Google Law Enforcement Portal Breach

Google Confirms Security Breach in Law Enforcement Request Portal

Ravi Jain
A significant security breach within Google’s Law Enforcement Request System (LERS), which was orchestrated by a cybercriminal group known as “Scattered Lapsus$ Hunters.” This group, comprising members from several notorious hacking collectives, successfully created an unauthorized account within the sensitive LERS platform, although Google confirms no actual data requests were processed or sensitive information compromised through this fraudulent access. The document further details the group’s previous attack patterns, primarily exploiting Salesforce platforms through social engineering and authentication token abuse, and the broader implications for the security of law enforcement data systems across the tech industry. Finally, the text introduces Technijian, an IT services provider, offering various cybersecurity solutions and consulting to help organizations protect against such sophisticated threats and enhance their overall security posture. ... Read More
VoidProxy

VoidProxy: The Emerging Threat Targeting Microsoft 365 and Google Workspace Users

Ravi Jain
VoidProxy, a sophisticated “phishing-as-a-service” platform that targets Microsoft 365 and Google Workspace users. This threat distinguishes itself by operating as a real-time proxy, enabling attackers to intercept not only usernames and passwords, but also multi-factor authentication tokens and active session cookies. The platform utilizes compromised email marketing accounts, sophisticated redirection chains, and Cloudflare infrastructure to bypass traditional security measures and present convincing phishing pages. Technijian, an IT services provider, is introduced as a resource for organizations to implement robust cybersecurity defenses against such advanced threats, offering solutions like phishing-resistant authentication, risk-based access controls, and incident response. ... Read More
Senator Demands FTC Investigation

Microsoft Under Fire: Senator Demands FTC Investigation Over Security Failures

Ravi Jain
A U.S. senator’s formal request for an FTC investigation into Microsoft’s cybersecurity practices, citing “gross cybersecurity negligence.” This negligence is linked to ransomware attacks on critical infrastructure, specifically mentioning the Ascension Health breach where 5.6 million patient records were compromised due to the exploitation of weak RC4 encryption in Microsoft’s Kerberos authentication system. The documents highlight Microsoft’s continued use of the outdated RC4 algorithm despite its known vulnerabilities, with the company defending its presence for backward compatibility while stating its intent to gradually phase it out. Finally, the sources also feature a cybersecurity firm, Technijian, offering services to mitigate such vulnerabilities and strengthen organizational security, emphasizing proactive measures and expert guidance to protect against advanced threats like Kerberoasting. ... Read More
Multi-Billion Packet DDoS Attacks targeting global networks

When Defense Becomes the Target: The Alarming Rise of Multi-Billion Packet DDoS Attacks

Ravi Jain
“When Defense Becomes the Target: The Alarming Rise of Multi-Billion Packet DDoS Attacks,” discusses the escalating threat of sophisticated Distributed Denial-of-Service (DDoS) attacks, highlighting a major incident where a European mitigation service was targeted by a 1.5 billion packet-per-second assault. These attacks exploit everyday consumer devices like IoT devices and routers, turning them into weapons in a global digital army. The source emphasizes the increasing sophistication of cybercriminals, the weaponization of consumer technology, and the alarming trend of even cybersecurity defenders becoming targets, urging for better device security, ISP-level filtering, and industry collaboration. Additionally, a section from Technijian outlines their role as a managed IT services provider, offering solutions like network security assessments, device hardening, and incident response planning to help businesses protect themselves against such cyber threats. ... Read More
Docker API Security

Docker API Security Under Siege: How Cybercriminals Exploit Exposed APIs Through Tor Networks

Ravi Jain
Critical security threats to Docker APIs, highlighting how cybercriminals exploit exposed ports, often using the Tor network for anonymity. It explains the evolution of these attacks, from simple cryptocurrency mining to the development of sophisticated botnet infrastructure with advanced payload delivery and persistence mechanisms. The article also addresses detection and monitoring challenges for these containerized threats, offering comprehensive prevention and mitigation strategies such as API hardening, network segmentation, and incident response planning. Finally, the text introduces Technijian, an IT services provider that offers solutions for strengthening Docker security postures, including assessments, incident response, and continuous monitoring. ... Read More