AGS Cyber

TeamViewer, a leading provider of remote access and control software, has confirmed a cyber breach within its internal corporate IT environment, which was detected on 26th June 2024. https://lnkd.in/eSu7waEd Although TeamViewer asserts that this breach is isolated from their product environment, thereby not impacting customer data, the incident has drawn significant attention due to the potential involvement of APT29, also known as Cozy Bear. This has also raised concerns about the exploitation of remote access tools by sophisticated threat actors, prompting TeamViewer to activate its response team and initiate thorough investigations and remediation efforts. The incident highlights the critical need for robust cybersecurity measures and rapid response protocols. Organizations should take several proactive steps to counter similar cyber breaches: - Enhance Monitoring: Implement continuous monitoring of network traffic and remote access tools to detect irregularities early. - Incident Response Plan: Develop and regularly update an incident response plan that includes procedures for containment, eradication, and recovery from cyber-attacks. - Access Controls: Strengthen access controls by using multi-factor authentication and limiting access to sensitive systems and data. - Employee Training: Conduct regular cybersecurity training to educate employees about phishing and other common attack vectors. - Threat Intelligence Sharing: Engage with industry information sharing and analysis centers (ISACs) to stay informed about emerging threats and share intelligence. - Regular Audits: Perform regular security audits and vulnerability assessments to identify and mitigate potential weaknesses. - Patch Management: Ensure timely application of security patches and updates to all software and systems. Contact us AGS Cyber and learn more on what your organizations can do to counter cyber breaches. 📧 contact@agscyber.com 🌍 www.agscyber.com #cybercareers #cybersecurity #cybernews #cyberawareness #cyberattacks #cyberbreaches #accesscontrol #incidentresponse #defensivesecurity #SOCmonitoring #vulnerabilitymanagement

This article from The Hacker News looks at the challenges enterprises face to stay ahead of threat actors in the ever dominating world of SaaS market adoption. The article emphasizes the importance of robust SaaS security hygiene, continuous monitoring of machine identities, and adopting Zero Trust architecture to mitigate these risks. Real-world examples, such as the Scattered Spider/Starfraud attacks, illustrate these concepts. Full article here - Need help building your cybersecurity team? Reach out to AGS Cyber today! contact@agscyber.com #cyberjobs #cybercareers #cyberawareness

👾 Hackers Detail How They Allegedly Stole Ticketmaster Data From Snowflake 👾 Hackers who stole terabytes of data from Ticketmaster and other Snowflake customers claim they accessed some accounts by breaching a contractor, EPAM Systems, a Belarusian-founded firm. This breach potentially impacted 165 customer accounts, though only a few have been identified, including Santander and Ticketmaster. The hackers, known as ShinyHunters, used data from an EPAM employee system to access Snowflake accounts. They reportedly infected an EPAM worker's computer in Ukraine with info-stealer malware, gaining access to unencrypted usernames and passwords stored in a project management tool. This allowed them to infiltrate Snowflake accounts lacking multifactor authentication (MFA), leaving the victims vulnerable to attacks. EPAM denies involvement, suggesting the hacker's claims are fabricated. However, evidence includes EPAM credentials and internal URLs pointing to Ticketmaster's Snowflake account. Mandiant, a Google-owned security firm, confirmed that hackers used old data from info-stealers to access Snowflake accounts, with about 80% of victims compromised using previously stolen credentials. The breach serves as a stark reminder of the risks associated with third-party contractors and the pressing need for robust security measures, such as MFA. Snowflake is now diligently working on implementing MFA for its customers to significantly enhance account security. AGS Cyber takes cybersecurity seriously, considering each organization's unique needs. Contact us to inquire about our services - contact@agscyber.com https://lnkd.in/ezMzy4dR #cybercareers #cyberattacks #cyberdefence #hackers

📣 SonicWall experienced a data leak of 22GB of logs from a prototype environment, discovered by the Cybernews research team. https://lnkd.in/evxxDC65 The leak involved a publicly exposed instance of Elasticsearch containing activity logs for development and quality assurance, without identifiable customer information but including some employee names and emails. SonicWall quickly resolved the issue and confirmed no impact on their products, services, or customer data. The incident highlights the importance to implement robust access control measures and ensure continuous monitoring of internal systems. Here are some specific steps to take: 1. Strengthen Access Controls via IP Whitelisting, Multi-Factor Authentication (MFA) and reviewing permissions regularly 2. Enhance Monitoring and Discoverability by deploying Intrusion Detection Systems (IDS), Log Monitoring and Analysis, and setting up automated alerts 3. Conduct Regular Security Audits like Internal and External Audits and Penetration Testing 4. Employee Training and Awareness 5. Data Segregation and Environment Isolation, and Data Masking By taking these steps, companies can better protect their systems and data from potential breaches, even in the event of accidental exposures or security oversights. We AGS Cyber provide exceptional Cybersecurity professionals to protect your organization from data breaches. Let's chat! 📧 contact@agscyber.com 🌐 https://lnkd.in/e9UcSUBp #cybercareers #cybersecurity #cyberawareness #threathunting #pentesting #threatmonitoring #databreach #accesscontrol #intrusiondetection

😴 So....how many wake up calls until anybody wakes up? ⏰ Last week’s ransomware attack on Synnovis is a stark wake-up call for all UK essential services. The breach, which has disrupted key London hospitals, underscores the critical need for substantial investment in robust cyber defenses across healthcare. 📰 Full article read here; https://lnkd.in/efypUyxq 📣 Don't get caught sleeping on your cybersecurity. Get in touch today to discuss how AGS Cyber can help reinforce your defenses. contact@agscyber.com https://lnkd.in/eJYy3bhV #cyberjobs #cybercareers #cyberawareness

