CyberNews
Taylor Swift deepfakes amass 47 million views on X
On Wednesday, sexually explicit AI-generated images of artist Taylor Swift flooded X.
CyberNews
X lifts ban on Taylor Swift searches since explicit fakes frenzy
X ended the ban on searches for Taylor Swift Monday evening, in place after fake sexually explicit images of Swift proliferated on the platform last week.
CyberNews
Pro-Trump banner held by Taylor Swift at Grammys is fake
A video of artist Taylor Swift holding a pro-Trump banner has begun circulating on X after the Grammy’s.
The Hacker News
UpdateAgent Returns with New macOS Malware Dropper Written in Swift
Researchers have identified a new variant of UpdateAgent macOS malware dropper in the wild, written in SWIFT.
Computerworld
Microsoft and the Taylor Swift genAI deepfake problem
The faked images of singer Taylor Swift that showed up online are likely just the beginning of a coming swarm of deepfakes. Don’t look to Microsoft to do much about the problem.
CyberNews
Taylor Swift debacle spurs tech world and US lawmakers into action
Since the fake sexually explicit images of Taylor Swift went viral, Microsoft has fixed its generative AI tool and US lawmakers have proposed new regulation.
Security Affairs
Experts spotted a new variant of UpdateAgent macOS malware dropper written in Swift
Researchers spotted a new variant of the UpdateAgent macOS malware dropper that was employed in attacks in the wild. Researchers from the Jamf Threat Labs team have uncovered a new variant of the UpdateAgent macOS malware dropper. The new version is written in Swift and relies on the AWS infrastructure to host its malicious payloads. […]
Bleeping Computer
QBot malware abuses Windows WordPad EXE to infect devices
The QBot malware operation has started to abuse a DLL hijacking flaw in the Windows 10 WordPad program to infect computers, using the legitimate program to evade detection by security software.
Bleeping Computer
QBot phishing abuses Windows Control Panel EXE to infect devices
Phishing emails distributing the QBot malware are using a DLL hijacking flaw in the Windows 10 Control Panel to infect computers, likely as an attempt to evade detection by security software.
Trend Micro
AI Auctions: Collectibles, Taylor Swift, Jordan Bots
Discover the fascinating world of AI, ML, and RPA and their real-world applications including the creation of a custom RPA bot for collecting rare sports memorabilia.
Ars Technica
Banks on alert for Russian reprisal cyberattacks on Swift
Payments messaging system could be targeted as pinch point of global transactions network.
Bleeping Computer
npm packages hide TurkoRAT malware in what looks like a NodeJS EXE
Researchers have discovered multiple npm packages named after NodeJS libraries that even pack a Windows executable that resembles NodeJS but instead drops a sinister trojan.
DarkReading
Killnet Threatens Imminent SWIFT, World Banking Attacks
The DDoS collective claims to be teaming up with ReVIL and Anonymous Sudan for destructive financial attacks in retaliation for US aid in Ukraine, but the partnerships (and danger) are far from verified.
The Record
EU: SWIFT to cut off access to some Russian banks
What you need to know about this major financial tech change.
CyberNews
Russian cybercriminals fear SWIFT ban, don't trust crypto | CyberNews
Threat actors fear the country's going back to Soviet era economy.
The Record
Ticketmaster blames ‘bot attacks’ for Taylor Swift ticket fiasco
Ticketmaster blamed “bot attacks” for the controversy surrounding their sale of tickets for Taylor Swift’s upcoming tour.
Latest Hacking News
Microsoft Rolls Out Security Copilot For Swift Incident Response
The Redmond-based tech giant goes a step ahead in the AI race by utilizing AI’s power for cybersecurity. Specifically, Microsoft now rolls out “Security Copilot” to help the cybersecurity community with fast incidence response. Microsoft Security
Infosecurity News
Ticketmaster Claims Bot Attack Disrupted Taylor Swift Tour Sales
Joe Berchtold, president of Live Nation, made the claims at a congressional committee Tuesday
DarkReading
Name That Toon: Swift as an Arrow
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
Infosecurity News
Barracuda Urges Swift Replacement of Vulnerable ESG Appliances
Investigating the ESG bug, Rapid7 assumed the presence of persistent malware hindering device wipes
DataBreaches
Ticketmaster says cyberattack disrupted Taylor Swift ticket sales
Josh Sisco and Maggie Miller report: Ticketmaster was hit by a cyberattack in November that led to the problems with ticket sales for Taylor Swift’s upcoming...
