top of page
Untitled design.png

Weekly INK

Each week we compile an advisory on the latest threats, trends and newsworthy topics from the cyber security industry affecting small and medium enterprises. Join our subscribers below and help us prevent cybersecurity breaches.

watermark4.png

Issue #107 - July 22, 2024

Security Firm Accidentally Hires North Korean Hacker, Did Not KnowBe4

Source: Dark Reading

A security firm recently hired a software engineer for its internal AI team that turned out to be a North Korean threat actor, who immediately began loading malware to his company-issued workstation.




Critical ServiceNow RCE flaws actively exploited to steal credentials

Source: Bleeping Computer

Threat actors are chaining together ServiceNow flaws using publicly available exploits to breach government agencies and private firms in data theft attacks. This malicious activity was reported by Resecurity, which, after monitoring it for a week, identified multiple victims, including government agencies, data centers, energy providers, and software development firms.




Cybercrooks Continue to Capitalize on CrowdStrike Outage

Source: Data Breach Today

Self-proclaimed hacktivist group USDoD appears the latest to mount a claim, posting Wednesday on a criminal forum a spreadsheet containing an "entire threat actor list" and promising to later publish "their entire IOC list," referring to indicators of compromise.




Breach Roundup: ICANN Warns .top Domain About Phishing

Source: Info Risk Today

The Chinese company managing the .top top-level domain has until mid-August to implement systems for handling phishing reports and suspending abusive domains, or it will lose its license, warned the Internet Corporation for Assigned Names and Numbers. The warning follows findings that .top was the second-most-common suffix in phishing websites last year, after .com.




Critical Docker Engine Flaw Allows Attackers to Bypass Authorization Plugins

Source: The Hacker News

Docker is warning of a critical flaw impacting certain versions of Docker Engine that could allow an attacker to sidestep authorization plugins (AuthZ) under specific circumstances. Tracked as CVE-2024-41110, the bypass and privilege escalation vulnerability carries a CVSS score of 10.0, indicating maximum severity.



112 views

Help us Prevent Breaches.

We will never share or sell your information. Unsubscribe at any time.

Email: *

Received.

bottom of page