'Gold Melody' Access Broker Plays on Unpatched Servers' Strings

A financially motivated threat actor uses known vulnerabilities, ordinary TTPs, and off-the-shelf tools to exploit the unprepared, highlighting the fact that many organizations still don't focus on the security basics. [TechWeb]( Follow Dark Reading: [RSS]( September 22, 2023 LATEST SECURITY NEWS & COMMENTARY ['Gold Melody' Access Broker Plays on Unpatched Servers' Strings]( A financially motivated threat actor uses known vulnerabilities, ordinary TTPs, and off-the-shelf tools to exploit the unprepared, highlighting the fact that many organizations still don't focus on the security basics. [MGM Restores Casino Operations 10 Days After Cyberattack]( The lost revenue due to downtime for gaming and hotel bookings is difficult to ballpark. [Mysterious 'Sandman' APT Targets Telecom Sector With Novel Backdoor]( The Sandman group's main malware is among the very few that use the Lua scripting language and its just-in-time compiler. [GitLab Users Advised to Update Against Critical Flaw Immediately]( The bug has a CVSS score of 9.6 and allows unauthorized users to compromise private repositories. [Cisco Moves Into SIEM With $28B Deal to Acquire Splunk]( Cisco's surprise agreement could reshape secure information and event management (SIEM) and extended detection and response (XDR) markets. [BBTok Banking Trojan Impersonates 40+ Banks to Hijack Victim Accounts]( Attackers use convincing fake website interfaces and sophisticated geo-fencing to target users exclusively in Mexico and Brazil with a new variant of the malware. [Hikvision Intercoms Allow Snooping on Neighbors]( The intercoms are used in thousands of apartments and offices across the world, and they can be used to spy on targets through the other devices they connect to. [T-Mobile Racks Up Third Consumer Data Exposure of 2023]( The mobile company states that the issue was due to a glitch that occurred in an update. [Mastering Defense-in-Depth and Data Security in the Cloud Era]( Though widely used in many organizations, the concept still requires adaptation when aimed at protecting against new types of attacks. [Understanding the Differences Between On-Premises and Cloud Cybersecurity]( The nature of cloud environments means security and technical teams need a different mindset to understand and manage their new attack surface. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [China-Linked Actor Taps Linux Backdoor in Forceful Espionage Campaign]( "SprySOCKS" melds features from multiple previously known badware and adds to the threat actor's growing malware arsenal, Trend Micro says. [How Choosing Authentication Is a Business-Critical Decision]( MFA may go a long way in improving password security, but it's not foolproof. [Changing Role of the CISO: A Holistic Approach Drives the Future]( The CISO's role has grown far beyond supervising Patch Tuesday to focus on prevention and response and to cover people, processes, and technology. [MORE]( EDITORS' CHOICE [FBI, CISA Issue Joint Warning on 'Snatch' Ransomware-as-a-Service]( The group's use of malware that forces Windows computers to reboot into Safe Mode before encrypting files is noteworthy, advisory says. LATEST FROM THE EDGE [What Does Socrates Have to Do With CPM?]( It's time to focus on the "P" in cybersecurity performance management. LATEST FROM DR TECHNOLOGY [Secure Browser Tech Is Having a Moment]( Cloud adoption is driving secure browsers' moment in the sun as rumors fly that Palo Alto Networks is looking to snap up Talon. LATEST FROM DR GLOBAL [Growing Chinese Tech Influence in Africa Spurs 'Soft Power' Concerns]( A working group is rolling out in developing parts of the world, in response to concerns about the amount of technology being rolled out and across Africa by Chinese companies. WEBINARS - [Securing Identities in the Cloud]( With enterprises increasingly shifting workloads to the cloud, they face different challenges including managing and securing user identities, as well as a web of machine identities. How do you map all of the identities that now reside in the cloud ... - [Tips for A Streamlined Transition to Zero Trust]( From identifying the potential attack surface to determining policy, there is a clear path to zero trust and best practices to make the transition as smooth as possible - both for your organization and your customers. Zero trust is more ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [The Forrester Wave: External Threat Intelligence Service Providers, Q3 2023]( - [Threat Intelligence: Data, People and Processes]( - [Essential SASE Must-haves]( - [The Ultimate Guide to the CISSP]( - [Rediscovering Your Identity]( - [Cybersecurity in 2023 and beyond: 12 leaders share their forecasts]( - [Know your customer: Enable a 360-degree view with customer identity & access management]( [View More White Papers >>]( FEATURED REPORTS - [The State of Supply Chain Threats]( - [Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware]( - [Successfully Managing Identity in Modern Cloud and Hybrid Environments]( Cloud promised to simplify the security and management of enterprise systems. In many ways it has, but when it comes to identity management it's as complicated as ever. This report details how to get identity programs on track -- and ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [OPSWAT-Sponsored SANS 2023 ICS/OT Cybersecurity Report Reveals Vital Priorities to Mitigate Ongoing Threats]( [Salvador Technologies Wins Funding for $2.2M Cybersecurity Project From BIRD Foundation]( [83% of IT Security Professionals Say Burnout Causes Data Breaches]( [Omdia Research Finds Risk-Based Vulnerability Management Set to Encompass the Vulnerability Management Market by 2027]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Passwords Are Passe: Next Gen Authentication Addresses Today's Threats]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=118322&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_09.22.23&sp_cid=49906&utm_content=DR_NL_Dark%20Reading%20Daily_09.22.23&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#86 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)