Cloud Atlas' Spear-Phishing Attacks Target Russian Agro and Research Companies
Cloud Atlas spear-phishing attacks hit an agro-industrial enterprise and a state-owned research company.
Russian military hackers target Ukraine with new MASEPIE malware
Ukraine's Computer Emergency Response Team (CERT) is warning of a new phishing campaign that allowed Russia-linked hackers to deploy previously unseen malware on a network in under one hour.
Ukraine war: What's the impact of cyber guerrillas?
In response to Russia's invasion, Ukraine called for support from volunteers operating in cyberspace. Since then, hackers have helped Kyiv's war effort. But this new phenomenon also draws criticism.
Things are about to get a lot worse for Generative AI
A full of spectrum of infringment The cat is out of the bag: Generative AI systems like DALL-E and ChatGPT have been trained on copyrighted materials; OpenAI, despite its name, has not been transparent about what it has been trained on. Generative AI systems are fully capable of producing materials that infringe on copyright. They do not inform users when they do so. They do not provide any information about the provenance of any of the images they produce. Users may not know when they produce any given image whether they are infringing.
Chinese Hackers Exploited New Zero-Day in Barracuda's ESG Appliances
Chinese threat actors exploited a new zero-day vulnerability in Barracuda's Email Security Gateway (ESG) appliances.
‘Wall of Flippers’ detects Flipper Zero Bluetooth spam attacks
A new Python project called 'Wall of Flippers' detects Bluetooth spam attacks launched by Flipper Zero and Android devices.
Hackers stole $2 billion in crypto in 2023, data shows
Data shows hackers stole around $2 billion in crypto this year, according to data analyzed by blockchain security firms.
Amnesty confirms Apple warning: Indian journalists’ iPhones infected with Pegasus spyware
Apple's warnings in late October that Indian journalists and opposition figures may have been targeted by state-sponsored attacks prompted a forceful Behind closed doors, senior officials from Modi's administration demanded that Apple soften the political impact of the state-sponsored warnings, according to Washington Post.
Lockbit ransomware disrupts emergency care at German hospitals
German hospital network Katholische Hospitalvereinigung Ostwestfalen (KHO) has confirmed that recent service disruptions were caused by a Lockbit ransomware attack where the threat actors gained access to IT systems and encrypted devices on the network.
Cybercriminals launched “Leaksmas” event in the Dark Web exposing massive volumes of leaked PII and compromised data
Even as the New Year approached and the world celebrated the festive Christmas season, the cybercriminal community did not pause their activities. Instead, they marked the holiday season in their unique way. On Christmas Eve, Resecurity observed multiple actors on the Dark Web releasing substantial data dumps. These were the result of data breaches and network intrusions to a variety of companies and government agencies. Numerous leaks disseminated in the underground cyber world were tagged with 'Free Leaksmas,' indicating that these significant leaks were shared freely among various cybercriminals as a form of mutual gratitude.
Lockbit ransomware attack interrupted medical emergencies gang at a German hospital network
A Lockbit ransomware attack against German hospital network Katholische Hospitalvereinigung Ostwestfalen caused service disruptions.
Microsoft disables MSIX protocol handler abused in malware attacks
Microsoft has again disabled the MSIX ms-appinstaller protocol handler after multiple financially motivated threat groups abused it to infect Windows users with malware.
Les données médicales toujours plus vulnérables face aux cyberattaques
En Suisse et partout ailleurs dans le monde, les hôpitaux se retrouvent fréquemment dans la ligne de mire des cybercriminels, exposant nos données médicales à des risques considérables. Dans une ère où la numérisation de la santé est en plein essor, la protection des informations sensibles apparaît comme un défi majeur.
Les arnaques aux QR codes se multiplient depuis quelques mois
Les QR codes sont devenus d'incontournables moyens de paiement en Suisse. Très pratiques, ils sont néanmoins faillibles et les arnaques fleurissent, en particulier en matière de parkings. La prudence est de mise.
This Clever New Idea Could Fix AirTag Stalking While Maximizing Privacy
Apple updated its location-tracking system in an attempt to cut down on AirTag abuse while still preserving privacy. Researchers think they’ve found a better balance.