Infosecurity News
New NCUA Rule Requires Swift Cyber Incident Reporting
Credit unions will be obligated to notify the NCUA about any cyber incident within 72 hours
Latest Hacking News
Cloudflare Launches "Friendly Bots" For Swift Bot Verification
Amidst the rising of bots, Cloudflare has rolled out “Friendly Bots” – a bot validation service. With this feature, Cloudflare aims to accelerate and improvise manual bot validation. Cloudflare Rolls Out Friendly Bots Sharing the details via
Bleeping Computer
Criminal IP and Tenable Partner for Swift Vulnerability Detection
Cyber Threat Intelligence (CTI) search engine Criminal IP has established a technical partnership with Tenable. Learn more from Criminal IP about how this partnership can assist in real-time vulnerability and maliciousness scans.
The Record
Senators slam Ticketmaster for reporting just one bot case to FTC despite Taylor Swift fiasco claims
Several U.S. Senators criticized Ticketmaster during a hearing on Tuesday for only reporting one case of bot abuse to the FTC.
Bleeping Computer
Qbot, Lokibot malware switch back to Windows Regsvr32 delivery
Malware distributors have turned to an older trick known as Squiblydoo to spread Qbot and Lokibot via Microsoft Office document using regsvr32.exe.
The Record
Vevo announces investigation after YouTube accounts for Rihanna, Justin Beiber, Taylor Swift, Kanye and more hacked
Multinational video hosting service Vevo said it will be investigating a recent incident where someone took over the YouTube pages for several high-profile artists and either uploaded music videos or changed the names of popular videos.
ZDNet
NSA to developers: Think about switching from C and C++ to a memory safe programming language
For many developers, that could mean a shift towards C#, Go, Java, Ruby, Rust, and Swift.
CyberSecurity Dive
CISA summons outside tips to alert victims of early-stage ransomware
Post-breach notifications might seem too late for victim organizations, but swift action can prevent ransomware and data exfiltration.
DataBreaches
Data Breach Putative Class Action Questions Whether Broker Was Swift Enough in Notice and Response
Andrea DeField and Matthew J. Revis of Hunton Andrews Kurth write: While America was tuned into the big game, one California insurance broker faced its own...
Cyber Security News
Critical Flaw in Zip Libraries Let Attackers Abuse ZIP archives
Recent reports indicate that there have been several vulnerabilities found in popular ZIP libraries of Swift and Flutter.
CyberNews
The latest malicious activity and how to deal with it
Explaining recent malicious activity and analyzing its examples.
The Cyber Express
Connecticut College Responds to Data Breach: Credit Monitoring Offered to Impacted Individuals
Connecticut College has recently revealed a significant data breach incident, prompting swift and proactive measures to address the incident and
Cyber Security News
LockBit Making A Comeback After The Massive Takedown
The notorious ransomware group LockBit has re-emerged on the dark web, signaling a swift comeback less than a week after a significant
CyberNews
UMG label to pull music from TikTok after AI dispute
Universal Music Group, representing artists such as Taylor Swift, Ariana Grande, and Billie Eilish, will pull its music from TikTok after unsolved royalty disagreements.
Bleeping Computer
Microsoft Sysmon can now block malicious EXEs from being created
Microsoft has released Sysmon 14 with a new 'FileBlockExecutable' option that lets you block the creation of malicious executables, such as EXE, DLL, and SYS files, for better protection against malware.
