API security in the cloud presents challenges for organizations, but implementing best practices such as robust authentication and encryption protocols can mitigate risks and protect data and systems.
The US Department of the Treasury has sanctioned Ekaterina Zhdanova, a Russian businesswoman, for her alleged involvement in money laundering activities, including assisting the Ryuk ransomware group in laundering stolen funds and facilitating cross-border transactions to help Russian individuals bypass international sanctions and gain access to Western financial markets.
SecuriDropper, a newly discovered dropper-as-a-service for Android, exploits a vulnerability in Android’s “Restricted Settings” feature, enabling it to bypass Google’s security measures and deliver malware.
Kinsing, a threat actor known for adaptive attack strategies, is actively exploiting the Looney Tunables Linux privilege escalation vulnerability in a new campaign targeting cloud environments, marking the first documented instance of this exploit being used.
Ace Hardware is currently experiencing a cyberattack that has disrupted their ability to accept online orders and has raised concerns about potential phishing attacks on retailers.
Hackers gained unauthorized access to Okta’s support system, compromising a service account and stealing session tokens, leading to session hijacking attacks against five customers. Okta has taken steps to address the issue and protect affected customers, but this incident highlights the need for proper security measures and the importance of not accessing personal accounts on company devices.
