Threat Landscape Briefing – October 2023
In this month’s briefing we explore:
- Cross-tenant impersonation attacks responsible for recent high-profile breaches (timestamp – 00:58)
- In early September, several customers of Okta’s IAM platform, were targeted in a sophisticated that allows threat attackers to leverage their foothold in one system to compromise another, allowing them to move laterally throughout an organization.
- See Info-Tech’s Assess and Govern Identity Security.
- Deadglyph, the modular malware you need to be aware of (timestamp – 04:26)
- A new and sophisticated backdoor malware named Deadglyph has been used in a cyberespionage attack against a government agency in the Middle East.
- See Info-Tech’s Implement Risk-Based Vulnerability Management.
- Router firmware manipulation: a rising threat (timestamp – 07:12)
- A sophisticated hacking group, BlackTech, is targeting organizations in the United States and Japan, according to a joint advisory from both countries.
- See Info-Tech’s Network Segmentation.
- Attackers targeting users through a fake password manager site (timestamp – 09:48)
- The malware known as ZenRAT, has been targeting Windows users by directing them to a fake website of Bitwarden, an open-source password management service.
- See Info-Tech’s Develop a Security Awareness and Training Program That Empowers End Users.
If you have a question or would like to receive these monthly briefings via email, submit a request here.