to containers. Named CosMiss, the security issue is in Azure Cosmos DB built-in Jupyter Notebooks that integrate into the Azure portal…