I think it's fair to say we could all use a break from Apple jumping on the AI bandwagon, so let's address the elephant in the room... 🐘 With 49% of the world's population voting across 64 countries, 2024 is the "election year," especially in the USA and the EU. The rise of Artificial Intelligence (AI), notably ChatGPT, will significantly impact these elections. Positive Uses of AI in Elections: • Voter Management: AI streamlines registration and verification, preventing duplicate registrations and ensuring data accuracy, as seen with the USA's Electronic Registration Information Center (ERIC). • Signature Matching: AI matches mail-in ballot signatures with records, replacing manual methods and saving time. • AI Chatbots: Election offices use AI chatbots to answer voter questions 24/7, provide accurate information, and eliminate language barriers. • Voter Education: AI helps create and translate voting guides, making instructions accessible to non-English speakers. • Campaign Strategies: Candidates use AI to generate content, analyze social media trends, and target voter groups with personalized messages. Risks of AI in Elections: • AI Hallucinations: Chatbots may give inaccurate information, as seen with Microsoft's Bing AI during recent elections. • Bias in Training Data: AI systems trained on biased data can make disproportionate decisions, affecting voter verification. • Adversarial Attacks: AI systems are vulnerable to data poisoning and model extraction attacks, which can compromise voting outcomes. Deepfakes pose a threat by spreading false information about candidates. AI enhances efficiency, security, and transparency but also introduces risks. Looking for AI or Cybersecurity talent for your organization? We AGS Cyber can help; feel free to contact me ☕ https://lnkd.in/ee2V9fXu 📧 contact@agscyber.com 🌍 www.agscyber.com #AI #artificialintelligence #appleintelligence #cybersecurity #cyberthreat #cyberattacks #threatmonitoring

This post type is slightly different this week, but it's a good reminder that DEI isn't just a quota. Diversity and inclusion can contribute to overall success when adequately understood and supported. Neurodiversity in Cybersecurity: Broadening Perspectives, Offering Inclusivity Neurodiversity is crucial in IT security, bringing unique perspectives and skills for identifying and mitigating threats. Neurodivergent (ND) individuals think outside the box, spotting vulnerabilities and detecting malicious activities in ways neurotypical individuals might miss. Unique Problem-Solving Approaches ND individuals excel in data analysis and trend identification. Their unique problem-solving methods often outperform traditional linear approaches, providing clearer insights into complex security threats. Clear Job Postings and Inclusive Interviews Clear, jargon-free job postings and inclusive interview processes attract ND candidates. Offering alternative interview formats and avoiding mandatory eye contact can make the process more accommodating. Creating supportive workplaces that address ND individuals' unique challenges is essential. As awareness grows, more organizations recognize the value ND employees bring to cybersecurity. Changes benefiting ND employees, like clear communication and unambiguous directions, improve workplace efficiency. The Future is Neurodiverse With proper support and investment, neurodiversity will become integral to cybersecurity. ND individuals excel with the appropriate support, transforming into top performers. Understanding employees' strengths before setting expectations is critical to unlocking their full potential for the benefit of the entire organization. Looking for great talent? Contact us to find out how AGS can help. contact@agscyber.com https://lnkd.in/eBhE8-Qz #cybersecurity #cybercareers #inclusivity #neurodivergent

Hackers have targeted Python developers by uploading a fake package called "crytic-compilers" to the PyPI repository, designed to steal information using the Lumma malware. This malicious package mimics the legitimate "crytic-compile" library and aligns its version numbers to appear as a newer release. It installs genuine components in some versions but executes a malicious payload on Windows systems to download additional malware. The incident highlights the increasing exploitation of open-source registries by threat actors for distributing malware Read the full article here - https://lnkd.in/dpJKSyCP Need help building your cybersecurity team? Get in touch today - www.agscyber.com #cyberjobs #cybercareers #cyberawareness

TikTok recently faced a zero-click security issue allowing threat actors to take over high-profile accounts via malware sent through direct messages. While TikTok has implemented preventive measures and is assisting affected users, this incident underscores ongoing vulnerabilities in the platform, which has faced multiple security challenges in recent years. In light of this security breach, it's clear that even a sophisticated platform can fall prey to cyber threats. We AGS Cyber specializes in providing high-quality cyber professionals to safeguard your company's online presence. Let us help you stay one step ahead of cybercriminals and ensure your digital assets are protected. 📧 contact@agscyber.com 🌐 www.agscyber.com https://lnkd.in/d9eRrGRy #cybersecurity #cybernews #cyberawareness #cyberattack #cyberthreats #vulnerabilitymanagement #incidentresponse #malware

👾Researchers Uncover RAT-Dropping npm Package Targeting Gulp Users👾 Cybersecurity researchers have discovered a malicious npm package, glup-debugger-log, designed to deploy a remote access trojan (RAT) on compromised systems. The package, masquerading as a logger for gulp toolkit users, has been downloaded 175 times. Phylum, the security firm that identified the package, found it contained two obfuscated files that work together to deliver the malware. The initial file checks for certain conditions before downloading additional components, targeting active developer machines. It verifies network interfaces, specific Windows operating systems (Windows NT), and seven or more items in the Desktop folder. If the package successfully passes all checks, it launches a second JavaScript file, 'play-safe.js'. This file establishes persistence and executes commands from a URL or local file. It sets up an HTTP server on port 3004, ready to listen for and execute incoming commands, and sends responses back as plaintext. Phylum noted the RAT's minimal functionality, self-contained nature, and heavy obfuscation, highlighting the evolving sophistication of open-source malware. Looking to protect your organisation? Ask me how AGS Cyber can help. Contact me at: contact@agscyber.com https://lnkd.in/dVQtrwmm #cybercareers #cyberattacks #cybercrime