Microsoft Refused to Fix Flaw Years Before SolarWinds Hack
Former employee says software giant dismissed his warnings about a critical flaw because it feared losing government business. Russian hackers later used the weakness to breach the National Nuclear Security Administration, among others.
Black Basta ransomware gang linked to Windows zero-day attacks
The Cardinal cybercrime group (Storm-1811, UNC4394), who are the main operators of the Black Basta ransomware, is suspected of exploiting a Windows privilege escalation vulnerability, CVE-2024-26169, before a fix was made available.
entagon ran secret anti-vax campaign to undermine China during pandemic
The U.S. military launched a clandestine program amid the COVID crisis to discredit China’s Sinovac inoculation – payback for Beijing’s efforts to blame Washington for the pandemic. One target: the Filipino public. Health experts say the gambit was indefensible and put innocent lives at risk.
%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F25490736%2F240129_D_IM742_1116.JPG?width=92&height=&ar=&mode=&format=avif&dpr=2)
Breaking: Meta halts AI rollout in Europe after ‘request’ from Irish data protection authorities
Facebook and Instagram's parent company Meta is pausing its plans to roll our artificial intelligence tools in Europe, following a request from Ireland's Data Protection Commission (DPC), the firm said in a Friday (14 June) blogpost.
Major takedown of critical online infrastructure to disrupt terrorist communications and propaganda | Europol
The servers supported multiple media outlets linked to Islamic State. They were used to disseminate worldwide propaganda and messages capable of inciting terrorism in at least thirty languages. Eurojust and Europol coordinated and supported the joint operations.This week’s joint operations are part of ongoing efforts and constant vigilance to tackle online terrorist propaganda and communications, including through social media. They...
Here’s what to know about Adobe’s Terms of Use updates
We recently rolled out a re-acceptance of our Terms of Use which has led to concerns about what these terms are and what they mean to our customers. This has caused us to reflect on the language we use in our Terms, and the opportunity we have to be clearer and address the concerns raised by the community. Over the next few days, we will speak to our customers with a plan to roll out updated changes by June 18, 2024.
Ukrainian cyber specialists attack Russian airports, several flights delayed - source
Specialists with the Ukrainian Defense Ministry's Main Intelligence Directorate (HUR) carried out a cyberattack on the websites of Russian government agencies and Russian airports on "Russia Day," with a number of flights being delayed. — Ukrinform.
Evolution of KILLNET from Hacktivism to Private Hackers Company and the Role of Sub-groups
Recently KILLNET creator; ‘KillMilk’, announced that they were building a global team of operators from the darknet and special services members, with financially motivated destructive capabilities. Their operation went full circle from offering services to hackers and competing businessmen, to taking orders from private and state persons, along with defending the interests of the Russian Federation. This report focuses on analyzing KILLNET, Subgroups, capabilities, and recent development in the group’s motive.
Apple Patches Vision Pro Vulnerability Used in Possibly ‘First Ever Spatial Computing Hack’
Apple on Monday updated visionOS, the operating system powering its Vision Pro virtual reality headset, to version 1.2, which addresses several vulnerabilities, including what may be the first security flaw that is specific to this product. visionOS 1.2 patches nearly two dozen vulnerabilities. However, a vast majority of them are in components that visionOS shares with other Apple products, such as iOS, macOS and tvOS.
IcedID Brings ScreenConnect and CSharp Streamer to ALPHV Ransomware Deployment – The DFIR Report
Key Takeaways In October 2023, we observed an intrusion that began with a spam campaign, distributing a forked IcedID loader. The threat actor used Impacket’s wmiexec and RDP to install Scree…
