Stealing user credentials with evilginx
A malevolent mutation of the widely used nginx web server facilitates Adversary-in-the-Middle action, but there’s hope
Similar Posts
Beware the Hidden Risk in Your Entra Environment
Bys sIf you invite guest users into your Entra ID tenant, you may be opening yourself up to a surprising risk. A gap in access control in Microsoft Entra’s subscription handling is allowing guest users to create and transfer subscriptions into the tenant they are invited into, while maintaining full ownership of them. All the guest…
China-Linked PlugX and Bookworm Malware Attacks Target Asian Telecom and ASEAN Networks
Bys sTelecommunications and manufacturing sectors in Central and South Asian countries have emerged as the target of an ongoing campaign distributing a new variant of a known malware called PlugX (aka Korplug or SOGU). “The new variant’s features overlap with both the RainyDay and Turian backdoors, including abuse of the same legitimate applications for DLL side-loading,…
Oracle Health breach compromises patient data at US hospitals
Bys sOracle Health is becoming this year’s poster child for how NOT to respond to an incident. Lawrence Abrams reports: A breach at Oracle Health impacts multiple US healthcare organizations and hospitals after a threat actor stole patient data from legacy servers. Oracle Health has not yet publicly disclosed the incident, but in private communications sent to…
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [20 January]
Bys sAs the digital world becomes more complicated, the lines between national security and cybersecurity are starting to fade. Recent cyber sanctions and intelligence moves show a reality where malware and fake news are used as tools in global politics. Every cyberattack now seems to have deeper political consequences. Governments are facing new, unpredictable threats that…
Kerberoasting Detections: A New Approach to a Decade-Old Challenge
Bys sSecurity experts have been talking about Kerberoasting for over a decade, yet this attack continues to evade typical defense methods. Why? It’s because existing detections rely on brittle heuristics and static rules, which don’t hold up for detecting potential attack patterns in highly variable Kerberos traffic. They frequently generate false positives or miss “low-and-slow” attacks…
The Hidden Risks of Information Disclosure: A Costly Lesson from Cornwall
Bys sJoseph J. Lazzarotti of JacksonLewis writes: When Royal Cornwall Hospital responded to a routine Freedom of Information request in 2023, they had no idea they were about to expose sensitive staff data to the public. The hospital recently apologized after discovering that a spreadsheet published on their website contained hidden sickness absence data for 8,100 current and……