brangberg – Page 769

New “whoAMI” Attack Exploits AWS AMI Name Confusion for Remote Code Execution

Cybersecurity researchers have disclosed a new type of name confusion attack called whoAMI that allows anyone who publishes an Amazon Machine Image (AMI) with a specific name to gain code execution within the Amazon Web Services (AWS) account.
“If executed at scale, this attack could be used to gain access to thousands of accounts,” Datadog Security Labs researcher Seth Art said in a report

Lazarus Group Deploys Marstech1 JavaScript Implant in Targeted Developer Attacks

The North Korean threat actor known as the Lazarus Group has been linked to a previously undocumented JavaScript implant named Marstech1 as part of limited targeted attacks against developers.
The active operation has been dubbed Marstech Mayhem by SecurityScorecard, with the malware delivered by means of an open-source repository hosted on GitHub that’s associated with a profile named “

Author: brangberg

New “whoAMI” Attack Exploits AWS AMI Name Confusion for Remote Code Execution

Lazarus Group Deploys Marstech1 JavaScript Implant in Targeted Developer Attacks

SonicWall firewall bug targeted in attacks after PoC exploit release

SonicWall firewall bug leveraged in attacks after PoC exploit release

Virginia Attorney General’s Office Struck by Cyberattack Targeting Attorneys’ Computer Systems

Malicious PirateFi game infects Steam users with Vidar malware

Sean Cairncross is Trump Nominee for National Cyber Director

PostgreSQL flaw exploited as zero-day in BeyondTrust breach

Rising Tides: Lesley Carhart on Bridging Enterprise Security and OT—and Improving the Human Condition

Meta Paid Out Over $2.3 Million in Bug Bounties in 2024