You can hardly call cryptocurrency an anonymous means of payment. After all, since all transactions (well, almost all; more on that below) are written to the blockchain, the movement of cryptocurrency is fairly easy to trace. There are specialized analytical tools that make it relatively convenient and easy to locate show more ...
Episode 298 of the Transatlantic Cable Podcast kicks off with news that ChatGPT recently suffered a data-breach, raising concerns about the amount of information we hand over to the AI chatbot. From there, the team discuss a recent story around QR scams in South Korea. Moving on from QR codes, the team spoke to show more ...
Dubbed "ChattyGoblin," the China-backed actors use chatbots to scam Southeast Asian gambling companies.
One long-awaited security move caused a ripple effect in the cybercrime ecosystem.
Black Hat Asia's NOC team gives a look inside what's really happening on the cyberfront during these events.
Regulators should apply a healthy skepticism to generative AI developments to guarantee a competitive marketplace.
As a way to enhance the security of MFA, Microsoft will require users to authorize login attempts by entering a numeric code into the Microsoft Authenticator app.
The deal will enhance the capabilities of both companies and provide customers with a more comprehensive way to protect their digital assets.
The Technology Innovation Institute’s year-long cryptographic challenges invite participants to assess the concrete hardness of McEliece public-key encryption scheme.
Retired hardware and forgotten cloud virtual machines are a trove of insecure confidential data. Here's how to ameliorate that weakness.
The privilege escalation flaw is one in thousands that researchers have disclosed in recent years.
CERT-UA has issued a cautionary statement regarding an ongoing phishing operation that employs invoice-related tactics to spread the SmokeLoader malware. The attached ZIP archive is a polyglot file, meaning it is a single file that can be interpreted as multiple file formats.
By the end of March 2023, Sucuri researchers started noticing a new wave of SocGholish injections that used the intermediary xjquery[.]com domain. It appeared to be another evolution of the same malware.
Founded in 2020 and hosted by the Linux Foundation, OpenSSF is a cross-industry organization focused on improving the security of the open-source software supply chain through collaboration between tech companies.
Industrial and IoT cybersecurity firm Claroty on Thursday disclosed the details of five vulnerabilities that can be chained in an exploit potentially allowing threat actors to hack certain Netgear routers.
ESET tracked a series of attacks, dubbed Operation ChattyGoblin, against Southeast Asian gambling companies. The operation has been ongoing since October 2021 and leverages chat apps. The campaign is believed to be used to target organizations in the industrial, technology, healthcare, insurance, manufacturing, and telecom sectors in Europe and North America.
Recently, researchers have observed malicious advertisement campaigns in Google’s search engine with themes that are related to AI tools. For example, malicious ads are served when a user searches for the keyword "midjourney" in Google.
The vulnerability, tracked as CVE-2023-27532, exposes encrypted credentials stored in Veeam Backup & Replication. It could lead to unauthorized access to backup infrastructure hosts, says the HHS' HC3 in an alert.
In 76% of the ransomware attacks targeting surveyed organizations, the adversaries successfully encrypted the data. Those who paid a ransom for a decryption key ended up doubling their recovery costs. The highest payment rate was observed among organizations with revenue over $5 billion.
Senators are pushing to improve the cybersecurity of the national 988 Suicide & Crisis Lifeline and election infrastructure, after passing a bill to upgrade the resiliency of the aviation sector’s notification system for flight hazards.
A cyberattack campaign was observed against foreign government institutions in Kazakhstan and Afghanistan using decoy documents that impersonate real diplomats. Attackers used a new malware family dubbed DownEx by Bitdefender Labs. It can move laterally to traverse local and network drives to extract a wide range of show more ...
In recent GULoader campaigns, researchers witnessed a rise in NSIS-based installers delivered via email as malspam that use plugin libraries to execute the GU shellcode on the victim system.
The tech giant's latest initiatives are aimed at protecting its users from cyber threats, including phishing attacks and malicious websites, while providing more control and transparency over their personal data.
By incorporating the encryption within a static library, the malware developers achieve better stealth and obfuscation, as the reliance on external libraries like one featuring the RC4 cipher algorithm is removed.
The company believes the threat actors have stolen customer account information, including names, email addresses, account passwords, phone numbers (where available), and school district names.
The attacks took place in early May 2023, the Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) said in a joint cybersecurity advisory issued Thursday.
