Handala Claims Hack of Israeli PM Netanyahu's Chief of Staff Tzahi Braverman While Coupang Insider Throws Laptop Weighted with Bricks into River and Volunteer MSSP Launches for Rural Water Utilities
Solid rundown of the threat landscape dynamics right now. The MongoDB zero-day timing right before holidays is a classic attacker window, and the fact that LastPass 2022 breach is still generating credential stuffing attacks shows how vault hygene never expires. What caught my eye was the Evasive Panda DNS tunneling using TXT records because most orgs I've worked with don't monitor DNS query entropy at all, let alone block high-entropy TXT patterns.
Solid rundown of the threat landscape dynamics right now. The MongoDB zero-day timing right before holidays is a classic attacker window, and the fact that LastPass 2022 breach is still generating credential stuffing attacks shows how vault hygene never expires. What caught my eye was the Evasive Panda DNS tunneling using TXT records because most orgs I've worked with don't monitor DNS query entropy at all, let alone block high-entropy TXT patterns.