Discord will switch to temporary file links for all users by the end of the year to block attackers from using its CDN (content delivery network) for hosting and pushing malware. “Discord is evolving its approach to attachment CDN URLs in order to create a safer and more secure experience for users. In particular, this will help our safety team restrict access to flagged content, and generally reduce the amount of malware distributed using our CDN,” Discord told BleepingComputer.
Identity and authentication management provider Okta on Friday published an autopsy report on a recent breach that gave hackers administrative access to the Okta accounts of some of its customers. While the postmortem emphasizes the transgressions of an employee logging into a personal Google account on a work device, the biggest contributing factor was something the company understated: a badly configured service account.
Microsoft has had a rough few years of cybersecurity incidents. It found itself at the center of the SolarWinds attack nearly three years ago, one of the most sophisticated cybersecurity attacks we’ve ever seen. Then, 30,000 organizations’ email servers were hacked in 2021 thanks to a Microsoft Exchange Server flaw. If that weren’t enough already, Chinese hackers breached US government emails via a Microsoft cloud exploit earlier this year.
Apple’s “Find My” location network can be abused by malicious actors to stealthily transmit sensitive information captured by keyloggers installed in keyboards. The Find My network and application is designed to help users locate lost or misplaced Apple devices, including iPhones, iPads, Macs, Apple Watches, AirPods, and Apple Tags. The service relies on GPS and Bluetooth data crowd-sourced from millions of Apple devices worldwide to find devices reported as lost or stolen, even if those are offline.
A distributed denial-of-service (DDoS) attack has been identified as the cause of an online service outage that affected several public healthcare institutions in Singapore. And the attacks are continuing, according to national healthtech agency Synapxe, which is responsible for the IT operations that support the country’s public healthcare network. This network encompasses 46 public healthcare institutions, such as hospitals and polyclinics, and 1,400 community partners that include nursing homes and general practitioners.
A proxy botnet called ‘Socks5Systemz’ has been infecting computers worldwide via the ‘PrivateLoader’ and ‘Amadey’ malware loaders, currently counting 10,000 infected devices. The malware infects computers and turns them into traffic-forwarding proxies for malicious, illegal, or anonymous traffic. It sells this service to subscribers who pay between $1 and $140 per day in crypto to access it. Socks5Systemz is detailed in a report by BitSight that clarifies that the proxy botnet has been around since at least 2016 but has remained relatively under the radar until recently.