Infosecurity News
Deepfake Digital Identity Fraud Surges Tenfold, Sumsub Report Finds
AI-powered tools are among the top fraud techniques used by threat actors in 2023, according to Sumsub’s third annual Identity Fraud Report
SecurityWeek
Police Dismantle Major Ukrainian Ransomware Operation
Police from several countries have dismantled a major Ukraine-based ransomware operation and arrested its alleged ringleader.
SecurityWeek
Exploitation of Critical ownCloud Vulnerability Begins
Threat actors have started exploiting a critical ownCloud vulnerability leading to sensitive information disclosure.
-1.webp)
Cyber Security News
APT Hackers Behind SysJoker Attacking Critical Industrial Sectors
SysJoker malware was initially discovered to be used by the APT group dubbed "WildCard" and was targeting the educational sector of Israel.
SecurityWeek
Critical Vulnerability Found in Ray AI Framework
A critical issue in open source AI framework Ray could provide attackers with operating system access to all nodes.
SecurityWeek
Los Angeles SIM Swapper Sentenced to 8 Years in Prison
Amir Golshan of Los Angeles was sentenced to 96 months in prison for perpetrating multiple cybercrime schemes.
SecurityWeek
Amazon One Enterprise Enables Palm-Based Access to Physical Locations, Digital Assets
AWS announces Amazon One Enterprise, a palm-based identity service that enables users to easily access physical locations and digital assets.
Ars Technica
Hackers spent 2+ years looting secrets of chipmaker NXP before being detected
Chipmaker claims breach had no "material adverse effect."
The Hacker News
Transform Your Data Security Posture – Learn from SoFi's DSPM Success
This webinar showcases SoFi's success in implementing DSPM and promises real-life case studies and practical strategies for data security.
The Hacker News
Design Flaw in Google Workspace Could Let Attackers Gain Unauthorized Access
Researchers reveal a critical design flaw in Google Workspace, dubbed "DeleFriend," that could allow attackers to steal emails, exfiltrate data.
Security Affairs
Daixin Team group claimed the hack of North Texas Municipal Water District
The Daixin Team group claims to have hacked the North Texas Municipal Water District (US) and threatened to leak the stolen data.
Infosecurity News
Cybercriminals Hesitant About Using Generative AI
An analysis of dark web forums revealed many threat actors are skeptical about using tools like ChatGPT to launch attacks
The Hacker News
How Hackers Phish for Your Users' Credentials and Sell Them
Did you know that a single stolen credential can jeopardize your entire network? Protect your organization against sophisticated phishing attacks. Lea
Cyber Security News
Ardent Health Ransomware Attack: Multiple Hospitals Affected
Ardent Health services were affected by an information Technology cybersecurity incident which has been determined as a Ransomware Attack.
Infosecurity News
Americans Receive Two Billion Spam Calls Per Month
Truecaller warns malicious calls make up the majority
The Hacker News
Key Cybercriminals Behind Notorious Ransomware Families Arrested in Ukraine
A coordinated effort led to the arrest of key figures in Ukraine linked to various ransomware attacks, involving LockerGoga, MegaCortex, and Dharma.
The Hacker News
Stop Identity Attacks: Discover the Key to Early Threat Detection
Account takeover: the new favorite tool for hackers. Discover the latest strategies in identity protection and why traditional methods might not be en
The Hacker News
Hackers Can Exploit 'Forced Authentication' to Steal Windows NTLM Tokens
A vulnerability in Microsoft Access that could be exploited to leak a Windows user’s NTLM tokens.
Infosecurity News
CISA Warns Congress on Chemical Industry Terror Attacks
Security agency wants to resume critical CFATS inspections
SecurityWeek
Ardent Hospitals Diverting Patients Following Ransomware Attack
Ransomware attack forces Ardent hospitals to shut down systems, impacting clinical and financial operations.
Infosecurity News
Ukraine Police Dismantle Major Ransomware Group
Affiliate deployed LockerGoga, MegaCortex, Hive and Dharma
Bleeping Computer
Police dismantle ransomware group behind attacks in 71 countries
In cooperation with Europol and Eurojust, law enforcement agencies from seven nations have arrested in Ukraine the core members of a ransomware group linked to attacks against organizations in 71 countries.
Security Affairs
Healthcare provider Ardent Health Services disclosed a ransomware attack
The US Healthcare provider Ardent Health Services disclosed that it was the victim of a ransomware attack last week.
Cyber Security News
OwnCloud Critical Vulnerability Exploited in the Wild
Owncloud was discovered with a new vulnerability which was associated with the exposure of sensitive information.
Cyber Security News
CISA & NCSC Discloses Guidelines for Secure AI System Development
New security flaws in AI systems must be taken into account in addition to the usual cyber security risks,security is frequently neglected.
CSO
North Korean hackers mix code from proven malware campaigns to avoid detection
Threat actors are combining RustBucket loader with KandyKorn payload to effect an evasive and persistent RAT attack.
The Hacker News
N. Korean Hackers 'Mixing' macOS Malware Tactics to Evade Detection
Lazarus Group's evolving cyber tactics target macOS systems by combining elements from multiple malware campaigns for better effectiveness and to avoi
Jule-Nisserne
Julenisserne Overvåger Brun Bjørn
Julenisserne har i flere år overvåget aktiviteterne af hackergruppen Brun Bjørn for at sikre, at de ikke forstyrrer julen.
The Record
High-profile ransomware gang suspects arrested in Ukraine
The international operation, centered on Kyiv, essentially neutralized a group known for deploying variants of LockerGoga, MegaCortex, Hive and Dharma ransomware, authorities said.
The Record
English council spent £1.1 million recovering from ransomware attack
Gloucester's local government released the expense figures related to a 2021 attack. The council had received a formal reprimand from the Information Commissioner's Office in August.
Bleeping Computer
Microsoft deprecates Defender Application Guard for Office
Microsoft is deprecating Defender Application Guard for Office and the Windows Security Isolation APIs, and it recommends Defender for Endpoint attack surface reduction rules, Protected View, and Windows Defender Application Control as an alternative.
DarkReading
General Electric, DARPA Hack Claims Raise National Security Concerns
Weapons systems data, AI research, and other classified information may be up for sale, not to mention access to other government agencies.
Ars Technica
New “Stable Video Diffusion” AI model can animate any still image
Given GPU and patience, SVD can turn any image into a 2-second video clip.
Bleeping Computer
Ransomware attack on indie game maker wiped all player accounts
A ransomware attack on the "Ethyrial: Echoes of Yore" MMORPG last Friday destroyed 17,000 player accounts, deleting their in-game items and progress in the game.
Bleeping Computer
Healthcare giant Henry Schein hit twice by BlackCat ransomware
American healthcare company Henry Schein has reported a second cyberattack this month by the BlackCat/ALPHV ransomware gang, who also breached their network in October.
Ars Technica
Amazon’s $195 thin clients are repurposed Fire TV Cubes
Amazon Workspaces Thin Client is a Fire TV Cube with different software.
Latest Hacking News
Multiple Vulnerabilities Found In ownCloud File Sharing App
Numerous security vulnerabilities riddled the privacy of ownCloud users that the vendor patched recently. Exploiting these vulnerabilities could expose users’ passwords to potential adversaries. ownCloud Vulnerabilities Risked User Accounts According to the recent advisories, ownCloud addressed three
Security Affairs
Ukraine's intelligence service hacked Russia's Federal Air Transport Agency, Rosaviatsia
Ukraine's intelligence service announced the hack of the Russian Federal Air Transport Agency, 'Rosaviatsia.'
Bleeping Computer
Ukraine says it hacked Russian aviation agency, leaks data
Ukraine's intelligence service, operating under the Defense Ministry, claims they hacked Russia's Federal Air Transport Agency, 'Rosaviatsia,' to expose a purported collapse of Russia's aviation sector.
The Hacker News
How to Handle Retail SaaS Security on Cyber Monday
Cyber Monday Alert: $13.7 billion in spending today! Retailers, safeguard your SaaS apps to protect customer data.
Bleeping Computer
Ardent hospital ERs disrupted in 6 states after ransomware attack
Ardent Health Services, a healthcare provider operating 30 hospitals across five U.S. states, disclosed today that its systems were hit by a ransomware attack on Thursday.
Infosecurity News
Cybersecurity Incident Hits Fidelity National Financial
The Alphv/BlackCat ransomware group has claimed responsibility for the attack
Latest Hacking News
Microsoft Defender Lures Researchers With Bug Bounty Program
The Redmond giant has introduced a dedicated bug bounty program for its Microsoft Defender security solution. Under this program, the tech giant aims to pay up to $20,000 as bounties to the security researchers and
Infosecurity News
SysJoker Malware: Hamas-Related Threat Expands With Rust Variant
CPR said the malware now uses OneDrive instead of Google Drive for storing dynamic C2 server URLs
Bleeping Computer
Slovenia's largest power provider HSE hit by ransomware attack
Slovenian power company Holding Slovenske Elektrarne (HSE) has suffered a ransomware attack that compromised its systems and encrypted files, yet the company says the incident did not disrupt electric power production.
