Like many companies, Dropbox has been experimenting with large language models (LLMs) as a potential backend for product and research initiatives. As interest in leveraging LLMs has increased in recent months, the Dropbox Security team has been advising on measures to harden internal Dropbox infrastructure for secure usage in accordance with our AI principles. In particular, we’ve been working to mitigate abuse of potential LLM-powered products and features via user-controlled input.
Microsoft Threat Intelligence has identified highly targeted social engineering attacks using credential theft phishing lures sent as Microsoft Teams chats by the threat actor that Microsoft tracks as Midnight Blizzard (previously tracked as NOBELIUM).
Cybersecurity veteran Amit Yoran says Microsoft has a culture of toxic obfuscation when it comes to addressing security threats.
Rapid7 discovered a new vulnerability that allows unauthenticated attackers to access the API in unsupported versions of MobileIron Core (11.2 and below).
By researching Azure AD Connect components, Sygnia was able to discover several attack vectors for extracting Connector credentials and domain users’ NT hashes, while avoiding common security solutions.
Reptile is an open-source kernel module rootkit that targets Linux systems and is publicly available on GitHub. [1] Rootkits are malware that possess the capability to conceal themselves or other malware. They primarily target files, processes, and network communications for their concealment. Reptile’s concealment capabilities include not only its own kernel module but also files, directories, file contents, processes, and network traffic. Unlike other rootkit malware that typically only provide concealment capabilities, Reptile goes a step further by offering a reverse...
A researcher at Tenable has discovered an issue that enables limited, unauthorized access to cross-tenant applications and sensitive data (including but not limited to authentication secrets). Background The issue occurred as a result of insufficient access control to Azure Function hosts, which are launched as part of the creation and operation of custom connectors in Microsoft’s Power Platform (Power Apps, Power Automation).
Last week, Senator Ron Wyden sent a letter to the Cybersecurity and Infrastructure Security Agency (CISA), the Department of Justice and the Federal Trade Commission (FTC) asking that they hold Microsoft accountable for a repeated pattern of negligent cybersecurity practices, which has enabled Chine
Russian state-sponsored hackers posed as technical support staff on Microsoft Teams to compromise dozens of global organizations, including government agencies.
Let's have a look at the threats brought by introduction of .zip TLD
The element originally known as “foul air” stinks up computers as a new initial-access campaign exhibiting some uncommon techniques
Tomcat Vulnerability explore some of the techniques used by the Mirai botnet to exploit a single attack directed at one of our Apache Tomcat honeypots.
AhnLab Security Emergency response Center (ASEC) has confirmed the distribution of malware in the form of a batch file (*.bat). This malware is designed to download various scripts based on the anti-malware process, including AhnLab products, installed in the user’s environment. Based on the function names used by the malware and the downloaded URL parameters, it is suspected to have been distributed by the Kimsuky group.
Crimeware actors have launched an extensive campaign to target macOS users with malware disguised in multiple fake blockchain games.
Wiz Research discovers CVE-2023-2640 & CVE-2023-32629, 2 privilege escalation vulnerabilities in Ubuntu's OverlayFS module impacting 40% of cloud workloads.