DarkReading
Malicious npm Package Poses as Tailwind Tool
Branded as a components library for two popular open source resources, Material Tailwind instead loads a Windows .exe that can run PowerShell scripts.
Security Affairs
Attackers Increasingly Adopting Regsvr32 Utility Execution Via Office Documents
The Uptycs threat research team has been observing an increase in utilization of regsvr32.exe heavily via various types of Microsoft Office documents. The full report that includes Indicators of Compromise (IOCs) is available here: https://www.uptycs.com/blog/attackers-increasingly-adopting-regsvr32-utility-execution-via-office-documents During our analysis of these malware samples, we have identified that some of the malware samples belonged to Qbot and […]
The Hacker News
AnyDesk Hacked: Popular Remote Desktop Software Mandates Password Reset
Discover the details of the recent AnyDesk cyber attack, including the company’s swift response to secure its production systems and the steps users s
.jpg)
DarkReading
Royal Ransom Demands Exceed $275M, Rebrand in Offing
The swift-moving ransomware crew continues to evolve quickly and has already attacked more than 350 victims since it was first detected just over a year ago.
DarkReading
Mysterious Mystic Stealer Spreads Like Wildfire in Mere Months
A criminal crowd-sourcing campaign has led to swift adoption of the stealer, which can pilfer key computer data, credentials from browsers and chat apps, and cryptocurrency from multiple wallets.
Trend Micro
Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement
While monitoring Earth Lusca, we discovered an intriguing, encrypted file on the threat actor's server — a Linux-based malware, which appears to originate from the open-source Windows backdoor Trochilus, which we've dubbed SprySOCKS due to its swift behavior and SOCKS implementation.
Trend Micro
TeamCity Vulnerability Exploits Lead to Jasmin Ransomware, Other Malware Types
CVE-2024-27198 and CVE-2024-27199 are vulnerabilities within the TeamCity On-Premises platform that can allow attackers to gain administrative control over affected systems.
Trend Micro
Tailing Big Head Ransomware’s Variants, Tactics, and Impact
We analyze the technical details of a new ransomware family named Big Head. In this entry, we discuss the Big Head ransomware’s similarities and distinct markers that add more technical details to initial reports on the ransomware.
Cyber Security News
Hackers Weaponize Word Files To Deliver DanaBot Malware
Recent email campaigns distribute DanaBot malware through two document types: those using equation editor exploits and those containing
Trend Micro
Multistage RA World Ransomware Uses Anti-AV Tactics, Exploits GPO
The Trend Micro threat hunting team came across an RA World attack involving multistage components designed to ensure maximum impact.
The Hacker News
New Wave of JSOutProx Malware Targeting Financial Firms in APAC and MENA
Financial organizations in APAC & MENA are under attack. A sophisticated threat dubbed JSOutProx combines JavaScript & .NET to infiltrate systems.
Trend Micro
Bruised but Not Broken: The Resurgence of the Emotet Botnet Malware
During the first quarter of 2022, we discovered a significant number of infections using multiple new Emotet variants that employed both old and new techniques to trick their intended victims into accessing malicious links and enabling macro content.
DarkReading
Microsoft Simplifies Security Patching Process for Exchange Server
Delivering hotfixes and system updates separately will allow manual patching without requiring elevated permissions, Microsoft said.
CyberNews
Katy Perry's AI-generated image at the Met Gala confuses her own mother
Deepfake images of Katy Perry at this year's Met Gala are gaining a lot of attention online, and people are falling for it.
Cyber Security News
Hackers Exploit Google Ads Tracking Feature To Deliver Malware
Google Ads is a big platform with a wide user base which makes it attractive for threat actors who want to reach many targets at once.
The Hacker News
Researchers Warn of 'Raspberry Robin' Malware Spreading via External Drives
Security researchers have discovered a new Windows malware with worm-like capabilities that is propagated via removable USB devices.
Cyber Security News
Hackers Mimic Popular VPN Download page to Deliver Malware
Threat actors have been using domestic VPN installation files for distributing SparkRAT malware which leads to MeshAgent infection on the victim systems.
