For providers

A sophisticated cyberattack campaign is targeting organizations that still rely on Active Directory Federation Services (ADFS) for authentication across applications and services.

Included in the records purportedly exfiltrated from Trump Hotel's guest reservation reminder/verification service were individuals' names, email addresses, communication dates, and other sampling details collected between January 2018 and January 2025.

Such a third-party breach not only led to the exposure of individuals' names, phone numbers, and email addresses, but also the exfiltration of some customers' partial credit card details and legacy systems' hashed credentials, said Grubhub in a statement.

Aside from the Banshee, CloudChat, PyStealer, and Poseidon payloads that focus on cryptocurrency wallet theft, Macs have also been subjected to attacks with the NotLockBit ransomware and the North Korea-linked SpectralBlur implant, according to a report from Apple cybersecurity researcher Patrick Wardle.

Nearly 150 S3 buckets previously leveraged by cybersecurity firms, governments, Fortune 500 companies, and open source projects could be re-registered with the same AWS account name to facilitate executable and/or code injections in the deployment code/software update mechanism, according to an analysis from watchTowr Labs researchers.

This campaign primarily targets finance, accounting, and sales professionals, aiming to steal sensitive data.

Initial network appliance compromise and operation under root privileges will be verified before the deployment of the "libssdh.so" SSH library for data exfiltration and command-and-control communications and the "mainpasteheader" and "selfrecoverheader" binaries for persistence, an investigation from Fortinet FortiGuard Labs revealed.

Join the conversation with Adele Trombetta and see why she's excited about what Customer Experience has in store for Cisco Live EMEA this year in Amsterdam.

Wiz has dominated the cloud startup market for several years, but there are lesser-known startups that offer some very targeted cloud security products.

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-53104 Linux Kernel Out-of-Bounds Write Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.