Major Canadian multinational shoe retailer Aldo has minimized the impact of a recent LockBit ransomware gang-claimed intrusion, which it said has been targeted at one of its franchise partners but has not affected operations following immediate containment, according to The Record, a news site by cybersecurity firm Recorded Future.
None of the endpoint detection and response solutions from Microsoft, SentinelOne, CrowdStrike, Cybereason, and Palo Alto Networks were able to detect or prevent eight new process injection techniques using Windows thread pools to execute malicious code dubbed "Pool Party," reports SecurityWeek.
SiliconAngle reports that threat actors could exploit Microsoft's Dynamic Host Configuration Protocol DNS Dynamic Updates functionality to facilitate the spoofing of Active Directory DNS records without additional user authentication.
Modern CPUs, including current AMD processors, as well as upcoming offerings from Arm, AMD, and Intel with support for the Top Byte Ignore, Upper Access Ignore, and Linear Address Masking hardware-based security features are at risk of a new side-channel attack dubbed "Spectre based on a Linear Masking" or SLAM, according to SecurityWeek.
SecurityWeek reports that while all 23 U.S. federal agencies have worked to integrate the Cybersecurity and Infrastructure Security Agency's vulnerability and incident response playbook into their incident response plans, as well as commenced incident response software deployment, only three agencies have completed the implementation of event logging requirements by August.
Defense industry organizations in South Korea had data concerning anti-aircraft weapon systems exfiltrated by North Korean state-sponsored threat operation Andariel, a sub-cluster of Lazarus Group, reports The Record, a news site by cybersecurity firm Recorded Future.
At least 30 organizations across 14 countries, most of which are part of NATO, and a NATO Rapid Deployable Corps have been targeted by Russian state-sponsored threat operation APT28, also known as Fancy Bear, Fighting Ursa, and Sofacy, in attacks involving the exploitation of a Microsoft Outlook vulnerability, tracked as CVE-2023-23397, during the past 20 months, reports BleepingComputer.