The exploitation of a critical vulnerability in the Essential Addons for Elementor WordPress plugin began immediately after a patch was released, WordPress security firm Defiant warns.
On May 10, the firm filed a notice of data breach with the Maine Attorney General after learning that an unauthorized party had gained access to the company’s IT network and accessed sensitive information belonging to current and former employees.
Rockwell Automation published six new security advisories this week and four of them have also been distributed by the US Cybersecurity and Infrastructure Security Agency (CISA). The advisories describe a total of more than a dozen vulnerabilities.
Tennessee’s Chattanooga State Community College has been responding to a cyberattack since Saturday, forcing the school to cancel classes on Monday and modify schedules for staff members. The school serves more than 11,000 students.
A group of cybercriminals based in Israel has launched more than 350 business email compromise (BEC) campaigns over the past two years, targeting large multinational companies from around the world.
The malware turns the devices into proxies which are used to steal and sell SMS messages, take over social media and online messaging accounts, and used as monetization opportunities via adverts and click fraud.
BleepingComputer has learned from multiple employees that the ransomware attack has affected its Active Directory, affecting hundreds of devices. Consequently, ABB terminated VPN connections with its customers to prevent the spread of the ransomware.
Ubuntu Security Notice 6073-3 - Jan Wasilewski and Gorka Eguileor discovered that Nova incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information.
Ubuntu Security Notice 6073-1 - Jan Wasilewski and Gorka Eguileor discovered that Cinder incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information.
Ubuntu Security Notice 6073-4 - Jan Wasilewski and Gorka Eguileor discovered that os-brick incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information.
Ubuntu Security Notice 6073-2 - Jan Wasilewski and Gorka Eguileor discovered that Glance_store incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information.
Debian Linux Security Advisory 5401-1 - Two security issues were found in PostgreSQL, which may result in privilege escalation or incorrect policy enforcement.
Advantech EKI-1524-CE series, EKI-1522 series, and EKI-1521 series suffer from command injection and buffer overflow vulnerabilities.
Millhouse-Project version 1.414 suffers from a cross site scripting vulnerability.
Millhouse-Project version 1.414 suffers from a remote shell upload vulnerability.
A security vulnerability has been disclosed in the popular WordPress plugin Essential Addons for Elementor that could be potentially exploited to achieve elevated privileges on affected sites. The issue, tracked as CVE-2023-32243, has been addressed by the plugin maintainers in version 5.7.2 that was shipped on May 11, 2023. Essential Addons for Elementor has over one million active
U.S. cybersecurity and intelligence agencies have warned of attacks carried out by a threat actor known as the Bl00dy Ransomware Gang that attempt to exploit vulnerable PaperCut servers against the education facilities sector in the country. The attacks took place in early May 2023, the Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) said in a
A previously undocumented and mostly undetected variant of a Linux backdoor called BPFDoor has been spotted in the wild, cybersecurity firm Deep Instinct said in a technical report published this week. "BPFDoor retains its reputation as an extremely stealthy and difficult-to-detect malware with this latest iteration," security researchers Shaul Vilkomir-Preisman and Eliran Nissan said. BPFDoor (
In today's interconnected world, where organisations regularly exchange sensitive information with customers, partners and employees, secure collaboration has become increasingly vital. However, collaboration can pose a security risk if not managed properly. To ensure that collaboration remains secure, organisations need to take steps to protect their data. Since collaborating is essential for
As many as five security flaws have been disclosed in Netgear RAX30 routers that could be chained to bypass authentication and achieve remote code execution. "Successful exploits could allow attackers to monitor users' internet activity, hijack internet connections, and redirect traffic to malicious websites or inject malware into network traffic," Claroty security researcher Uri Katz said in a
Cybersecurity researchers have discovered an ongoing phishing campaign that makes use of a unique attack chain to deliver the XWorm malware on targeted systems. Securonix, which is tracking the activity cluster under the name MEME#4CHAN, said some of the attacks have primarily targeted manufacturing firms and healthcare clinics located in Germany. "The attack campaign has been leveraging rather
Cybercriminals have developed a new malware threat which can steal highly sensitive data from the Mac computers it infects.
es, you should be worried about the threat posed by external hackers. But also consider the internal threat posed by insiders and rogue employees - the people you have entrusted to act responsibly with the data of your company and your customers. Read more in my article on the Hot for Security blog.
