FILTERING BY: CLEAR FILTER

AWS Continuum, Apple Beats, and the CrowdStrike-Delta Fallout

AWS has introduced Continuum, an automated security framework shifting from passive telemetry to a "reasoning-and-action" model designed for machine-speed vulnerability remediation. Simultaneously, Apple patched a critical firmware vulnerability in Beats Studio Buds that enabled remote audio surveillance, effectively turning devices into wiretaps. Finally, the U.S. Department of Transportation closed its probe into Delta Air Lines following the CrowdStrike content update outage, though the airline remains embroiled in class-action litigation regarding refund policies. These events highlight a critical pivot toward autonomous defense and the enduring legal risks associated with systemic operational failures.

HazyBeacon Malware Exploits AWS and WordPress for Stealthy C2

A state-sponsored APT has deployed HazyBeacon, a sophisticated Windows backdoor, targeting high-value corporate environments through WordPress exploitation. The campaign leverages a "living-off-the-cloud" strategy, utilizing Amazon Web Services (AWS) Lambda functions to host serverless Command and Control (C2) infrastructure. By mimicking legitimate AWS API traffic and employing Steam Community profiles as secondary covert communication and data staging channels, the threat actor bypasses traditional network security perimeters, DNS filtering, and IP reputation-based detection. This architecture ensures long-term persistence and enables undetected data exfiltration within enterprise networks by masking malicious traffic within high-reputation cloud service streams.


LINK COPIED TO CLIPBOARD