SecurityWeek
Critical ownCloud Flaws Lead to Sensitive Information Disclosure, Authentication Bypass
Three critical vulnerabilities in ownCloud could lead to sensitive information disclosure and authentication and validation bypass.
Security Affairs
Iranian hacker group Cyber Av3ngers hacked the Municipal Water Authority of Aliquippa in Pennsylvania
Threat actors breached the Municipal Water Authority of Aliquippa in Pennsylvania and took control of a booster station
Latest Hacking News
Konni RAT Malware Campaign Spreads Via Malicious Word Files
Researchers caught a new campaign from the notorious Konni RAT malware exploiting malicious Word files. The threat actors distribute the malware via malicious macros embedded in Word files that infect the target systems. Konni RAT Malware
Bleeping Computer
Leveraging Wazuh to combat insider threats
Effective strategies for mitigating insider threats involve a combination of detective and preventive controls. Such controls are provided by the Wazuh SIEM and XDR platform.
Bleeping Computer
Google Drive users angry over losing months of stored data
Google Drive users are reporting that recent files stored in the cloud have suddenly disappeared, with the cloud service reverting to a storage snapshot as it was around April-May 2023.
SecurityWeek
Henry Schein Again Restoring Systems After Ransomware Group Causes More Disruption
Healthcare solutions giant Henry Schein is once again restoring systems after ransomware group claims it re-encrypted files.
Cyber Security News
Kansas Court Hack: Attackers Stole Sensitive Data From Systems
Kanas Supreme Court released the statement for the cyber incident that stole sensitive data from systems,the cybercriminals also stole data.
Cyber Security News
Broadcom Acquires VMware in a $61 Billion Deal
Broadcom has announced the triumphant acquisition of VMware, heralding a watershed moment in the sphere of infrastructure technology.
The Hacker News
Experts Uncover Passive Method to Extract Private RSA Keys from SSH Connections
The study highlights a vulnerability in SSH servers that allows passive attackers to obtain private RSA host keys.
SecurityWeek
US, UK Cybersecurity Agencies Publish AI Development Guidance
New guidance from US and UK cybersecurity agencies provides recommendations for secure AI system development.
SecurityWeek
Hacktivism: What’s in a Name… It May be More Than You Expect
Hacktivists should be treated as malicious hackers because the distance between hacking/activism, malevolence, and damage is too small and too vague.
-1.webp)
Cyber Security News
Researcher Discloses OpenCart Vulnerability; Company Reacts Aggressively
A security researcher who goes under the name “0xbro” discovered a Static code injection vulnerability in OpenCart.
SecurityWeek
Fidelity National Financial Takes Down Systems Following Cyberattack
Fidelity National Financial is experiencing service disruptions after systems were taken down to contain a cyberattack.
SecurityWeek
UK, Korea Warn of DPRK Supply Chain Attacks Involving Zero-Day Flaws
UK and Korea say DPRK state-sponsored hackers targeted governments, defense organizations via supply chain attacks.
Latest Hacking News
New Alerts Issued For CitrixBleed Flaw Following Active Exploits
Given the continuous rise in active exploitation of the now-known CitrixBleed flaw, governments issued new alerts to patch unpatched Netscaler systems. The recent alerts originate from the Government of Australia and the United States, alongside
SecurityWeek
Hackers Hijack Industrial Control System at US Water Utility
Municipal Water Authority of Aliquippa confirms that hackers took control of a booster station, but says no risk to water supply.
CyberScoop
Shadowy hacking group targeting Israel shows outsized capabilities
A sophisticated campaign that has targeted Israel for at least 8 years shows evidence of improving its capabilities.
Infosecurity News
KyberSwap Says Hackers Stole $55m in Crypto
Decentralized exchange offers $5m bounty
Infosecurity News
General Electric Investigates Alleged DARPA Breach
IntelBroker claims to be selling sensitive military data
Infosecurity News
UK Publishes First Guidelines on Safe AI Development
NCSC and CISA effort endorsed by 18 countries
CyberNews
Robeson Health Care admits data breach
A healthcare provider in the US has disclosed a data breach that may have exposed the sensitive data of tens of thousands.
-1.webp)
Cyber Security News
New GPS Attacks Targeting Commercial Flights Navigation Systems
A disquieting wave of GPS spoofing attacks has swept through the Middle East, leaving commercial air crews grappling with an unforeseen menace.
CSO
GE investigates alleged data breach into confidential projects: Report
General Electric has confirmed that it has started an investigation into the data breach claims made by IntelBroker.
-1.webp)
Cyber Security News
SysJoker Malware Attacking Windows, Linux and Mac Users Abusing OneDrive
SysJoker malware, a multi-platform backdoor with several variants for Windows, Linux, and Mac, has been observed being used by a Hamas-affiliated APT to target Israel. This malware was first identified by Intezer in 2021 and was recently used in targeted attacks. Checkpoint researchers disclosed the malware’s growth, variations in the intricacy of its execution flow, and […]
The Hacker News
U.S., U.K., and Global Partners Release Secure AI System Development Guidelines
U.K., U.S., and 16 other international partners have released new guidelines for the development of secure artificial intelligence (AI) systems.
Security Affairs
The hack of MSP provider CTS potentially impacted hundreds of UK law firms
The cyber attack that hit the managed service provider (MSP) CTS potentially impacted hundreds in the United Kingdom.
-1.webp)
Cyber Security News
Loader Malware Steal Sensitive System Data & Installs Other Malware
Loader malware emerges as a silent force, discreetly breaching unsuspecting systems and setting the stage for more sophisticated onslaughts.
.webp)
Cyber Security News
IBM QRadar SIEM Bug Let Remote Attacker Trigger DoS
Multiple vulnerabilities have been found in IBM QRadar Wincollect which were associated with Denial of service that could allow a threat.
CyberSecurity Dive
The top cybersecurity events and conferences in 2024, according to security pros
Which security conferences are teams prioritizing in 2024? A new report reveals the 7 most popular events in the cybersecurity calendar.
SecurityWeek
Pentagon’s AI Initiatives Accelerate Hard Decisions on Lethal Autonomous Weapons
The U.S. military is increasing use of artificial intelligence (AI) technology that will fundamentally alter the nature of war.
Jule-Nisserne
Sandheden bag EucalyptusNet Afsløret: Et Værktøj for Julemagi
Ny indsigt i EucalyptusNet afslører dets sande formål som et kommunikationsværktøj for at bevare julehemmeligheder og spillede en nøglerolle i at afværge et angreb på julenisserne i 2023.
The Record
Pennsylvania water authority hit with cyberattack allegedly tied to pro-Iran group
A water authority in Pennsylvania reportedly suffered a cyberattack, prompting officials to reassure people in the area that drinking water has not been affected by the incident.
The Record
Multiple hospitals divert ambulances after ransomware attack on parent company
Ardent Health Services confirmed that it was responding to an incident. Hospitals in Texas, Idaho, Oklahoma, New Mexico and New Jersey reported problems over several days.
Trend Micro
Cloud Security Predictions at AWS re:Invent 2023
Heading to AWS re:Invent 2023? Don’t miss out on our talk with Melinda Marks, ESG Practice Director for Cybersecurity, about cloud detection and response (CDR) and what’s trending in cloud security.
The Record
Notorious ransomware gang takes credit for cyberattack on Fidelity National Financial
The AlphV/Black Cat group claimed it breached Fidelity National Financial, a Fortune 500 provider of title insurance for property sales.
The Record
KyberSwap says $54.7 million of user cryptocurrency stolen during attack
The cryptocurrency platform KyberSwap said on Friday that around $54 million worth of cryptocurrency was stolen during a cyberattack announced earlier in the week.
The Record
Tao Thomsen and the effort to back up what makes Ukraine uniquely Ukrainian
Since the beginning of Russia’s invasion of Ukraine, government officials, independent media organizations, and nonprofits have accused Russia of deliberately targeting churches and libraries and looting its most important museums.
The Record
AI systems ‘subject to new types of vulnerabilities,’ British and US cyber agencies warn
British and U.S. cybersecurity authorities published guidance on Monday about how to develop artificial intelligence systems in a way that will minimize the risks they face from mischief-makers through to state-sponsored hackers.
The Record
Ukraine claims cyber operation against Russian aviation agency
Ukraine's defense intelligence directorate reported that it had completed a “complex special operation in cyberspace” against Rosaviatsia, which oversees Russian civil aviation.
The Record
Second top Ukrainian cyber official arrested amid corruption probe
Viktor Zhora, the ex-deputy head of Ukraine’s State Service for Special Communications and Information Protection (SSSCIP), is accused of facilitating a corruption scheme involving the procurement of software.
The Record
Suspected Hamas-linked hackers target Israel with new version of SysJoker malware
Cybersecurity companies Check Point and Intezer analyzed what appears to be a rewrite of backdoor malware that targeted Israel's education sector as early as 2021.