Bleeping Computer
Fake Solana Phantom security updates push crypto-stealing malware
Hackers are airdropping NFTs to Solana cryptocurrency owners pretending to be alerts for a new Phantom security update that lead to the installation of password-stealing malware and the theft of cryptocurrency wallets.
Bleeping Computer
Solana Phantom security update NFTs push password-stealing malware
Hackers are airdropping NFTs to Solana cryptocurrency owners pretending to be alerts for a new Phantom security update that lead to the installation of password-stealing malware and the theft of cryptocurrency wallets.
Ars Technica
High-speed AI drone beats world-champion racers for the first time
University creates the first autonomous system capable of beating humans at drone racing.
The Hacker News
Japanese Cryptocurrency Exchange Falls Victim to JokerSpy macOS Backdoor Attack
A Japanese cryptocurrency exchange fell victim to a recent cyberattack, deploying the stealthy JokerSpy backdoor on Apple macOS.
Cyber Security News
Threat Actors Using Mimikatz Hacking Tool to Deploy Trigona Ransomware
Trigona ransomware attacks Windows with uncommon techniques and uses the Mimikatz exploitation tool. Read more here.
CyberNews
Super crypto predictions for the Super Bowl
Super Bowl predictions and betting in the crypto world
Cyber Security News
Snake Keylogger Steals victim Logins, Keystrokes, & Capture Screen
Snake Keylogger, a .NET infostealer malware, also known as 404 Keylogger, steals credentials, keystrokes, and screenshots, collects system info
Bleeping Computer
Malicious Notepad++ installers push StrongPity malware
The sophisticated hacking group known as StrongPity is circulating laced Notepad++ installers that infect targets with malware.
Cyber Security News
Hackers Use Weaponized PDF Files to Attack Manufacturing, Commercial, and Healthcare Organizations
Recently, eSentire TRU reported, Hackers Use Weaponized PDF Files to Attack Manufacturing, Commercial, and Healthcare Organizations.
Cyber Security News
Hackers Weaponize PDF Files to Deliver Multiple Ransomware Variants
PDF files are commonly used for their versatility, making them a prime target for malware delivery because they can embed malicious scripts or links.
Security Affairs
Long-existing Bandook RAT targets Windows machines
A new variant of the Bandook remote access trojan (RAT) was spotted in attacks aimed at Windows machines.
SecurityWeek
User Documents Overwritten With Malicious Code in Recent Dridex Attacks on macOS
Malicious macros used for payload delivery in recent Dridex attacks targeting macOS systems added to all the victim’s document files.
Latest Hacking News
This "teler-waf" Tool Protects Go Apps From Web-based Attacks
A security researcher has released a new security tool that fends off web-based attacks like cross-site scripting, SQL injections, and others. Dubbed “teler-waf”, the tool typically aims at protecting Go apps from such attacks by
Trend Micro
IcedID Botnet Distributors Abuse Google PPC to Distribute Malware
We analyze the latest changes in IcedID botnet from a campaign that abuses Google pay per click (PPC) ads to distribute IcedID via malvertising attacks.
Cyber Security News
Beware!! King of Malware Emotet Attack Windows User Via Weaponized Excel Files
Researchers uncovered an infamous and one of long-living malware "Emotet" which is being distributed over a malicious Excel File.
ThreatPost
Living Off the Land: How to Defend Against Malicious Use of Legitimate Utilities
LOLBins help attackers become invisible to security platforms. Uptycs provides a rundown of the most commonly abused native utilities for Windows, Linux and macOS – and advice for protection.
Bleeping Computer
Microsoft's Halo dev site breached using dependency hijacking
Microsoft has once again been successfully hit by a dependency hijacking attack. This month, another researcher found an npm internal dependency being used by an open-source project. After publishing a public dependency by the same name, he began receiving messages from Microsoft's Halo game dev servers.
