#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Positive Technologies | Breaking Cybersecurity News | The Hacker News

Cloud Atlas' Spear-Phishing Attacks Target Russian Agro and Research Companies

Cloud Atlas' Spear-Phishing Attacks Target Russian Agro and Research Companies

Dec 25, 2023 Cyber Espionage / Malware
The threat actor referred to as  Cloud Atlas  has been linked to a set of spear-phishing attacks on Russian enterprises. Targets included a Russian agro-industrial enterprise and a state-owned research company, according to a  report  from F.A.C.C.T., a standalone cybersecurity company formed after Group-IB's formal exit from Russia earlier this year. Cloud Atlas, active since at least 2014, is a cyber espionage group of unknown origin. Also called Clean Ursa, Inception, Oxygen, and Red October, the threat actor is known for its persistent campaigns targeting Russia, Belarus, Azerbaijan, Turkey, and Slovenia. In December 2022, Check Point and Positive Technologies  detailed  multi-stage attack sequences that led to the deployment of a PowerShell-based backdoor referred to as PowerShower as well as DLL payloads capable of communicating with an actor-controlled server. The starting point is a phishing message bearing a lure document that exploits  CVE-2017-11882 , a six-year-ol
Researchers Expose Space Pirates' Cyber Campaign Across Russia and Serbia

Researchers Expose Space Pirates' Cyber Campaign Across Russia and Serbia

Aug 01, 2023 Cyber Attack / Malware
The threat actor known as  Space Pirates  has been linked to attacks against at least 16 organizations in Russia and Serbia over the past year by employing novel tactics and adding new cyber weapons to its arsenal. "The cybercriminals' main goals are still espionage and theft of confidential information, but the group has expanded its interests and the geography of its attacks," Positive Technologies  said  in a deep dive report published last week. Targets comprise government agencies, educational institutions, private security companies, aerospace manufacturers, agricultural producers, defense, energy, and healthcare firms in Russia and Serbia. Space Pirates was  first exposed  by the Russian cybersecurity company in May 2022, highlighting its attacks on the aerospace sector in the nation. The group, believed to be active since at least late 2019, has links to another adversary tracked by Symantec as  Webworm . Positive Technologies' analysis of the attack inf
6 Ways to Simplify SaaS Identity Governance

6 Ways to Simplify SaaS Identity Governance

Feb 21, 2024SaaS Security / Identity Management
With SaaS applications now making up the vast majority of technology used by employees in most organizations, tasks related to identity governance need to happen across a myriad of individual SaaS apps. This presents a huge challenge for centralized IT teams who are ultimately held responsible for managing and securing app access, but can't possibly become experts in the nuances of the native security settings and access controls for hundreds (or thousands) of apps. And, even if they could, the sheer volume of tasks would easily bury them. Modern IT teams need a way to orchestrate and govern SaaS identity governance by engaging the application owners in the business who are most familiar with how the tool is used, and who needs what type of access.  Nudge Security is a  SaaS security and governance solution  that can help you do just that, with automated workflows to save time and make the process manageable at scale. Read on to learn how it works. 1 . Discover all SaaS apps used b
Cybersecurity Resources