Bleeping Computer
New Rust-based SysJoker backdoor linked to Hamas hackers
A new version of the multi-platform malware known as 'SysJoker' has been spotted, featuring a complete code rewrite in the Rust programming language.
Security Affairs
Security Affairs newsletter Round 447 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
Bleeping Computer
General Electric investigates claims of cyber attack, data theft
General Electric is investigating claims that a threat actor breached the company's development environment in a cyberattack and leaked allegedly stolen data.
Security Affairs
Rhysida ransomware gang claimed China Energy hack
The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation.
Security Affairs
Lazarus is using a MagicLine4NX zero-day in supply chain attack
UK and South Korea agencies warn that North Korea-linked APT Lazarus is using a MagicLine4NX zero-day flaw in a supply-chain attack.
Bleeping Computer
Atomic Stealer malware strikes macOS via fake browser updates
The 'ClearFake' fake browser update campaign has expanded to macOS, targeting Apple computers with Atomic Stealer (AMOS) malware.
Cyber Security News
PolarDNS - A Free DNS Server For Vulnerability Research & Pentesting
Oryxlabs recently launched a free DNS server that is written in Python 3.x for vulnerability research and pentesting, dubbed as "PolarDNS."
-1.webp)
Cyber Security News
Hackers Using Malicious Browser Extensions to Steal Facebook Business Accounts
Ducktail is a specifically designed information stealer that can have severe consequences, such as privacy breaches and identity theft.
The Hacker News
New 'HrServ.dll' Web Shell Detected in APT Attack Targeting Afghan Government
A new web shell called HrServ is part of a suspected APT attack in Afghanistan. HrServ can erase tracks and execute code in memory.
The Hacker News
Warning: 3 Critical Vulnerabilities Expose ownCloud Users to Data Breaches
ownCloud, an open-source file-sharing software, has disclosed 3 critical vulnerabilities.
Security Affairs
Hamas-linked APT uses Rust-based SysJoker backdoor against Israel
Researchers reported that a Hamas-linked APT group is using a rust-based SysJoker backdoor against Israeli entities.
Security Affairs
App used by hundreds of schools leaking children's data
Almost a million files with minors' data, including home addresses and photos were left open to anyone on the internet.
Security Affairs
Microsoft launched its new Microsoft Defender Bounty Program
Microsoft announced this week it will pay up to $20,000 for security vulnerabilities in its Defender products.
Bleeping Computer
Critical bug in ownCloud file sharing app exposes admin passwords
Open source file sharing software ownCloud is warning of three critical-severity security vulnerabilities, including one that can expose administrator passwords and mail server credentials.
Bleeping Computer
UK and South Korea: Hackers use zero-day in supply-chain attack
A joint advisory by the National Cyber Security Centre (NCSC) and Korea's National Intelligence Service (NIS) discloses a supply-chain attack executed by North Korean hackers involving the MagicLineThe National Cyber Security Centre (NCSC) and Korea's National Intelligence Service (NIS) warn that the North Korean Lazarus hacking grou
Bleeping Computer
Cyberattack on IT provider CTS impacts dozens of UK law firms
A cyberattack on CTS, a leading managed service provider (MSP) for law firms and other organizations in the UK legal sector, is behind a major outage impacting numerous law firms and home buyers in the country since Wednesday.
The Hacker News
Cybercriminals Using Telekopye Telegram Bot to Craft Phishing Scams on a Grand Scale
Beware of Telekopye: The malicious Telegram bot used by the "Neanderthals" for large-scale phishing scams. It crafts phishing websites and emails.
Security Affairs
Exposed Kubernetes secrets can fuel supply chain attacks
Researchers warn of publicly exposed Kubernetes configuration secrets that could pose a threat of supply chain attack for organizations.
SecurityWeek
North Korean Software Supply Chain Attack Hits North America, Asia
North Korean hackers breached a Taiwanese company and used its systems to deliver malware to the US, Canada, Japan and Taiwan in a supply chain attack.
Infosecurity News
Cyber-Attack Disrupts UK Property Deals
A legal sector specialist infrastructure service provider has experienced a service outage that is impacting up to 200 conveyancing firms across the UK
CyberNews
Spotify’s new royalties scheme angers indie musicians
Tech has waded into another feud with artists – and for once, it’s not related to the use of AI. Musicians aren’t happy with Spotify’s new royalty scheme.
SecurityWeek
In Other News: National Laboratory Breach, Airplane GPS Attacks, Russia Accuses Allies of Hacking
Idaho National Laboratory breach, GPS attacks target airplanes, Russian accuses China and North Korea of hacking.
CyberNews
Apple sends experts to India after hacker threat warning
Tech giant to send team after local politicians received warnings on their iPhones that they’re being targeted by hackers.
The Hacker News
Tell Me Your Secrets Without Telling Me Your Secrets
GitGuardian launches "HasMySecretLeaked" service to help developers check if their sensitive information has been exposed on GitHub.
CyberNews
Pro-Russian disinfo campaign using Israel-Hamas war to stir chaos
A disinformation campaign, run or backed by Russia, has been using the Israel-Hamas war to try to create tensions elsewhere in the world.
The Hacker News
Hamas-Linked Cyberattacks Using Rust-Powered SysJoker Backdoor Against Israel
Researchers found a Rust version of SysJoker, a cross-platform backdoor used by Hamas-affiliated threat actor targeting Israel during ongoing conflict
Infosecurity News
Windows Hello Fingerprint Tech is Hacked
Blackwing researchers bypass the authentication system
Infosecurity News
Black Friday: Phishing Emails Soar 237%
Global brands impersonated to capitalize on busy shopping period
Infosecurity News
CISA Launches Project to Assess Effectiveness of Security Controls
Relaunched working group aims to tackle scourge of ransomware
Security Affairs
North Korea-linked Konni APT uses Russian-language documents
North Korea-linked Konni APT group used Russian-language Microsoft Word documents to deliver malware .............
Cyber Security News
APT Groups Using HrServ Web Shell to Hack Windows Systems
A HrServ web shell is a malicious script or program that enables remote administration of a server, allowing unauthorized access and control.
The Hacker News
Kubernetes Secrets of Fortune 500 Companies Exposed in Public Repositories
Cybersecurity researchers have discovered publicly exposed Kubernetes configuration secrets, posing a risk of supply chain attacks.
The Record
EU lawmakers criticize lack of action to tackle spyware abuses
The European Parliament adopted a resolution on Thursday criticizing the bloc’s executive for failing to bring forward any laws that would address spyware abuses.
The Record
Vanderbilt University Medical Center investigating cybersecurity incident
Vanderbilt University Medical Center said it is investigating a cybersecurity incident that led to the compromise of a database.
The Record
Canada’s privacy watchdog investigating hack affecting military and RCMP personnel
Two contractors that provide relocation services for personnel informed the Canadian government of the breach in October.
The Record
How one Russian nonprofit is trying to crack through the Kremlin’s censorship wall
A decade after its founding, the internet freedom organization Roskomsvoboda finds itself adjusting to harsh political and social realities within Russia, where a wartime regime continues to expand its authority over the internet.
The Record
Sacked Ukrainian cyber chief released on bail amid corruption probe
Ukraine's former cybersecurity chief was released from detention on Friday on $700,000 bail, according to Ukraine’s anti-corruption non-profit.
The Record
North Korean supply chain attacks prompt joint warning from Seoul and London
The alert came as the two governments announced a new strategic cyber partnership “to disrupt and deter DPRK malicious cyber capabilities and activities that contribute to its WMD programs.”
The Record
Potentially hundreds of UK law firms affected by cyberattack on IT provider CTS
The managed service provider CTS confirmed it had experienced a "cyber-incident." At least one report said the CitrixBleed bug was involved.
Security Affairs
ClearFake campaign spreads macOS AMOS information stealer
Threat actors spread Atomic Stealer (AMOS) macOS information stealer via a bogus web browser update as part of ClearFake campaign.
Infosecurity News
InfectedSlurs Botnet Resurrects Mirai With Zero-Days
The investigation conducted by Akamai in late October 2023 revealed a specific HTTP exploit path
Infosecurity News
Rug Pull Schemes: Crypto Investor Losses Near $1M
New scam identified by Check Point Threat Intelligence Blockchain system
Security Affairs
Welltok data breach impacted 8.5 million patients in the U.S.
Healthcare services provider Welltok disclosed a data breach that impacted nearly 8.5 million patients in the U.S.
The Hacker News
Konni Group Using Russian-Language Malicious Word Docs in Latest Attacks
Threat actor Konni, potentially tied to North Korea, deploys RAT in cyber espionage using Russian Word doc, exploiting WinRAR flaw.
CyberNews
MadCat ransom gang caught stealing from other criminals
New ransomware linked by security researchers to suspected scammers who pretended to sell passport details on the dark web.
CyberNews
Big Brothers Big Sisters of America targeted by cybercriminals
Cybercriminals have attacked the non-profit Big Brothers Big Sisters of America (BBBSA) stealing private user data from the organization's network.