Trend Micro
SolidBit Ransomware Enters the RaaS Scene and Takes Aim at Gamers and Social Media Users With New Variant
This blog entry offers a technical analysis of a new SolidBit variant that is posing as different applications to lure gamers and social media users. The SolidBit ransomware group appears to be planning to expand its operations through these fraudulent apps and its recruitment of ransomware-as-a-service affiliates.
DarkReading
Attackers Abuse Google Ad Feature to Target Slack, Notion Users
Campaign distributes malware disguised as legitimate installers for popular workplace collaboration apps by abusing a traffic-tracking feature.
SecurityWeek
'BatBadBut' Command Injection Vulnerability Affects Multiple Programming Languages
A critical vulnerability in multiple programming languages allows attackers to inject commands in Windows applications.
Trend Micro
Unveiling Earth Kapre aka RedCurl’s Cyberespionage Tactics With Trend Micro MDR, Threat Intelligence
This blog entry will examine Trend Micro MDR team's investigation that successfully uncovered the intrusion sets employed by Earth Kapre in a recent incident, as well as how the team leveraged threat intelligence to attribute the extracted evidence to the cyberespionage threat group.
The Hacker News
New Bandook RAT Variant Resurfaces, Targeting Windows Machines
New Bandook Trojan variant targets Windows users! Disguised in phishing emails as PDFs.
Cyber Security News
FARGO Ransomware Attacks MS-SQL Servers To Encrypt Internet Services
Cybersecurity experts at the ASEC (AhnLab Security Emergency Response Center) analysis team have recently warned that Microsoft SQL servers that are vulnerable to attacks have been targeted by the ransomware called FARGO in a new wave of attacks. An MS-SQL server is a system that is used for storing and managing data related to internet […]
Security Affairs
DragonSpark threat actor avoids detection using Golang source code Interpretation
Chinese threat actor tracked as DragonSpark targets organizations in East Asia with a Golang malware to evade detection. SentinelOne researchers spotted a Chinese-speaking actor, tracked as DragonSpark, that is targeting organizations in East Asia. The attackers employed an open source tool SparkRAT along with Golang malware that implements an uncommon technique to evade detection. “The threat […]
Cyber Security News
Chinsese Hackers Using Golang Source Code Interpreter To Bypass Detection
Researchers uncovered a new technique employed by Chinese threat actors in which Golang Source Code Interpreter used to evade detection.
Trend Micro
Threat Actor Groups, Including Black Basta, are Exploiting Recent ScreenConnect Vulnerabilities
This blog entry gives a detailed analysis of these recent ScreenConnect vulnerabilities. We also discuss our discovery of threat actor groups, including Black Basta and Bl00dy Ransomware gangs, that are actively exploiting CVE-2024-1708 and CVE-2024-1709 based on our telemetry.
Bleeping Computer
EmoCheck now detects new 64-bit versions of Emotet malware
The Japan CERT has released a new version of their EmoCheck utility to detect new 64-bit versions of the Emotet malware that began infecting users this month.
Cyber Security News
ChatGPT Powered Polymorphic Malware Bypasses Endpoint Detection Filters
The number of monthly users of ChatGPT exceeded 100 million at the end of January, which sets a new record for the fastest-growing app
The DFIR Report
BumbleBee Roasts Its Way to Domain Admin
In this intrusion from April 2022, the threat actors used BumbleBee as the initial access vector. BumbleBee is a malware loader that was first reported by Google Threat Analysis Group in March 2022…
The DFIR Report
IcedID Macro Ends in Nokoyawa Ransomware - The DFIR Report
Threat actors have moved to other means of initial access, such as ISO files combined with LNKs or OneNote payloads, but some appearances of VBA macros in Office documents can … Read More
Cyber Security News
U.S Federal Agency Hacked - Attackers Exploited Telerik Vulnerability in IIS Server
A joint operation conducted by DHS, FCEB, and CISA Identified multiple attempts of a cyber attack on the U.S. Government IIS Server.
