1/12/24: CI/CD attacks, FBot, hacked X account...

Here are this week's security highlights:

New class of CI/CD attacks?

A newly disclosed class of CI/CD attacks could have allowed attackers to inject malicious code into the PyTorch repository, leading to massive supply chain compromise. Initially detailed in December 2023, the attack method targets GitHub repositories with self-hosted runners attached and allows a threat actor to execute arbitrary code without requiring approval.

FBot hacking tool targeting cloud, payment platforms

Researchers have discovered a new Python-based hacking tool being leveraged by cybercriminals to target cloud and SaaS platforms, and payment services, like AWS, Office365, PayPal and Twilio. The tool, which is called FBot and has functionalities for harvesting credentials and hijacking accounts, shows the continued interest by cybercriminals in cloud platforms as an attack vector, and researchers urge organizations to enable MFA for AWS services with programmatic access to minimize the potential impact of tools like these.

SANS Institute survey surfaces State of Cybersecurity Defenses

A survey of 297 cybersecurity professionals conducted by SANS Institute found 83% of respondents felt they had the right policies, processes and controls defined, but only slightly more than two-thirds (67%) have actual metrics and reports that prove that assertion. Sponsored by Expel, a provider of security operations platform, the survey finds the most widely tracked metrics are security incidents (74%), vulnerability assessments (59%) and intrusion attempts (44%).

Mandiant details how its X account was hacked

Mandiant revealed that its account on the social media platform X, formerly Twitter, was hacked as part of a cryptocurrency theft campaign that generated at least $900,000 for cybercriminals.?The X account of Mandiant, which is part of Google Cloud, was hijacked in early January and abused to promote a link to a fake website claiming to be affiliated with the legitimate Phantom cryptocurrency wallet.

Ubuntu 24.04 LTS to get 12 years of updates

Canonical shared a roadmap in early December last year that showcased what the Desktop team was working on for Ubuntu 24.04. Even the earlier Ubuntu 23.10 release could be used as a strong indicator of what to expect from the upcoming LTS release. Ubuntu 24.04 LTS will be receiving 12 years of updates, and the same commitment would be made for some older LTS releases (without specifying any versions).

Subscribe for weekly security updates!