Hackers Create Legit Phishing Links With Ghost GitHub, GitLab Comments

An utterly innocuous feature in popular Git CDNs allows anyone to conceal malware behind brand names, without those brands being any the wiser. [TechWeb]( Follow Dark Reading: [RSS]( April 24, 2024 LATEST SECURITY NEWS & COMMENTARY [Hackers Create Legit Phishing Links With Ghost GitHub, GitLab Comments]( An utterly innocuous feature in popular Git CDNs allows anyone to conceal malware behind brand names, without those brands being any the wiser. [Russia's Fancy Bear Pummels Windows Print Spooler Bug]( The infamous Russian threat actor has created a custom tool called GooseEgg to exploit CVE-2022-38028 in cyber-espionage attacks against targets in Ukraine, Western Europe, and North America. [Siemens Working on Fix for Device Affected by Palo Alto Firewall Bug]( Growing attacks targeting the flaw prompted CISA to include it in the known exploited vulnerabilities catalog earlier this month. [Back from the Brink: UnitedHealth Offers Sobering Post-Attack Update]( The company reports most systems are functioning again but that analysis of the data affected will take months to complete. [US Gov Slaps Visa Restrictions on Spyware Honchos]( The State Department can now deny entrance to the US for individuals accused of profiting from spyware-related human rights abuses, and their immediate family members. [Lessons for CISOs From OWASP's LLM Top 10]( It's time to start regulating LLMs to ensure they're accurately trained and ready to handle business deals that could affect the bottom line. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [ToddyCat APT Is Stealing Data on 'Industrial Scale']( The threat actor is deploying multiple connections into victim environments to maintain persistence and steal data. [Nespresso Domain Serves Up Steamy Cup of Phish, No Cream or Sugar]( An open direct vulnerability in the Nespresso Web domain lets attackers bypass detection as they attempt to steal victims' Microsoft credentials. [Where Hackers Find Your Weak Spots]( The five intelligence sources that power social engineering scams. [Teetering on the Edge: VPNs, Firewalls' Nonexistent Telemetry Lures APTs]( State-sponsored groups are targeting critical vulnerabilities in virtual private network (VPN) gateways, firewall appliances, and other edge devices to make life difficult for incident responders, who rarely have visibility into the devices. [CISO Corner: Breaking Staff Burnout, GPT-4 Exploits, Rebalancing NIST]( SecOps highlights this week include the executive role in "cyber readiness;" Cisco's Hypershield promise; and Middle East cyber ops heat up. [MORE]( PRODUCTS & RELEASES [CompTIA Supports Department of Defense Efforts to Strengthen Cyber Knowledge and Skills]( [Miggo Launches Application Detection and Response (ADR) Solution]( [Auburn's McCrary Institute and Oak Ridge National Laboratory to Partner on Regional Cybersecurity Center]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [MITRE ATT&CKED: InfoSec's Most Trusted Name Falls to Ivanti Bugs]( The irony is lost on few, as a nation-state threat actor used eight MITRE techniques to breach MITRE itself — including exploiting the Ivanti bugs that attackers have been swarming on for months. LATEST FROM THE EDGE [5 Hard Truths About the State of Cloud Security 2024]( Dark Reading talks cloud security with John Kindervag, the godfather of zero trust. LATEST FROM DR TECHNOLOGY [For Service Accounts, Accountability Is Key to Security]( Modern networks teem with machine accounts tasked with simple automated tasks yet given too many privileges and left unmonitored. Resolve that situation and you close an attack vector. LATEST FROM DR GLOBAL [Licensed to Bill? Nations Mandate Certification & Licensure of Cybersecurity Pros]( Malaysia, Singapore, and Ghana are among the first countries to pass laws that require cybersecurity firms — and in some cases, individual consultants — to obtain licenses to do business, but concerns remain. WEBINARS - [Is AI Identifying Threats to Your Network?]( - [Securing Code in the Age of AI]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [How Enterprises Secure Their Applications]( - [Making Sense of Your Security Data: The 6 Hardest Problems]( - [The State of Incident Response]( - [Understanding Today's Threat Actors]( - [Use the 2023 MITRE ATT&CK Evaluation Results for Turla to Inform EDR Buying Decisions]( - [Demystifying Zero Trust in OT]( - [Causes and Consequences of IT and OT Convergence]( [View More White Papers >>]( FEATURED REPORTS - [Industrial Networks in the Age of Digitalization]( - [Zero-Trust Adoption Driven by Data Protection]( - [How Enterprises Assess Their Cyber-Risk]( [View More Dark Reading Reports >>]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=123027&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_04.24.24&sp_cid=53169&utm_content=DR_NL_Dark%20Reading%20Daily_04.24.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#f4 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)