Operation Triangulation: The last (hardware) mystery
Recent iPhone models have additional hardware-based security protection for sensitive regions of the kernel memory. We discovered that to bypass this hardware-based security protection, the attackers used another hardware feature of Apple-designed SoCs.
The Times Sues OpenAI and Microsoft Over A.I. Use of Copyrighted Work
Millions of articles from The New York Times were used to train chatbots that now compete with it, the lawsuit said.
The Disturbing Impact of the Cyberattack at the British Library
The library has been incapacitated since October, and the effects have spread beyond researchers and book lovers.
GTA 5 source code reportedly leaked online a year after RockStar hack
The source code for Grand Theft Auto 5 was reportedly leaked on Christmas Eve, a little over a year after the Lapsus$ threat actors hacked Rockstar games and stole corporate data.
Ubisoft says it's investigating reports of a new security breach
Ubisoft is investigating whether it suffered a breach after images of the company's internal software and developer tools were leaked online. Ubisoft is a French video game publisher known for well-known titles, including Assassin's Creed, FarCry, Tom Clancy's Rainbow Six Siege, and the new Avatar: Frontiers of Pandora. Ubisoft told BleepingComputer that they are investigating an alleged data security incident after security research collective VX-Underground shared screenshots of what appears to be the company's internal services.
Personal Information Exploit on OpenAI’s ChatGPT Raise Privacy Concerns
Last month, I received an alarming email from someone I did not know: Rui Zhu, a Ph.D. candidate at Indiana University Bloomington. Mr. Zhu had my email address, he explained, because GPT-3.5 Turbo, one of the latest and most robust large language models (L.L.M.) from OpenAI, had delivered it to him.
Cyberattaque contre l’Iran : qui sont ces mystérieux hackers qui perturbent le pays ?
Une cyberattaque d’ampleur a paralysé des dizaines de milliers de stations services en Iran. Derrière l’attaque, de nombreuses hypothèses circulent sur l’origine de ces pirates.
Google Search Overwhelmed By Massive Spam Attack
Google is apparently struggling to contain a spam attack that's been ongoing for days. Google’s search results have been hit by a spam attack for the past few days in what can only be described as completely out of control. Many domains are ranking for hundreds of thousands of keywords each, an indication that the scale of this attack could easily reach into the millions of keyword phrases.
Crypto drainer steals $59 million from 63k people in Twitter ad push
Google and Twitter ads are promoting sites containing a cryptocurrency drainer named 'MS Drainer' that has already stolen $59 million from 63,210 victims over the past nine months.
The ticking time bomb of Microsoft Exchange Server 2013
I monitor (in an amateur, clueless way) ransomware groups in my spare time, to see what intelligence can be gained from looking at victim orgs and what went wrong. Basically, I’m a giant big dork with too much free time. I’ve discovered two organisations with ransomware incidents, where the entry point appears to have been Exchange Server 2013 with Outlook Web Access enabled, where all available security updates were applied.
Inmate, Staff Information Stolen in Rhode Island Prison Data Breach
he Donald W. Wyatt Detention Facility says the data of 2,000 inmates, staff, and vendors was stolen in a cyberattack.
Android Banking Trojan Chameleon can now bypass any Biometric Authentication
ThreatFabric discovers a new variant of the Chameleon banking trojan distributed via Zombinder with features to bypass any biometric authentication.
BattleRoyal, DarkGate Cluster Spreads via Email and Fake Browser Updates
Overview Throughout the summer and fall of 2023, DarkGate entered the ring competing for the top spot in the remote access trojan (RAT) and loader category. It was observed in use by multiple cybe...
German Authorities Dismantle Dark Web Hub 'Kingdom Market' in Global Operation
German law enforcement takes down dark web giant "Kingdom Market," specializing in narcotics and malware sales to tens of thousands of users.
Hackers Exploiting MS Excel Vulnerability to Spread Agent Tesla Malware
Beware of phishing emails with invoice-themed attachments! Attackers are using an old Office vulnerability (CVE-2017-11882) to spread the Agent Tesla