Microsoft has warned of a new wave of CACTUS ransomware attacks that leverage malvertising lures to deploy DanaBot as an initial access vector. The DanaBot infections led to “hands-on-keyboard activity by ransomware operator Storm-0216 (Twisted Spider, UNC2198), culminating in the…
Category: EN
LogoFAIL: UEFI Vulnerabilities Expose Devices to Stealth Malware Attacks
The Unified Extensible Firmware Interface (UEFI) code from various independent firmware/BIOS vendors (IBVs) has been found vulnerable to potential attacks through high-impact flaws in image parsing libraries embedded into the firmware. The shortcomings, collectively labeled LogoFAIL by Binarly, “can be used by…
Understanding the New SEC Rules for Disclosing Cybersecurity Incidents
The U.S. Securities and Exchange Commission (SEC) recently announced its new rules for public companies regarding cybersecurity risk management, strategy, governance, and incident exposure. Some requirements apply to this year—for example, disclosures for fiscal years ending December 15, 2023, or…
Google Introduces RETVec: Gmail’s New Defense to Identify Spams
Google has recently introduced a new multilingual text vectorizer called RETVec (an acronym for Resilient and Efficient Text Vectorizer), to aid identification of potentially malicious content like spam and fraudulent emails in Gmail. While massive platforms like YouTube and Gmail…
Researchers: ‘Black Basta’ Group Rakes in Over $100 Million
A cyber extortion group believed to be an offshoot of the infamous Russian Conti hacker organization has reportedly amassed over $100 million since its emergence last year, according to a report published on Wednesday by digital currency tracking service…
Okta: October Data Breach Impacts All User Across Customer Support Systems
The latest investigation Okta’s recent investigation into the exploit of its Help Center environment in October disclosed that the threat actors stole the data that belonged to all customer support system users. Okta mentioned that the hackers also stole extra…
Active Attacks Targeting Google Chrome & ownCloud Flaws: CISA Warns
The CISA announced two known exploited vulnerabilities active attacks targeting Google Chrome & own cloud vulnerabilities in their catalog. As the national coordinator for critical infrastructure security and resilience, CISA oversees government cybersecurity operations. Document Protect Your Storage With SafeGuard…
You should probably update your Google Chrome browser this weekend
2023 has been a banner year for zero-day exploits in Chrome, and Google has patched its 6th one, calling it an “emergency.” This article has been indexed from Latest stories for ZDNET in Security Read the original article: You should…
ChatGPT Spit Out Sensitive Data When Told to Repeat ‘Poem’ Forever
Plus: A major ransomware crackdown, the arrest of Ukraine’s cybersecurity chief, and a hack-for-hire entrepreneur charged with attempted murder. This article has been indexed from Security Latest Read the original article: ChatGPT Spit Out Sensitive Data When Told to Repeat…
Europol Dismantles Ukrainian Ransomware Gang
A well-known ransomware organization operating in Ukraine has been successfully taken down by an international team under the direction of Europol, marking a major win against cybercrime. In this operation, the criminal group behind several high-profile attacks was the target…
Amazon Introduces Q, a Business Chatbot Powered by Generative AI
Amazon has finally identified a solution to counter ChatGPT. Earlier this week, the technology giant announced the launch of Q, a business chatbot powered by generative artificial intelligence. The announcement, made in Las Vegas at the company’s annual conference…
China continues Pig-Butchering Crack-down
One of my techniques for keeping current on Cybercrime trends is having an “interesting” collection of international news ticklers. This story came to me via X:CyberScamMonitor via a QQ account called “onCambodia.” @CyberScamMonitor is a Twitter/X account and Substack account…
Next-Level AI: Unbelievable Precision in Replicating Doctors’ Notes Leaves Experts in Awe
In an in-depth study, scientists found that a new artificial intelligence (AI) computer program can generate doctors’ notes with such precision that two physicians could not tell the difference. This indicates AI may soon provide healthcare workers with groundbreaking…
Scores of US credit unions offline after ransomware infects backend cloud outfit
Supply chain attacks: The gift that keeps on giving A ransomware infection at a cloud IT provider has disrupted services for 60 or so credit unions across the US, all of which were relying on the attacked vendor. … This article…
How Kasada Counters Toll Fraud and Fake Account Creation for Enterprises
Amidst surging fake account creation and messaging charges from SMS toll fraud, two industry giants chose Kasada to protect their customers and profit margins. The post How Kasada Counters Toll Fraud and Fake Account Creation for Enterprises appeared first on…
Fortune-telling website WeMystic exposes 13M+ user records
WeMystic, a website on astrology, numerology, tarot, and spiritual orientation, left an open database exposing 34GB of sensitive data about the platforms’ users. Telling the future is a tricky business, and failure to foretell your own mishaps doesn’t help. The…
Agent Racoon Backdoor Targets Organizations in Middle East, Africa, and U.S.
Organizations in the Middle East, Africa, and the U.S. have been targeted by an unknown threat actor to distribute a new backdoor called Agent Racoon. “This malware family is written using the .NET framework and leverages the domain name service (DNS)…
Russian Hacker Vladimir Dunaev Convicted for Creating TrickBot Malware
A Russian national has been found guilty in connection with his role in developing and deploying a malware known as TrickBot, the U.S. Department of Justice (DoJ) announced. Vladimir Dunaev, 40, was arrested in South Korea in September 2021 and extradited to…
What Is Distributed Cloud and Why Should You Care?
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Blog Read the original article: What Is Distributed Cloud and Why Should You Care?
IT Modernization Efforts Need to Prioritize Cybersecurity
By Mark Marron, CEO and President, ePlus, Inc. Organizations are increasingly advancing their digital transformation efforts to deliver internal efficiencies, reduce costs, and improve customer experiences. As a side-effect of […] The post IT Modernization Efforts Need to Prioritize Cybersecurity…