David Strom


Latest from David Strom

LockBit malware group still at large, now using Citrix Bleed tactics

The malware group behind the LockBit ransomware attacks has gotten even more sophisticated. Australian cybersecurity officials, the FBI and the Cybersecurity and Infrastructure Security Agency on Tuesday jointly released a security advisory on how the group is exploiting the CitrixBleed vulnerability. The group isn’t the only one using this issue, which compromises various Citrix load balancing and ...

Phobos ransomware group steps up its game

The 8Base ransomware group, the criminals behind the Phobos malware, continue to advance its tactics and is branching out into selling ransomware-as-a-service, according to a new report Friday from Cisco Talos Intelligence. In June, SiliconANGLE wrote about the group’s summer exploits from a VMware Inc. report. Phobos-based attacks have been observed since 2018 and it ...

Ransomware attacks now come with SEC breach complaints

In what could be called the ultimate hubris, the ALPHV/BlackCat ransomware group this week filed a U.S. Securities and Exchange Commission complaint. It’s certainly a unique way to increase the trouble generated by one of its attacks. The complaint, which is described in detail in yesterday’s post on Bleeping Computer by Ionut Ilascu, charges one ...

Wiz adds AI security to its cloud protection line

Wiz Inc. today announced new artificial intelligence-related extensions to the modules in its cloud-native application protection platform line of products. CNAPP tools combine a variety of defensive mechanisms to protect access controls, secure source code pipelines, harden authentication and encryption tasks, and remediate threats. The company points out the problem with what it calls “shadow AI,” ...

Broad collection of security products announced at Microsoft Ignite

Microsoft today announced a raft of security features that include substantive enhancements to its existing products and services at its Ignite conference in Seattle and online. The news integrates more than 50 different feature sets into six general product lines, offering both completely new products as well as enhancements to existing ones, as shown below. ...

SecureAuth’s Arculix gets new identity orchestration features

SecureAuth Corp. today announced a major upgrade to its identity management software Arculix, with new features that include improvements to its authentication orchestration and integrations to Citrix and Microsoft’s Entra identity products to enable more automated authentication processes. Orchestration is no small feature enhancement. It’s the heart and soul of identity management. Setting up the ...

Palo Alto Networks adds new AI-related security features to its Cortex line

Palo Alto Networks Inc. today added new artificial intelligence-related security features to its Cortex security automation and intelligence product line — the key word being “automation,” especially when it comes to finding and stopping threats and exploits. The average time to discover and contain an incident takes five and a half days, according to the company. ...

New spam exploit vector abuses Google Forms’ quizzes

Yet another way for spammers to worm their way into systems was uncovered Thursday by the researchers at Cisco Systems Inc.’ Talos Intelligence blog. This time, it’s an exploit that involves abusing the quiz results feature of Google Forms. It is both clever and dastardly — clever, because the exploit is subtle and complicated. It ...

Kubernetes security remains a big challenge for enterprise developers

As enterprise software containers become ever more critical to running applications easily across clouds, securing them has become a mounting problem. And as more workloads move onto these containers, using the container cluster management software Kubernetes, they require better tools, more specialized knowledge of their potential exploits, and more automated techniques that are still being ...

Application interfaces become more popular for authorization security exploits

Application programming interfaces are critical to provide levels of system access permissions for particular groups of users, but they also present a big problem: Authorization using APIs provides a convenient backdoor for potential attacks, not to mention that APIs can become brittle and consume hours to debug and fix. That’s why API authorization is getting a ...