Bleeping Computer
Black Friday 2023: Get 25% off the Zero2Automated malware analysis course
The popular Zero2Automated malware analysis and reverse-engineering course has a Black Friday 2023 through Cyber Monday sale, where you can get 25% off sitewide, including gift certificates and courses.
CyberNews
X bringing headlines back to news links
X owner Elon Musk has had a change of heart about the platform’s new headline policy after his own recent post didn’t make sense.
Cyber Security News
ClearFake a New Malware Attacking Mac users via fake browser updates
Atomic Stealer delivered a fake browser update chain tracked as ‘ClearFake’ to attack Mac users. Reported by Malwarebytes.
The Hacker News
Alert: New WailingCrab Malware Loader Spreading via Shipping-Themed Emails
New Malware Alert: WailingCrab, a sophisticated loader, is spreading via shipping-themed email messages.
Infosecurity News
North Korean Supply Chain Threat is Booming, UK and South Korea Warn
The UK’s NCSC and South Korea’s NIS issued a joint advisory describing some of North Korean hackers’ tactics in deploying supply chain attacks
Cyber Security News
Hackers using Weaponized Office Document to Exploit Windows Search RCE
A new attack chain campaign has been discovered which involves the exploitation of CVE-2023-36884 and CVE-2023-36584. CVE-2023-36884.
Security Affairs
North Korea-linked APT Diamond Sleet supply chain attack relies on CyberLink software
North Korea-linked APT group Diamond Sleet is distributing a trojanized version of the CyberLink software in a supply chain attack.
Infosecurity News
University of Manchester CISO Speaks Out on Summer Cyber-Attack
University of Manchester CISO Heather Lowrie shared how the institution tackled a major data breach earlier in 2023
Cyber Security News
Firefox 120 Released With Security Updates: What’s New!
10 vulnerabilities are patched, including six 'High Severity' issues and two moderate and low severity issues are fixed.
SecurityWeek
Broadcom Planning to Complete Deal for $69 Billion Acquisition of VMWare After Regulators Give OK
Broadcom has cleared all regulatory hurdles and will complete its $69 billion acquisition of cloud technology company VMware.
Cyber Security News
North Korean Hackers Targeting CyberLink Users in Supply-chain Attack
Microsoft Threat Intelligence has uncovered a sophisticated supply chain attack orchestrated by the North Korean Hackers Diamond Sleet (ZINC)
The Hacker News
6 Steps to Accelerate Cybersecurity Incident Response
Effective Incident Response is more than just tools. It's a process. Explore the 6-step framework for successful IR.
The Hacker News
Mirai-based Botnet Exploiting Zero-Day Bugs in Routers and NVRs for Massive DDoS Attacks
Active malware campaign exploits zero-day vulnerabilities to create a Mirai-based DDoS botnet targeting routers and NVR devices.
CyberNews
Ingo Money claimed by Inc ransomware
Ingo Money suspected to have suffered a ransomware attack.
Cyber Security News
WailingCrab Malware Abuse Messaging Protocol for C2 Communications
WailingCrab's backdoor component has been in contact with the C2 since the middle of 2023 via the lightweight IoT message protocol MQTT.
Infosecurity News
US Seizes $9m From Pig Butchering Scammers
Crypto funds are traced back to dozens of victims
Infosecurity News
North Korea Blamed For CyberLink Supply Chain Attacks
Legitimate app installer modified with malicious code
CyberNews
App used by hundreds of schools leaking children's data
Almost a million files with minors' data, including home addresses, photos, and information about the school they attend, were left open to anyone on the internet, posing a threat to children.
CyberNews
City in Texas attacked by Akira ransomware gang
Nassau Bay has admitted to having suffered a ransomware attack, leaving more than 8,000 affected.
Infosecurity News
British Library: Ransomware Attack Led to Data Breach
Reports suggest employee data is up for sale
CyberNews
Tri Counties Bank breach exposes user financial data
Tri Counties Bank data breach expose customer financial details.
CyberNews
DDoS has evolved in 2023: longer, more frequent, and more sophisticated
Novel approaches allow cyberattackers to bypass geoblocking defenses, flooding servers more frequently and for longer.
CyberNews
Microsoft alerts CyberLink to North Korean threat
Microsoft has alerted software company CyberLink to the misuse of its software by North Korean group Diamond Sleet.
Security Affairs
Automotive parts giant AutoZone disclosed data breach after MOVEit hack
American retailer and distributor of automotive parts and accessories AutoZone discloses a data breach after a MOVEit attack
Cyber Security News
Hackers Exploiting Windows SmartScreen Zero-day Vulnerability to Deploy Remcos RAT
Microsoft released multiple security patches as part of their Patch Tuesday in which three zero-day vulnerabilities were also patched.
Cyber Security News
Bug Hunter GPT - AI Assistant that Replies for Hacking Questions
A 23-year-old hacker and CS student, Paolo Arnolfo (@sw33tLie) recently introduced "Bug Hunter GPT," an AI assistant.
Cyber Security News
Citrix Warns Admin to Kill Active or Persistent Sessions to Thwart Hackers
This vulnerability affected Citrix NetScaler Gateway and ADC devices. Following this, AssetNote published a proof-of-concept for this vulnerability named “CitrixBleed.”
The Hacker News
North Korean Hackers Distribute Trojanized CyberLink Software in Supply Chain Attack
North Korean hackers, aka Diamond Sleet, spread a trojanized version of CyberLink's legit app.
CSO
Cyberattacks on Israel intensify as the war against Hamas rages: Check Point
Cyberattacks have grown in frequency as well as sophistication as the Israel-Hamas conflict intensifies.
CyberNews
Exclusive-OpenAI researchers warned board of AI breakthrough ahead of CEO ouster -sources
Ahead of OpenAI CEO Sam Altman’s firing, staff researchers sent the Board a letter warning of a powerful artificial intelligence discovery that could threaten humanity.
CyberNews
FEAM Aero reportedly hit by ransomware
Feam Aero, the global aircraft maintenance and technical services company, has been claimed by the LockBit ransomware gang.
The Record
Kansas Supreme Court: Hackers stole records, confidential files in October attack
Hackers who attacked the Kansas court system last month stole records and confidential files, according to the state's Supreme Court.
Trend Micro
ParaSiteSnatcher How Malicious Chrome Extensions Target Brazil
We detail the modular framework of malicious Chrome extensions that consist of various highly obfuscated components that leverage Google Chrome API to monitor, intercept, and exfiltrate victim data.
Jule-Nisserne
Hygge Bjørn forårsager Strømafbrydelser i Norge
Et koordineret angreb fra Hygge Bjørn har lammet elnettet i flere norske byer, muligvis rettet mod it-sikkerhedsgruppen Fjeld Elg.
Security Affairs
New InfectedSlurs Mirai-based botnet exploits two zero-days
Mirai-based botnet InfectedSlurs has been spotted exploiting two zero-day RCE flaws to compromise routers and video recorder (NVR) devices.
CyberNews
Former OpenAI staffers slam CEO Sam Altman in new tell-all letter
Elon Musk is sent an anonymous letter dissing OpenAI’s Sam Altman - allegedly written by former OpenAI employees - and released hours before Altman is reinstated as CEO.
DarkReading
Fake Browser Updates Targeting Mac Systems With Infostealer
A pervasive ClearFake campaign targeting Windows systems with Atomic Stealer has expanded its social engineering scams to MacOS users, analysts warn.
Bleeping Computer
Kansas courts confirm data theft, ransom demand after cyberattack
The Kansas Judicial Branch has published an update on a cybersecurity incident it suffered last month, confirming that hackers stole sensitive files containing confidential information from its systems.
Ars Technica
Thousands of routers and cameras vulnerable to new 0-day attacks by hostile botnet
Internet scans show 7,000 devices may be vulnerable. The true number could be higher.
Bleeping Computer
Windows Hello auth bypassed on Microsoft, Dell, Lenovo laptops
Security researchers bypassed Windows Hello fingerprint authentication on Dell Inspiron, Lenovo ThinkPad, and Microsoft Surface Pro X laptops in attacks exploiting security flaws found in the embedded fingerprint sensors.
Bleeping Computer
Welltok data breach exposes data of 8.5 million US patients
Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack.
Bleeping Computer
Microsoft: Lazarus hackers breach CyberLink in supply chain attack
Microsoft says a North Korean hacking group has breached Taiwanese multimedia software company CyberLink and trojanized one of its installers to push malware in a supply chain attack targeting potential victims worldwide.
Bleeping Computer
New botnet malware exploits two zero-days to infect NVRs and routers
A new Mirai-based malware botnet named 'InfectedSlurs' has been exploiting two zero-day remote code execution (RCE) vulnerabilities to infect routers and video recorder (NVR) devices.
Infosecurity News
Flaw in Apache ActiveMQ Exposes Linux Systems to Kinsing Malware
Identified as CVE-2023-46604, the vulnerability has a CVSS score of 9.8
SecurityWeek
Researchers Discover Dangerous Exposure of Sensitive Kubernetes Secrets
Researchers say public exposure of Kubernetes configuration secrets should be considered a “ticking supply chain attack bomb.”