Security Affairs
Raspberry Robin malware used in attacks against Telecom and Governments
The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe. The campaign has been active since at least September 2022, most of the infections have been observed in […]
Security Affairs
Raspberry Robin malware used in attacks against Telecom and Governments
The Raspberry Robin worm attacks aimed at telecommunications and government office systems across Latin America, Australia, and Europe. Researchers from Trend Micro have uncovered a Raspberry Robin worm campaign targeting telecommunications and government office systems across Latin America, Australia, and Europe. The campaign has been active since at least September 2022, most of the infections have been observed in […]
Cyber Security News
Meet The New Qakbot DLL That Abuses Windows Process For persistence
Law enforcement dismantled the Qakbot botnet's servers in 2023's Operation Duck Hunt, but researchers identified its reemergence with a
The DFIR Report
Malicious ISO File Leads to Domain Wide Ransomware - The DFIR Report
IcedID continues to deliver malspam emails to facilitate a compromise. This case covers the activity from a campaign in late September of 2022. Post exploitation activities detail some familiar and … Read More
Infosecurity News
Ukraine's Delta Military Intel System Hit by Attacks
Phishing campaign spotted by CERT-UA
Cyber Security News
Hackers Attack Unpatched Citrix NetScaler Systems to Deploy Ransomware
Threat actors targeting unpatched Citrix NetScaler systems exposed to the internet are being tracked by Sophos X-Ops.
Trend Micro
Staging a Quack: Reverse Analyzing a Fileless QAKBOT Stager
We analyzed a fileless QAKBOT stager possibly connected to the recently reported Squirrelwaffle campaign.
The DFIR Report
BumbleBee: Round Two
In this intrusion from May 2022, the threat actors used BumbleBee as the initial access vector. BumbleBee has been identified as an initial access vector utilized by several ransomware affiliates. …
SecurityWeek
Organizations Respond to HTTP/2 Zero-Day Exploited for DDoS Attacks
Organizations respond to HTTP/2 Rapid Reset zero-day vulnerability exploited to launch the largest DDoS attacks seen to date.
Cyber Security News
Operation PhantomBlu: Attackers Utilising Weaponized MS Office Doc to Hack Windows
Researchers from Perception Point identified a new malware campaign, PhantomBlu, targeting US organizations that use novel techniques to deploy NetSupport RAT, a remote access trojan, by exploiting legitimate features of Microsoft Office document templates via OLE manipulation. It allows the attackers to evade detection and gain control of victim machines for various malicious activities, including […]
Cyber Security News
IcedID Malware Let Attackers Compromise the Active Directory Domain
In a recent incident, within just 24 hours of initial access, the IcedID (aka BokBot) malware was used to successfully penetrate the Active Directory domain of an unnamed target.
Latest Hacking News
Latest Google Chrome Update Fixed Another Zero-Day Flaw
Heads up Chrome users! Google has just pushed another update to its Chrome browser, once again, fixing a zero-day flaw. Users should ensure they update their systems at their earliest to avoid potential exploits. Google Chrome
The Hacker News
North Korea Hackers Spotted Targeting Job Seekers with macOS Malware
North Korea-backed Lazarus Group has been observed attacking job seekers with malware that can run on Apple Macs with Intel and M1 chipsets.
Bleeping Computer
Microsoft PowerToys now requires Windows 10 1903 and later
Microsoft released PowerToys v0.37.0 yesterday with minor improvements and a significant change - it now requires a minimum version of Windows 10 1903.
Security Affairs
Brazilian trojan impacting Portuguese users and using the same capabilities seen in other Latin American threats
Brazilian trojan impacting Portuguese users and using the same capabilities seen in other Latin American threats Introduction A new variant of a Brazilian trojan has impacted Internet end users in Portugal since last month (February 2022). Although there are no significant differences and sophistication in contrast to other well-known trojans such as Maxtrilha, URSA, and Javali, an analysis […]
Trend Micro
Dridex Returns, Targets MacOS Using New Entry Method
The Dridex variant we analyzed targets MacOS platforms with a new technique to deliver documents embedded with malicious macros to users.
Loading more articles....