More threat actors have been using a free browser automation framework in deploying attacks, according to The Hacker News. Various features within the framework could be leveraged for malicious activities, a report from Team Cymru researchers revealed.
"The technical entry bar for the framework is purposefully kept low, which has served to create an active community of content developers and contributors, with actors in the underground economy advertising their time for the creation of bespoke tooling," researchers wrote. The report also showed that Bablosoft, which developed the Browser Automation Studio, had its downloads subdomain connected to the command-and-control IP addresses of the RedLine Stealer, BlackGuard, and Bumblebee malware strains, prompting researchers to believe that the Bablosoft subdomain connections are being used by various malware operators for post-exploitation activities.
"Based on the number of actors already utilizing tools offered on the Bablosoft website, we can only expect to see BAS becoming a more common element of the threat actor's toolkit," added researchers.
Only 3% of organizations around the world were reported to be completely ready to deal with increasingly sophisticated cybersecurity threats, including ransomware attacks and supply chain intrusions, reports SiliconAngle.
Severely lacking military coordination and recruitment for U.S. cybersecurity efforts have prompted the Foundation for Defense of Democracies to urge Congress to immediately advance an independent Cyber Force that would ensure the country's cyber defense readiness, according to The Record, a news site by cybersecurity firm Recorded Future.
Nearly 17,000 internet-exposed Microsoft Exchange servers across Germany were confirmed by the country's Federal Office for Information Security, or BSI, to have significant security issues, reports BleepingComputer.