CSO
9 in 10 organizations have embraced zero-trust security globally
Nearly all of them still have a long way to go according to a new Cisco report.
DarkReading
Scattered Spider Hops Nimbly from Cloud to On-Prem in Complex Attack
The actor behind the high-profile MGM incident jumps across segmentations in under an hour, in a ransomware attack spanning Okta, Citrix, Azure, SharePoint, and more.
Infosecurity News
Employee Policy Violations Cause 26% of Cyber Incidents
Kaspersky said the figure closely rivals the 20% attributed to external hacking attempts
Bleeping Computer
The Black Friday 2023 Security, IT, VPN, & Antivirus Deals
Black Friday 2023 is here, and great deals are live in computer security, software, online courses, system admin services, antivirus, and VPN software.
Bleeping Computer
Open-source Blender project battling DDoS attacks since Saturday
Blender has confirmed that recent site outages have been caused by ongoing DDoS (distributed denial of service) attacks that started on Saturday.
CyberNews
AI could shorten work week to four days within decade – for some
Same pay, longer weekends? That could be a reality as soon as 2033 – at least for those working in the more affluent areas of the US and the UK.
The Hacker News
New Flaws in Fingerprint Sensors Let Attackers Bypass Windows Hello Login
🔒 Multiple vulnerabilities found in laptop fingerprint sensors—allowing attackers to bypass Windows Hello authentication on Dell, Lenovo, and Microso
CyberScoop
Researchers want more detail on industrial control system alerts
A vulnerability in an industrial control system exploited by a state-backed hacking group illustrate problems in how vendors share data.
Security Affairs
SiegedSec hacktivist group hacked Idaho National Laboratory (INL)
The Idaho National Laboratory (INL) disclosed a data breach after the SiegedSec hacktivist group leaked stolen human resources data.
Infosecurity News
Why Ensuring Supply Chain Security in the Space Sector is Critical
Cybersecurity challenges facing the space sector are unique and securing the supply chain is a high priority
SecurityWeek
185,000 Individuals Impacted by MOVEit Hack at Car Parts Giant AutoZone
Car parts giant AutoZone says nearly 185,000 individuals were impacted by a data breach caused by the MOVEit hack.
CyberNews
Netflix renews Black Mirror for season 7, Brooker teases surprises
Black Mirror, the mind-bending sci-fi show created by Charlie Brooker, is coming back to Netflix for a seventh season. Moreover, there are rumors of upcoming surprises.
CyberNews
Thousands of exposed gas pumps invite cyberwarriors
Gas station pump controllers could become vital targets in a cyber war.
SecurityWeek
Windows Hello Fingerprint Authentication Bypassed on Popular Laptops
Researchers have tested the fingerprint sensors used for Windows Hello on three popular laptops and managed to bypass them.
SecurityWeek
Sam Altman is Back as OpenAI CEO Just Days After Being Removed, Along With a New Board
OpenAI reached an agreement for Sam Altman to return to OpenAI as CEO with a new initial board of directors, after he was fired a week prior.
SecurityWeek
Microsoft Offers Up to $20,000 for Vulnerabilities in Defender Products
Microsoft invites researchers to new bug bounty program focused on vulnerabilities in its Defender products.
The Hacker News
North Korean Hackers Pose as Job Recruiters and Seekers in Malware Campaigns
North Korean hackers posing as recruiters infect software developers with cross-platform malware.
SecurityWeek
Humans Are Notoriously Bad at Assessing Risk
7 Steps Toward Objective Risk Management: How security teams can ensure their risk assessment, management, and mitigation is as objective as possible.
Infosecurity News
LockBit Affiliates Exploiting Citrix Bleed, Government Agencies Warn
Multiple threat actor groups are found to be exploiting a vulnerability in Citrix NetScaler gateway appliances, government agencies have warned
SecurityWeek
Kansas Officials Blame 5-Week Disruption of Court System on ‘Sophisticated Foreign Cyberattack’
Kansas court system said it would take several weeks to return to normal operations after a disruptive ransomware attack hit its systems.
Cyber Security News
Hackers Exploiting 0-day RCE Flaws in the Wild to Deploy Mirai Malware
The Mirai botnet is a malicious network of infected computers, routers, and IoT devices harnessed by cybercriminals to launch large-scale DDoS attacks.
The Hacker News
AI Solutions Are the New Shadow IT
AI Solutions Are the New Shadow IT - Ambitious Employees Tout New AI Tools, Ignore Serious SaaS Security Risks
SecurityWeek
Citrix, Gov Agencies Issue Fresh Warnings on CitrixBleed Vulnerability
Administrators are urged to patch the recent CitrixBleed NetScaler vulnerability as LockBit starts exploiting it.
Cyber Security News
Microsoft Defender Bounty Program: Rewards up to $20,000 USD
Microsoft introduced the Defender Bounty Program to enhance the security of customers' experience with rewards to researchers up to USD 20,000.
Security Affairs
CISA adds Looney Tunables Linux bug to its Known Exploited Vulnerabilities catalog
US CISA added Looney Tunables Linux vulnerability (tracked as CVE-2023-4911) to its Known Exploited Vulnerabilities catalog.
Infosecurity News
Microsoft Launches Defender Bug Bounty Program
Ethical hackers could win cash prizes of up to $20,000
Infosecurity News
Regulator Issues Privacy Ultimatum to UK’s Top Websites
ICO warns of enforcement action if they don’t give users fair choices
CyberNews
Killmilk allegedly identified as 30-year-old ex-convict – media
Killnet leader, Killmlilk, had his identity revealed.
CyberNews
ChatGPT rolls out voice chat feature for all users
Free ChatGPT users can now chat with OpenAI’s chatbot in voice messages.
Infosecurity News
Europol Launches OSINT Taskforce to Hunt For Russian War Crimes
New unit will scour the internet for evidence
Latest Hacking News
Canada Government Admits Data Breach Impacting Public Employees
The Government of Canada recently admitted suffering a security breach that impacted data of current and former public employees. The incident even affected the staff from the Royal Canadian Mounted Police and Canadian Armed Forces. Canada
CyberNews
Law enforcement seizes $9M in crypto stolen during romance scams
Nearly $9 million worth of Tether was seized from a cyber scam network that exploited victims through romance and cryptocurrency confidence scams.
Security Affairs
Enterprise software provider TmaxSoft leaks 2TB of data
TmaxSoft , a Korean IT company developing and selling enterprise software has leaked over 50 million sensitive records.
CyberNews
MacOS targeted by ClearFake malware campaign
A data-stealing program that targets Mac operating systems (OS) is being distributed by means of fake web browser updates.
Security Affairs
Citrix provides additional measures to address Citrix Bleed
Citrix urges admins to kill NetScaler user sessions after patching their appliances against the CVE-2023-4966 Citrix Bleed vulnerability.
CyberNews
OpenAI reinstates Sam Altman as CEO
Sam Altman to return as CEO of OpenAI.
CyberNews
Judge finds evidence that Tesla, Musk knew about Autopilot defect
According to a ruling, there is a "reasonable evidence" that Tesla Chief Executive Elon Musk and other managers knew vehicles had a defective Autopilot system but still allowed the cars to be driven unsafely.
CSO
Flaw in Citrix software led to the recent cyberattack on Boeing: Report
Malicious elements, including LockBit 3.0, managed to exploit vulnerabilities in Citrix software even after they were fixed.
The Hacker News
ClearFake Campaign Expands to Deliver Atomic Stealer on Mac Systems
macOS users beware! Atomic Stealer, a $1,000/month malware, is now spreading through deceptive web browser updates via ClearFake.
The Hacker News
LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In
LockBit ransomware affiliates are exploiting the Citrix NetScaler flaw ("Citrix Bleed") to hijack user sessions and gain unauthorized access.
Ars Technica
USB worm unleashed by Russian state hackers spreads worldwide
LitterDrifter's means of self-propagation are simple. So why is it spreading so widely?
The Record
North Korean attack on CyberLink impacted devices around the world, Microsoft says
Microsoft has uncovered a supply chain attack by North Korean hackers who attached a malicious file to a CyberLink photo and video editing application installer.
Trend Micro
Attack Signals Possible Return of Genesis Market, Abuses Node.js, and EV Code Signing
The Trend Micro Managed XDR team encountered malicious operations that used techniques similar to the ones used by Genesis Market, a website for facilitating fraud that was taken down in April 2023.
The Record
Report claims to reveal identity of Russian hacktivist leader
Killmilk is a 30-year-old Russian citizen, according to the news site Gazeta.ru. The report has drawn extra scrutiny to Killnet, known for DDoS attacks on Western targets.
Trend Micro
Packet Reflection Threats in Private 5G Networks
Dive into the world of private 5G networks and learn about a critical security vulnerability that could expose IoT devices to attacks from external networks.
The Record
Federal agencies investigating data breach at nuclear research lab
Idaho National Laboratory, a prominent nuclear research lab within the U.S. Department of Energy, is investigating the breach after a hacktivist group claimed to infiltrate its systems.
