Lockbit ransomware attack interrupted medical emergencies gang at a German hospital network
A Lockbit ransomware attack against German hospital network Katholische Hospitalvereinigung Ostwestfalen caused service disruptions.
cyberveille.decio.ch
Microsoft disables MSIX protocol handler abused in malware attacks
Microsoft has again disabled the MSIX ms-appinstaller protocol handler after multiple financially motivated threat groups abused it to infect Windows users with malware.
This Clever New Idea Could Fix AirTag Stalking While Maximizing Privacy
Apple updated its location-tracking system in an attempt to cut down on AirTag abuse while still preserving privacy. Researchers think they’ve found a better balance.
Operation Triangulation: The last (hardware) mystery
Recent iPhone models have additional hardware-based security protection for sensitive regions of the kernel memory. We discovered that to bypass this hardware-based security protection, the attackers used another hardware feature of Apple-designed SoCs.
The Times Sues OpenAI and Microsoft Over A.I. Use of Copyrighted Work
Millions of articles from The New York Times were used to train chatbots that now compete with it, the lawsuit said.
The Disturbing Impact of the Cyberattack at the British Library
The library has been incapacitated since October, and the effects have spread beyond researchers and book lovers.
GTA 5 source code reportedly leaked online a year after RockStar hack
The source code for Grand Theft Auto 5 was reportedly leaked on Christmas Eve, a little over a year after the Lapsus$ threat actors hacked Rockstar games and stole corporate data.
Ubisoft says it's investigating reports of a new security breach
Ubisoft is investigating whether it suffered a breach after images of the company's internal software and developer tools were leaked online. Ubisoft is a French video game publisher known for well-known titles, including Assassin's Creed, FarCry, Tom Clancy's Rainbow Six Siege, and the new Avatar: Frontiers of Pandora. Ubisoft told BleepingComputer that they are investigating an alleged data security incident after security research collective VX-Underground shared screenshots of what appears to be the company's internal services.
Personal Information Exploit on OpenAI’s ChatGPT Raise Privacy Concerns
Last month, I received an alarming email from someone I did not know: Rui Zhu, a Ph.D. candidate at Indiana University Bloomington. Mr. Zhu had my email address, he explained, because GPT-3.5 Turbo, one of the latest and most robust large language models (L.L.M.) from OpenAI, had delivered it to him.
Google Search Overwhelmed By Massive Spam Attack
Google is apparently struggling to contain a spam attack that's been ongoing for days. Google’s search results have been hit by a spam attack for the past few days in what can only be described as completely out of control. Many domains are ranking for hundreds of thousands of keywords each, an indication that the scale of this attack could easily reach into the millions of keyword phrases.
Crypto drainer steals $59 million from 63k people in Twitter ad push
Google and Twitter ads are promoting sites containing a cryptocurrency drainer named 'MS Drainer' that has already stolen $59 million from 63,210 victims over the past nine months.
The ticking time bomb of Microsoft Exchange Server 2013
I monitor (in an amateur, clueless way) ransomware groups in my spare time, to see what intelligence can be gained from looking at victim orgs and what went wrong. Basically, I’m a giant big dork with too much free time. I’ve discovered two organisations with ransomware incidents, where the entry point appears to have been Exchange Server 2013 with Outlook Web Access enabled, where all available security updates were applied.
Inmate, Staff Information Stolen in Rhode Island Prison Data Breach
he Donald W. Wyatt Detention Facility says the data of 2,000 inmates, staff, and vendors was stolen in a cyberattack.
Android Banking Trojan Chameleon can now bypass any Biometric Authentication
ThreatFabric discovers a new variant of the Chameleon banking trojan distributed via Zombinder with features to bypass any biometric authentication.
BattleRoyal, DarkGate Cluster Spreads via Email and Fake Browser Updates
Overview Throughout the summer and fall of 2023, DarkGate entered the ring competing for the top spot in the remote access trojan (RAT) and loader category. It was observed in use by multiple cybe...
German Authorities Dismantle Dark Web Hub 'Kingdom Market' in Global Operation
German law enforcement takes down dark web giant "Kingdom Market," specializing in narcotics and malware sales to tens of thousands of users.
Hackers Exploiting MS Excel Vulnerability to Spread Agent Tesla Malware
Beware of phishing emails with invoice-themed attachments! Attackers are using an old Office vulnerability (CVE-2017-11882) to spread the Agent Tesla
Seedworm: Iranian Hackers Target Telecoms Orgs in North and East Africa
MuddyC2Go framework and custom keylogger used in attack campaign. Iranian espionage group Seedworm (aka Muddywater) has been targeting organizations operating in the telecommunications sector in Egypt, Sudan, and Tanzania. Seedworm has been active since at least 2017, and has targeted organizations in many countries, though it is most strongly associated with attacks on organizations in the Middle East. It has been publicly stated that Seedworm is a cyberespionage group that is believed to be a subordinate part of Iran’s Ministry of Intelligence and Security (MOIS).
Russian Water Utility Cyberattack Impacts 6000 Systems
At least 6000 computer systems have been impacted by the Ukrainian Blackjack-led Russian water utility cyberattack.
Lapsus$: GTA 6 hacker handed indefinite hospital order
Judge says hacker remains a high risk through his skills and motivation to carry out cyber crime.
USD 300 million seized and 3,500 suspects arrested in international financial crime operation
Operation HAECHI IV emphasizes the key role of INTERPOL in enabling police worldwide to address the growing complexity of cyber-enabled scams
Healthcare software provider data breach impacts 2.7 million
ESO Solutions, a provider of software products for healthcare organizations and fire departments, disclosed that data belonging to 2.7 million patients has been compromised as a result of a ransomware attack.
SSH protects the world’s most sensitive networks. It just got a lot weaker
Novel Terrapin attack uses prefix truncation to downgrade the security of SSH channels.
Snikt! Rhysida dumps more than a terabyte of Insomniac Games’ internal data
The Rhysida ransomware gang publishes 98 per cent of leaked data minutes after the ransom deadline passes – Wolverine game files included.
Qakbot's Back, But Don't Y'all Panic: A Southern Tech Talk
Qakbot, a versatile malware threat, returned after a takedown in August. The new campaign targets the hospitality industry with IRS-themed phishing emails containing malicious PDFs. Microsoft identified the attack, offering two IP addresses for blocking and a way to detect the malware's digital signature.
Unveiling VISS: a revolutionary approach to vulnerability impact scoring
Our open-source vulnerability impact scoring system is now available and enhances incident response capabilities. Here's how VISS is unique.
Web injections are back on the rise: 40+ banks affected by new malware campaign
DanaBot is a sophisticated banking trojan targeting financial institutions and their customers. Now, a new global campaign has put more users at risk.
Terrapin attacks can downgrade security of OpenSSH connections
Academic researchers developed a new attack called Terrapin that manipulates sequence numbers during the handshake process to breaks the SSH channel integrity when certain widely-used encryption modes are used.
Xfinity waited to patch critical Citrix Bleed 0-day. Now it’s paying the price
Data for almost 36 million customers now in the hands of unknown hackers.
Justice Department Disrupts Prolific ALPHV/Blackcat Ransomware Variant | United States Department of Justice
The Justice Department announced today a disruption campaign against the Blackcat ransomware group — also known as ALPHV or Noberus — that has targeted the computer networks of more than 1,000 victims and caused harm around the world since its inception, including networks that support U.S. critical infrastructure.