Google Cloud Build Flaw Enables Privilege Escalation, Code Tampering

Google's fix to the Bad.Build flaw only partially addresses the issue, say security researchers who discovered it. [TechWeb]( Follow Dark Reading: [RSS]( July 19, 2023 LATEST SECURITY NEWS & COMMENTARY [Google Cloud Build Flaw Enables Privilege Escalation, Code Tampering]( Google's fix to the Bad.Build flaw only partially addresses the issue, say security researchers who discovered it. [FIN8 Modifies 'Sardonic' Backdoor to Deliver BlackCat Ransomware]( The cybercrime group has given its backdoor malware a facelift in an attempt to evade detection, making some bug fixes and setting itself up to deliver its latest crimeware toy, BlackCat. [Attackers Pummel Millions of Websites via Critical WooCommerce Payments Flaw]( A barrage of targeted attacks against vulnerable installations peaked at 1.3 million against 157,000 sites over the weekend, aimed at unauthenticated code execution. [Sogu, SnowyDrive Malware Spreads, USB-Based Cyberattacks Surge]( Two separate threat actors are using poisoned USB drives to distribute malware in cyber-espionage campaigns targeting organizations across different sectors and geographies. [Pernicious Rootkits Pose Growing Blight On Threat Landscape]( Attackers show renewed relentlessness in exploiting OS vulnerabilities that also circumvent defense and detection measures. [VirusTotal Data Leak Affects 5K+ Users]( Some of the users who were impacted include the US Department of Justice, the NSA, and the FBI, alongside German intelligence agencies. [Hacker Infected & Foiled by Own Infostealer]( A prolific threat actor has been operating on Russian-language forums since 2020, but then he accidentally infected his own computer and sold off its contents to threat researchers. [Linux Ransomware Poses Significant Threat to Critical Infrastructure]( Organizations running Linux distributions need to prepare to defend their systems against ransomware attacks. Steps to ensure resiliency and basics such as access control reduce major disruptions. [Name That Toon: Shark Sighting]( Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [AWS Cloud Credential Stealing Campaign Spreads to Azure, Google Cloud]( The TeamTNT threat actor appears to be setting the stage for broader cloud worm attacks, researchers say. [If George Washington Had a TikTok, What Would His Password Be?]( Artificial intelligence can be tricked into making password-based authentication even weaker. [Microsoft 'Logging Tax' Hinders Incident Response, Experts Warn]( A recent email compromise by Chinese APT group Storm-0558 highlights a lack of access to security logging by many Microsoft 365 license holders, prompting calls from researchers to abolish it. [MORE]( EDITORS' CHOICE [5 Major Takeaways From Microsoft's July Patch Tuesday]( July's updates contained 100+ patches and security policy notes, leaving vulnerability management teams stressed and scrambling to prioritize. We're here to help find some zen. LATEST FROM DR TECHNOLOGY [Microsoft Takes Security Copilot AI Assistant to the Next Level]( The company's AI for security operations centers continues to add integrations, as the industry looks to large language models for progress. LATEST FROM THE EDGE [10 Features an API Security Service Needs to Offer]( Securing APIs is specialized work. Here's what organizations should look for when selecting an outside partner. LATEST FROM DR GLOBAL [APT35 Develops Mac Bespoke Malware]( Iran-linked APT35 group crafted specific Mac malware when targeting a member of the media with new tools to add backdoors. WEBINARS - [State of DDoS: Mid-Year Threat Report]( Killnet, REvil and Anonymous Sudan - it's been a busy quarter in the DDoS realm. Threat actor groups have been targeting Western organizations in an attempt to disrupt our way of life. If you're finding it hard to keep track ... - [Finding a Backup Strategy That Works For You]( You've been hit with a ransomware, DDoS, natural disaster, or destructive cyberattack. One of the first questions: can we get our data back? Good back-ups are key to business continuity and disaster recovery, but backing up your data in preparation ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [9 Traits You Need to Succeed as a Cybersecurity Leader]( - [The Ultimate Guide to the CISSP]( - [Rediscovering Your Identity]( - [2023 Global Future of Cyber Report]( - [Cybersecurity in a post pandemic world: A focus on financial services]( - [Cybersecurity in 2023 and beyond: 12 leaders share their forecasts]( - [Know your customer: Enable a 360-degree view with customer identity & access management]( [View More White Papers >>]( FEATURED REPORTS - [Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware]( - [Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks]( The most profound change to enterprise security with the rise of remote work is the way endpoint security has moved from last line of defense to being on the frontline. The user's endpoint is the first device attackers encounter, making ... - [The Promise and Reality of Cloud Security]( Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Cybersecurity Leaders Report Reduction in Disruptive Cyber Incidents With MSS/MDR Solutions]( [Hackers Say Generative AI Unlikely to Replace Human Cybersecurity Skills According to Bugcrowd Survey]( [Console & Associates, P.C. Investigates HCA Healthcare After Report of Data Breach Affecting an Estimated 11M Patients]( [Facebook and Microsoft are the Most Impersonated Brands in Phishing Attacks]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [How to Use Threat Intelligence to Mitigate Third-Party Risk]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)