The Record
Serbian civilians targeted with Pegasus on eve of national elections
Two international NGOs analyzed mobile devices belonging to two Serbians and found traces of spyware attack attempts.
The Record
Rebel offensive in Myanmar takes aim at online scam industry
An alliance of rebel groups in northern Myanmar is preparing to lay siege to the city of Laukkaing — a hub of the country’s flourishing cyber-scamming industry that has drawn criticism from Beijing.
The Record
Cyberattackers leaked data of 27,000 NYC Bar Association membersers
The Clop ransomware gang claimed to have attacked the organization in January. Eleven months later, the New York City Bar Association has finally acknowledged the incident.
The Record
Australia drops plans to ban ransomware payments in new national cyber strategy
The Australian government had floated the idea of criminalizing ransomware payments by businesses. Instead, it plans to require them to disclose when they have been hit by a ransomware attack.
Bleeping Computer
Microsoft now rolling out Copilot to Windows 10 devices
Microsoft is now rolling out the Copilot AI assistant to eligible non-managed systems enrolled in the Windows Insider program and running Windows 10 22H2 Home and Pro editions.
DarkReading
Exploit for Critical Windows Defender Bypass Goes Public
Threat actors were actively exploiting CVE-2023-36025 in Windows SmartScreen as a zero-day vulnerability before Microsoft patched it in November.
Bleeping Computer
Hacktivists breach U.S. nuclear research lab, steal employee data
The Idaho National Laboratory (INL) confirms they suffered a cyberattack after 'SiegedSec' hacktivists leaked stolen human resources data online.
DarkReading
DPRK Hackers Masquerade as Tech Recruiters, Job Seekers
No one has turned the job market into an attack surface quite like North Korea, which plays both sides for financial gain and, possibly, espionage.
Bleeping Computer
Lumma malware can allegedly restore expired Google auth cookies
The Lumma information-stealer malware (aka 'LummaC2') is promoting a new feature that allegedly allows cybercriminals to restore expired Google cookies, which can be used to hijack Google accounts.
Bleeping Computer
Malware dev says they can revive expired Google auth cookies
The Lumma information-stealer malware (aka 'LummaC2') is promoting a new feature that allegedly allows cybercriminals to restore expired Google cookies, which can be used to hijack Google accounts.
CyberNews
OpenAI board, Altman in talks for return of former CEO
Sam Altman and OpenAI's board have opened up discussions to bring back the former CEO and founder of the AI startup, while investors seek legal action.
Security Affairs
Tor Project removed several relays associated with a suspicious cryptocurrency scheme
The Tor Project removed several relays that were used as part of a cryptocurrency scheme and represented a threat to the users
Bleeping Computer
Microsoft launches Defender Bounty Program with $20,000 rewards
Microsoft has unveiled a new bug bounty program aimed at the Microsoft Defender security platform, with rewards between $500 and $20,000.
Bleeping Computer
Auto parts giant AutoZone warns of MOVEit data breach
AutoZone is warning tens of thousands of its customers that it suffered a data breach as part of the Clop MOVEit file transfer attacks.
Bleeping Computer
CISA orders federal agencies to patch Looney Tunables Linux bug
Today, CISA ordered U.S. federal agencies to secure their systems against an actively exploited vulnerability that lets attackers gain root privileges on many major Linux distributions.
Infosecurity News
India Faces Surge in IM App Attacks With Trojan Campaigns
Microsoft highlighted a shift in tactics, with attackers directly sharing malicious APK files
Bleeping Computer
Citrix warns admins to kill NetScaler user sessions to block hackers
Citrix reminded admins today that they must take additional measures after patching their NetScaler appliances against the CVE-2023-4966 'Citrix Bleed' vulnerability to secure vulnerable devices against attacks.
DarkReading
Kinsing Cyberattackers Target Apache ActiveMQ Flaw to Mine Crypto
Active exploit of the critical RCE flaw targets Linux systems to achieve full system compromise.
Infosecurity News
Konni Campaign Deploys Advanced RAT With UAC Bypass Capabilities
Fortinet researchers have detected a malicious Word document displaying Russian text
.webp)
Cyber Security News
Rhysida Ransomware Attacking Windows Machine Through VPN Devices and RDP
Rhysida, a new ransomware group, hit its first victim in May 2023. They use their ransomware, offered as RaaS (Ransomware-as-a-Service), with at least 50 global victims listed on their website.
Bleeping Computer
DarkGate and Pikabot malware emerge as Qakbot’s successors
A sophisticated phishing campaign pushing the DarkGate malware infections has recently added the PikaBot malware into the mix, making it the most advanced phishing campaign since the Qakbot operation was dismantled.
Infosecurity News
DarkGate and PikaBot Activity Surge in the Wake of QakBot Takedown
DarkGate and PikaBot have been observed as part of phishing campaigns using the same tactics as the ones used by QakBot perpetrators
CyberNews
Cybersec executive caught hacking hospitals to boost business
Cybersecurity exec plead guilty to hacking hospitals to boost business.
Bleeping Computer
Criminal IP Becomes VirusTotal IP and URL Scan Contributor
The Criminal IP Threat Intelligence (CTI) search engine has integrated its IP address and URL scans into VirusTotal. Learn more from Criminal IP about how this integration can help you.
SecurityWeek
LLM Security Startup Lasso Emerges From Stealth Mode
Lasso Security raises $6 million in seed funding to tackle cyber threats to secure generative AI and large language model algorithms.
DarkReading
AI Helps Uncover Russian State-Sponsored Disinformation in Hungary
Researchers used machine learning to analyze Hungarian media reports and found Russian narratives soured the nation's perspective on EU sanctions and arms deliveries months before the Ukraine invasion.
Cyber Security News
CISA Releases Cyber Attack Mitigation for Healthcare Organizations
CISA has released a Cyber Attack Mitigation Guide specifically tailored for the Healthcare and Public Health (HPH) Sector.
Ars Technica
95% of OpenAI employees have threatened to quit in standoff with board
OpenAI's future hangs in the balance as staff says they'll join former CEO at Microsoft.
Cyber Security News
LummaC2 Employs Trigonometry to Track Mouse Movements
MaaS (Malware-as-a-Service) thrives as a top choice for new cyber threats, offering easy access to powerful tools. Threat actors primarily focus on information theft under Maas, specializing in stealing and leaking sensitive data from hacked devices.
Infosecurity News
Black Friday: Significant Security Gaps in E-Commerce Web Apps
Millions of consumers’ PII could be at risk due to exploitable vulnerabilities and a lack of basic security protocols in e-commerce web apps
The Hacker News
Play Ransomware Goes Commercial - Now Offered as a Service to Cybercriminals
Play ransomware has turned into Ransomware-as-a-Service (RaaS), allowing other cybercriminals to use it.
Cyber Security News
Hackers Attacking Apache Web Servers to Install Coinminers
An attack campaign that installs XMRig Coinminer on Windows web servers that run on Apache has been discovered recently.
SecurityWeek
CISA Offering Free Cybersecurity Services to Non-Federal Critical Infrastructure Entities
New CISA pilot program brings cutting-edge cybersecurity services to critical infrastructure entities that need support.
CyberNews
The Grinch stole the Holidays: how bots affect Black Friday
Bot use in online shopping is driving prices far above the rate of inflation. During the busiest shopping season of the year, bots are causing headaches for both shoppers and retailers.
Bleeping Computer
Black Friday deal: Get 50% off Malwarebytes Premium + Privacy VPN
Malwarebytes' is running a Black Friday 2023 deal now through Cyber Monday, offering a 50% discount to the Malwarebytes Premium + Privacy VPN bundle until November 30th.
CyberNews
Ransomware that all the script kiddies want to Play with
The Russian-affiliated threat actor Play ransomware gang is now a service for sale, according to cybersecurity analyst Adlumin.
CyberNews
Enterprise software provider Tmax leaks 2TB of data
Tmax has leaked over 50 million sensitive records.
SecurityWeek
Canadian Military, Police Impacted by Data Breach at Moving Companies
Data breaches at two moving companies impacts Canadian government employees, and military and police personnel.
SecurityWeek
Tor Network Removes Risky Relays Associated With Cryptocurrency Scheme
The Tor network has removed many relays associated with a cryptocurrency scheme, citing risk to integrity and users.
The Hacker News
New Agent Tesla Malware Variant Using ZPAQ Compression in Email Attacks
New variant of Agent Tesla malware identified. It's a keylogger and remote access trojan (RAT) offered as part of a malware-as-a-service (MaaS) model.
SecurityWeek
Insider Q&A: Pentagon AI Chief on Network-Centric Warfare, Generative AI Challenges
Interview with Craig Martell, Chief Digital and AI Officer (CDAO) for the U.S. Department of Defense, about AI use in the military.
SecurityWeek
Microsoft Paid Out $63 Million Since Launch of First Bug Bounty Program 10 Years Ago
Over the past ten years, Microsoft has handed out $63 million in rewards as part of its bug bounty programs.
