Cyber Bits · · 2 min read

Cyber Bits: October 21

In this week's Cyber Bits, Internet Archive faces another breach, Microsoft sets up Azure tenant honeypots, ransomware attacks are using ESET's name, Microsoft may have lost some security logs, and North Korea is targeting companies looking for temporary IT workers.

Cyber Bits: October 21

In this week's Cyber Bits, Internet Archive faces another breach, Microsoft sets up Azure tenant honeypots, ransomware attacks are using ESET's name, Microsoft may have lost some security logs, and North Korea is targeting companies looking for temporary IT workers.

Internet Archive breached again through stolen access tokens

Link: BleepingComputer

The Internet Archive experienced another data breach, this time due to stolen access tokens. This breach allowed unauthorized access to user accounts, further raising concerns about the organization's security practices. The tokens were used to access sensitive internal systems, but no evidence suggests user data was stolen. The Internet Archive is investigating the incident and has taken immediate steps to improve security measures and prevent future breaches.

Microsoft creates fake Azure tenants to pull phishers into honeypots

Link: BleepingComputer

Microsoft has initiated an innovative approach to combat phishing by creating fake Azure tenants to lure attackers into honeypots. These fake tenants are designed to attract phishing campaigns, allowing Microsoft to analyze their methods and gather intelligence on threat actors. This proactive defense strategy is part of Microsoft’s broader effort to safeguard its cloud services and users from increasingly sophisticated phishing attacks.

ESET-Branded Attack Targets Israel; Firm Denies Compromise

Link: DarkReading

A cyberattack disguised as an ESET-branded campaign has targeted Israel, deploying wiper malware to destroy data. Although the attackers used ESET's name and branding to lend credibility to their attack, ESET has denied any compromise or involvement. The attack highlights the dangers of using trusted brands to trick victims into downloading malicious software. Investigations are ongoing to identify the perpetrators and mitigate further risks.

Microsoft warns it lost some customer's security logs for a month

Link: BleepingComputer

Microsoft has notified customers that a subset of security logs was lost for approximately a month due to an internal system error. The missing logs affected the visibility of key security events for some users, potentially impacting their ability to detect and respond to threats. Microsoft is working on recovering the logs and has implemented measures to prevent similar issues in the future, apologizing for the inconvenience caused to its customers.

Undercover North Korean IT workers now steal data, extort employers

Link: BleepingComputer

North Korean IT workers, posing as freelancers, have been identified as part of a scheme to steal data and extort their employers. These undercover operatives take advantage of remote work opportunities to infiltrate companies, steal sensitive information, and in some cases, demand ransom payments. The U.S. government has issued warnings to businesses, urging them to be cautious when hiring freelance IT professionals from unverified sources, as this threat continues to grow.

Read next

Cyber Bits: November 25
Cyber Bits ·

Cyber Bits: November 25

Welcome to this week's edition of Cyber Bits, where we cover the latest in malware campaigns, advanced persistent threats, data breaches, vulnerabilities in enterprise systems from Fortinet and Palo Alto, and the economic impact of cyberattacks. Here's what you need to know this week:

Cyber Bits: October 14
Cyber Bits ·

Cyber Bits: October 14

In this weeks Cyber Bits, Microsoft deprecates VPN protocols, OpenAI confirms what everyone already knew about bad guys using ChatGPT for malware, SOC teams lament alert fatigue, qualified personnel gaps in cloud and cyber, and how to build cyber resilience for SMB's.