The threat actor behind the malware-as-a-service (MaaS) called Eternity has been linked to new piece of malware called LilithBot. "It has advanced capabilities to be used as a miner, stealer, and a clipper along with its persistence mechanisms," Zscaler ThreatLabz researchers Shatak Jain and Aditya Sharma said in a Wednesday report. "The group has been continuously enhancing … [Read more...] about Eternity Group Hackers Offering New LilithBot Malware as a Service to Cybercriminals
Service
Product Spotlight: Logz.io Service Performance Monitoring
We believe that one of the most powerful capabilities added to the Logz.io Observability Platform in recent months is our new Service Performance Monitoring (SPM) feature set. As you may have seen earlier this year, Logz.io was named a Visionary in the 2022 Gartner® Magic Quadrant(™) for Application Performance Monitoring and Observability. To that end, SPM is a cornerstone for … [Read more...] about Product Spotlight: Logz.io Service Performance Monitoring
New ‘FabricScape’ Bug in Microsoft Azure Service Fabric Impacts Linux Workloads
Cybersecurity researchers from Palo Alto Networks Unit 42 disclosed details of a new security flaw affecting Microsoft's Service Fabric that could be exploited to obtain elevated permissions and seize control of all nodes in a cluster. The issue, which has been dubbed FabricScape (CVE-2022-30137), could be exploited on containers that are configured to have runtime access. It … [Read more...] about New ‘FabricScape’ Bug in Microsoft Azure Service Fabric Impacts Linux Workloads
Researchers Uncover Ways to Break the Encryption of ‘MEGA’ Cloud Storage Service
A new piece of research from academics at ETH Zurich has identified a number of critical security issues in the MEGA cloud storage service that could be leveraged to break the confidentiality and integrity of user data. In a paper titled "MEGA: Malleable Encryption Goes Awry," the researchers point out how MEGA's system does not protect its users against a malicious server, … [Read more...] about Researchers Uncover Ways to Break the Encryption of ‘MEGA’ Cloud Storage Service
Announcing Service Performance Monitoring in Early Access
Today, we’re thrilled to announce the early access of our Service Performance Monitoring capability.As today’s DevOps teams know all too well, monitoring application requests in modern microservices architectures is extremely difficult. Requests typically travel across a vast ecosystem of microservices and, as a result, it is often a significant challenge to pinpoint a specific … [Read more...] about Announcing Service Performance Monitoring in Early Access
North Korean Hackers Using Windows Update Service to Infect PCs with Malware
The notorious Lazarus Group actor has been observed mounting a new campaign that makes use of the Windows Update service to execute its malicious payload, expanding the arsenal of living-off-the-land (LotL) techniques leveraged by the APT group to further its objectives. The Lazarus Group, also known as APT38, Hidden Cobra, Whois Hacking Team, and Zinc, is the moniker assigned … [Read more...] about North Korean Hackers Using Windows Update Service to Infect PCs with Malware
Eltima SDK Contain Multiple Vulnerabilities Affecting Several Cloud Service Provides
Cybersecurity researchers have disclosed multiple vulnerabilities in a third-party driver software developed by Eltima that have been "unwittingly inherited" by cloud desktop solutions like Amazon Workspaces, Accops, and NoMachine and could provide attackers a path to perform an array of malicious activities. "These vulnerabilities allow attackers to escalate privileges … [Read more...] about Eltima SDK Contain Multiple Vulnerabilities Affecting Several Cloud Service Provides
Apple’s New iCloud Private Relay Service Leaks Users’ Real IP Addresses
A new as-yet unpatched weakness in Apple's iCloud Private Relay feature could be circumvented to leak users' true IP addresses from iOS devices running the latest version of the operating system. Introduced with iOS 15, which was officially released this week, iCloud Private Relay aims to improve anonymity on the web by employing a dual-hop architecture that effectively shields … [Read more...] about Apple’s New iCloud Private Relay Service Leaks Users’ Real IP Addresses
India’s Koo, a Twitter-like Service, Found Vulnerable to Critical Worm Attacks
Koo, India's homegrown Twitter clone, recently patched a serious security vulnerability that could have been exploited to execute arbitrary JavaScript code against hundreds of thousands of its users, spreading the attack across the platform. The vulnerability involves a stored cross-site scripting flaw (also known as persistent XSS) in Koo's web application that allows … [Read more...] about India’s Koo, a Twitter-like Service, Found Vulnerable to Critical Worm Attacks
Cynet Empowers IT Resellers and Service Providers to Become Fully Qualified MSSPs
As cyber incidents increase in scope and impact, more and more organizations come to realize that outsourcing their defenses is the best practice—significantly increasing the Managed Security Service Provider (MSSP) market opportunities.Until recently, IT integrators, VARs, and MSPs haven't participated in the growing and profitable MSSP market as it entailed massive … [Read more...] about Cynet Empowers IT Resellers and Service Providers to Become Fully Qualified MSSPs