Security Affairs
Experts warn of a surge in NetSupport RAT attacks
Experts warn of a surge in NetSupport RAT attacks against education, government, and business services sectors.
SecurityWeek
Sumo Logic Completes Investigation Into Recent Security Breach
Sumo Logic has completed its investigation into the recent security breach and found no evidence of impact to customer data.
The Hacker News
How Multi-Stage Phishing Attacks Exploit QRs, CAPTCHAs, and Steganography
Phishing attacks are getting smarter! Cybercriminals are now using QR codes, CAPTCHAs, and steganography to trick victims. Learn how to stay safe.
CyberNews
US nuclear lab confirms data breach
Attackers claim to have breached the Idaho National Laboratory, a nuclear facility.
Infosecurity News
Cybersecurity Executive Pleads Guilty to Hacking Hospitals
Securolytics COO wanted to drum up custom
CyberNews
Appin group legacy: Indian cyber mercenaries will hack for coin
Researchers from SentilenLabs with a high confidence level attributed intrusions in Norway, Pakistan, China, and India to Appin.
Cyber Security News
Nessus Vulnerability Let Attackers Alter Rules Variables
An arbitrary file write vulnerability has been discovered in Nessus which allows an authenticated, attacker to perform a denial of service.
Cyber Security News
Hackers Infect Linux Machines with Rootkits via Apache ActiveMQ Vulnerability
Trend Micro researchers recently revealed Apache ActiveMQ vulnerability (CVE-2023-46604) was actively exploited.
Infosecurity News
Ukraine Sacks Two Senior Cyber Officials
Duo linked to corruption investigation
The Hacker News
Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits
The Kinsing threat actors are exploiting a critical security flaw in vulnerable Apache ActiveMQ servers to infect Linux systems with cryptocurrency mi
CyberNews
Americans view conspiracy theories as dangerous but still believe them
An overwhelming majority of Americans believe misinformation is an existential threat to society. But a solid chunk of the nation accepts conspiracy theories as true.
Infosecurity News
US Cybersecurity Lab Suffers Major Data Breach
Idaho National Laboratory is also a center for nuclear research
CyberNews
Fake online stores flood the internet ahead of Black Friday
The number of blocked fake retail sites has more than doubled compared to the previous year, urging shoppers to be cautious.
CyberNews
Salesforce and other rivals want to recruit unhappy OpenAI researchers
The recruitment drive has begun. Marc Benioff, CEO of software company Salesforce, has said that he will match the salary of any researcher who resigns from OpenAI.
CyberNews
Cybersecurity analyst disowns threat actor ‘twin’
Vx-Underground is a regular fixture on Twitter, aka X, regularly posting bulletins regarding threat actors.
CyberNews
AutoZone adds itself to MOVEit victim list
US automotive parts giant says up to nearly 185,000 people may have been affected by cyberattack earlier this year.
CyberSecurity Dive
Companies are getting smarter about cyber incidents
Although incidents are up and risks are expanding, businesses are better prepared to send threat actors away empty-handed, a specialist says.
CyberSecurity Dive
SMBs hit by rise in legitimate tool-based attacks
Attackers are moving away from malware and evading detection by abusing remote monitoring and management software, according to Huntress research.
The Hacker News
Malicious Apps Disguised as Banks and Government Agencies Targeting Indian Android Users
📱 Alert: Android users in India, beware! Hackers are distributing fake banking and government apps to steal sensitive data like bank info and persona
Security Affairs
The Top 5 Reasons to Use an API Management Platform - Security Affairs
Organizations need to govern and control the API ecosystem, this governance is the role of API management.
CSO
MOVEit carnage continues with over 2600 organizations and 77M people impacted so far
The number of companies impacted by one of the biggest cyberattack incidents of the year continues to grow.
The Hacker News
Mustang Panda Hackers Targets Philippines Government Amid South China Sea Tensions
China-linked Mustang Panda cyber actor targets Philippines government entity amid South China Sea tensions.
Bleeping Computer
Tor Project removes relays because of for-profit, risky activity
The Tor Project has explained its recent decision to remove multiple network relays that represented a threat to the safety and security of all Tor network users.
The Record
UK regulator demands websites let users ‘Reject All’ cookies
Top websites in the United Kingdom have 30 days to comply with the country’s privacy laws or they will “face the consequences,” the Information Commissioner's Office said.
DarkReading
Proof of Concept Exploit Publicly Available for Critical Windows SmartScreen Flaw
Threat actors were actively exploiting CVE-2023-36025 before Microsoft patched it in November.
The Record
Crypto firm Kronos Research says $26 million stolen after cyberattack
Cryptocurrency trading and investment firm Kronos Research said $26 million worth of cryptocurrency was stolen from its systems following a cyberattack.
The Record
Hackers create fake banking apps to steal financial data from Indian users
Researchers have uncovered an ongoing information-stealing campaign targeting customers of Indian banks with mobile malware.
The Record
Navy unveils its first cyber strategy
The U.S. Navy on Tuesday released its long-awaited cyber strategy, as the service tries to revamp its efforts in the digital domain after years of personnel and readiness issues.
The Record
‘Citrix Bleed’ vulnerability targeted by nation-state and criminal hackers: CISA
The bug has caused alarm for weeks as cybersecurity experts warned that many government agencies and major companies were leaving their appliances exposed to the internet — opening themselves up to attacks.
The Record
Binance agrees to pay $4.3 billion for money laundering violations, CEO steps down
Binance, the largest cryptocurrency exchange in the world, agreed to pay more than $4 billion in settlements with several U.S. law enforcement agencies after years of investigations uncovered widespread criminal use of the platform.
CyberNews
Ukraine’s top two cybersecurity officials axed amid embezzlement probe
Two heads of Ukraine’s national cybersecurity agency were fired Monday amid accusations of participating in an embezzlement scheme involving millions in state funds.
CyberScoop
Detailed data on employees of U.S. national security lab leak online
The hacking group SiegedSed released personal data on thousands of employees at the Idaho National Laboratory, the nuclear research lab.
Bleeping Computer
Gamaredon's LittleDrifter USB malware spreads beyond Ukraine
A recently discovered worm that researchers call LittleDrifter has been spreading over USB drives infecting systems in multiple countries as part of a campaign from the Gamaredon state-sponsored espionage group.
Security Affairs
Canadian government impacted by data breaches of its contractors
The Canadian government discloses a data breach after threat actors hacked two of its contractors.
Bleeping Computer
Microsoft fixes ‘Something Went Wrong’ Office sign-in errors
Microsoft is rolling out fixes for known Microsoft 365 issues causing 'Something Went Wrong [1001]' sign-in errors and rendering desktop applications unusable for many customers.
DarkReading
Amid Military Buildup, China Deploys Mustang Panda in the Philippines
China pairs cyber and kinetic attacks in the South Pacific as it continues to wrangle control of the South China Sea.
Bleeping Computer
VX-Underground malware collective framed by Phobos ransomware
A new Phobos ransomware variant frames the popular VX-Underground malware-sharing collective, indicating the group is behind attacks using the encryptor.
CyberNews
British Library ransom attack claimed, data leak confirmed
The British Library confirms data has been leaked as it struggles to recover from a November 6 ransomware attack claimed by the e Rhysida ransom gang.
Bleeping Computer
Cybersecurity firm executive pleads guilty to hacking hospitals
The former chief operating officer of a cybersecurity company has pleaded guilty to hacking two hospitals, part of the Gwinnett Medical Center (GMC), in June 2021 to boost his company's business.
Security Affairs
Rhysida ransomware gang is auctioning data stolen from the British Library
The Rhysida ransomware group claimed responsibility for the recent cyberattack on the British Library that has caused a major IT outage.
CyberScoop
Senior Ukrainian cybersecurity officials sacked amid corruption probe
Yurii Shchyhol and Victor Zhora were accused of participating in a scheme to contract software at inflated prices.
Bleeping Computer
Canadian government discloses data breach after contractor hacks
The Canadian government says two of its contractors have been hacked, exposing sensitive information belonging to an undisclosed number of government employees.
Infosecurity News
CISA Unveils Healthcare Cybersecurity Guide
The guide outlines mitigation strategies and best practices to counteract prevalent cyber-threats
Bleeping Computer
Kinsing malware exploits Apache ActiveMQ RCE to plant rootkits
The Kinsing malware operator is actively exploiting the CVE-2023-46604 critical vulnerability in the Apache ActiveMQ open-source message broker to compromise Linux systems.
Infosecurity News
Infostealer Lumma Evolves With New Anti-Sandbox Method
Outpost24 explained the technique relies on trigonometry to discern genuine human behavior
Bleeping Computer
Rhysida ransomware gang claims British Library cyberattack
The Rhysida ransomware gang has claimed responsibility for a cyberattack on the British Library in October, which has caused a major ongoing IT outage.
Ars Technica
OpenAI employees revolt after board names new CEO and Altman heads to Microsoft
Ilya Sutskever announces regret; 505 OpenAI employees sign letter asking board to resign.
The Hacker News
NetSupport RAT Infections on the Rise - Targeting Government and Business Sectors
Education, government, and businesses are under attack by NetSupport RAT, a dangerous remote access trojan.
CyberNews
Hundreds of OpenAI staff threaten to resign and join Altman at Microsoft
After OpenAI's board confirmed that Sam Altman would not return as the firm’s CEO, most of its employees said they would resign en masse if the decision wasn't reversed.
Bleeping Computer
How to boost Security with Self-Service Password Resets
Learn more from Specops Software about the benefits of self-service password resets and ways to accomplish this with on-premises Active Directory.
CyberNews
Best botnet ad? An attack on OpenAI
Anonymous Sudan attacks on OpenAI and Cloudlfare are meant to show the groups' capabilities.
Latest Hacking News
Google Workspace Vulnerabilities Risk Security Breaches – Warn Researchers
Researchers have found numerous security vulnerabilities in Google Workspace that risk breaches. While the vulnerabilities pose a serious threat to the users, Google denies fixing the bugs as they do not match with Google’s threat
SecurityWeek
CISA Releases Cybersecurity Guidance for Healthcare, Public Health Organizations
New CISA guidance details cyber threats and risks to healthcare and public health organizations and recommends mitigations.
The Hacker News
DarkGate and PikaBot Malware Resurrect QakBot's Tactics in New Phishing Attacks
New high-volume phishing campaigns mimic tactics of defunct QakBot trojan, hijacking email threads and using unique URLs to deliver DarkGate & PikaBot
The Hacker News
Product Walkthrough: Silverfort's Unified Identity Protection Platform
Silverfort's Unified Identity Protection Platform: A game-changer in cybersecurity. Discover how it protects organizations from identity-based attacks
Bleeping Computer
Lumma Stealer malware now uses trigonometry to evade detection
The Lumma information-stealing malware is now using an interesting tactic to evade detection by security software - the measuring of mouse movements using trigonometry to determine if the malware is running on a real machine or an antivirus sandbox.
SecurityWeek
Morgan Stanley Fined $6.5 Million for Exposing Customer Information
Morgan Stanley agrees to pay $6.5 million for exposing personal information through negligent data-security practices.
.webp)
Cyber Security News
LitterDrifter Powershell Worm Rapidly Spreads on USB Drives by Itself
Gamaredon (aka Primitive Bear, ACTINIUM, and Shuckworm), stands out in Russian espionage by exclusively targeting Ukrainian entities.
CyberNews
Largest companies pausing ads on X over antisemitic storm, Musk vows revenge
After Elon Musk, the owner of X, amplified an antisemitic trope on the platform, major firms have suspended advertising on the site.
SecurityWeek
Microsoft Hires Sam Altman and OpenAI’s New CEO Vows to Investigate His Firing
Microsoft hired ex-Open AI chief Sam Altman and another architect of OpenAI for a new venture after their sudden departures.
Security Affairs
APT29 group exploited WinRAR 0day in attacks against embassies
Russia-linked cyberespionage group APT29 has been observed leveraging the CVE-2023-38831 vulnerability in WinRAR in recent attacks.
Cyber Security News
Splunk RCE Vulnerability Let Attackers Upload Malicious File
A high-severity Remote Code Execution (RCE) flaw in Splunk Enterprise has been discovered, enabling an attacker to upload malicious files.
Cyber Security News
Hackers Exploit Google Workspace to Exfiltrate Data and Deploy Ransomware
Recent research into Google Workspace and Google Cloud Platform by Bitdefender Labs reveals novel attack methods, potentially leading.
SecurityWeek
Johnson Controls Patches Critical Vulnerability in Industrial Refrigeration Products
Johnson Controls patches a critical vulnerability that can be exploited to take complete control of Frick industrial refrigeration products
SecurityWeek
5 Steps to Assessing Risk Profiles of Third-Party SSE Platforms
Secure Services Edge (SSE) platforms can introduce loopholes & vulnerabilities; it's crucial to assess the risk profiles of SSE platforms.
SecurityWeek
Yamaha Motor Confirms Data Breach Following Ransomware Attack
Yamaha Motor discloses ransomware attack impacting the personal information of its Philippines subsidiary’s employees.
Latest Hacking News
Google Elaborates On Campaigns Exploiting A Now-Patched Zimbra Zero-Day
Months after ensuring that the patch actually works, Google has now disclosed more details about active exploitation of a Zimbra zero-day vulnerability. The tech giant explained how the threat actors exploited the Zimbra zero-day in
SecurityWeek
Russia's LitterDrifter USB Worm Spreads Beyond Ukraine
Russian Gamaredon’s self-propagating LitterDrifter USB worm spreads from Ukraine to the US and other countries.
Latest Hacking News
Intel Released Urgent Patch For Reptar Vulnerability In Its CPUs
Intel recently released a critical security fix for a newly discovered vulnerability affecting its CPUs. Dubbed “Reptar,” the vulnerability affects most modern Intel chips, attracting attention from numerous security researchers. Considering its severity, patching the
The Hacker News
Why Defenders Should Embrace a Hacker Mindset
Prioritizing cybersecurity is key. Learn how to prioritize remediation based on impact and protect your organization's crown jewels.
CyberSecurity Dive
CISA explains how to apply secure-by-design principles
The focus should be on what manufacturers are doing to keep their customers safe, not the damage attackers might be inflicting, CISA’s Bob Lord said.
SecurityWeek
250 Organizations Take Part in Electrical Grid Security Exercise
Over 250 organizations take part in GridEx VII, the largest North American exercise focusing on the security of the electrical grid.
The Hacker News
LummaC2 Malware Deploys New Trigonometry-Based Anti-Sandbox Technique
New LummaC2 malware uses trigonometry-based tactic to differentiate between users and security systems, evading sandboxes and security analyses.
SecurityWeek
US Announces $70 Million Cybersecurity Boost for Rural, Municipal Utilities
The US Department of Energy is offering $70 million in funding to improve the cybersecurity of rural and municipal utilities.
Infosecurity News
Secretary Fined For Accessing Scores of Patient Records
NHS worker broke strict rules governing the special category data
CyberSecurity Dive
‘Honesty’: Estes details its playbook for responding to a cyberattack
Being open about the incident engendered goodwill from customers and colleagues, executives said.
CyberNews
Tech whiz kid Sam Altman is out of OpenAI for good: what happened?
Sam Altman, the ousted CEO of ChatGPT creator OpenAI, will definitely not return to the company he co-founded. It’s time to ask what happened.
CyberNews
Microsoft hires Sam Altman as OpenAI announces his replacement
OpenAI has appointed ex-Twitch boss Emmett Shear to lead the startup, replacing Sam Altman who will join the company's top backer Microsoft to lead a new advanced AI research team, the CEO of the software giant said.
Infosecurity News
Russia’s APT29 Targets Embassies With Ngrok and WinRAR Exploit
Threat group may be looking for intel on Azerbaijan
SecurityWeek
K-12 Schools Improve Protection Against Online Attacks, but Many Are Vulnerable to Ransomware Gangs
K-12 schools improve protection against cyberattacks, but many are still vulnerable to ransomware gangs, says Biden administration
Infosecurity News
NCSC Announces New Standard For Indicators of Compromise
Security agency authors first RFC document for IETF
CyberNews
Canadian Armed Forces, Mounties exposed in data breach
Members of the Canadian Armed Forces members, public servans, Mounties were exposed in a massive data breach.
CyberNews
Most cyberattacks in Russia come from China and North Korea
China and North Korea were behind most of state-sponsored cyberattacks in Russia, according to the country’s security firm Solar.
The Hacker News
Randstorm Exploit: Bitcoin Wallets Created b/w 2011-2015 Vulnerable to Hacking
🚨 Bitcoin wallets created from 2011 to 2015 vulnerable to "Randstorm" exploit, potentially allowing unauthorized access by recovering passwords.
CyberNews
Clearview AI $10M fine still under dispute as UK regulator appeals
The Information Commissioner's Office has appealed a tribunal decision to overturn a fine levied against it over data privacy.
Security Affairs
DarkCasino joins the list of APT groups exploiting WinRAR 0day
The DarkCasino APT group leveraged a recently disclosed WinRAR zero-day vulnerability tracked as CVE-2023-38831.
CyberNews
Welltok MOVEit hack impacts 1.6M individuals
Welltok MOVEit Trasnfer breach impacted millions of individuals.
Security Affairs
US teen pleads guilty to his role in credential stuffing attack on betting site
US teenager Joseph Garrison pleads guilty to carrying out a credential-stuffing attack on a betting website.
.webp)
Cyber Security News
Hackers Exploiting Zimbra 0-day to Attack Government Organizations
Zimbra Collaboration is an open-source solution software suite with an email server and web client for collaboration.
The Hacker News
Indian Hack-for-Hire Group Targeted U.S., China, and More for Over 10 Years
Indian Hack-for-Hire Group targeted U.S., China, Pakistan, and more for over a decade.