Source: www.cybertalk.org – Author: slandau EXECUTIVE SUMMARY: Although generative AI chatbots and Large Language Models (LLMs) can be a double-edged sword when it comes to corporate...
Day: June 3, 2023
Enzo Biochem Hit by Ransomware, 2.5 Million Patients’ Data Compromised – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 Enzo Biochem, a biotechnology company renowned for producing and distributing DNA-based tests designed to identify viral and bacterial diseases, has recently...
US and Korean Agencies Issue Warning on North Korean Cyber-Attacks – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 US and South Korean security agencies have issued a joint warning regarding North Korea’s use of social engineering tactics in cyber-attacks....
Malicious PyPI Packages Use Compiled Python Code to Bypass Detection – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 Security researchers at ReversingLabs have discovered a novel attack that used compiled Python code to evade detection. According to ReversingLabs reverse...
Russia points finger at US for iPhone exploit campaign that also hit Kaspersky Lab – Source: www.csoonline.com
Source: www.csoonline.com – Author: The Operation Triangulation surveillance campaign infects Apple iPhones without the need for user action and is difficult to detect. The Russian federal...
Attackers use Python compiled bytecode to evade detection – Source: www.csoonline.com
Source: www.csoonline.com – Author: Newly discovered campaign takes advantage of the fact that most vulnerability scanning tools don’t read compiled open-source software. Attackers who are targeting...
MOVEit Transfer vulnerability appears to be exploited widely – Source: www.csoonline.com
Source: www.csoonline.com – Author: A SQL injection vulnerability has been found in the MOVEit Transfer web application, allowing an unauthenticated attacker to gain unauthorized access to...
PyPI’s 2FA Requirements Don’t Go Far Enough, Researchers Say – Source: www.darkreading.com
Source: www.darkreading.com – Author: Tara Seals, Managing Editor, News, Dark Reading The official open source code repository for the Python programming language, the Python Package Index...
‘PostalFurious’ SMS Attacks Target UAE Citizens for Data Theft – Source: www.darkreading.com
Source: www.darkreading.com – Author: Dan Raywood, Senior Editor, Dark Reading Residents of the United Arab Emirates have been targeted by SMS campaigns that aim to steal payment and...
‘Picture-in-Picture’ Obfuscation Spoofs Delta, Kohl’s for Credential Harvesting – Source: www.darkreading.com
Source: www.darkreading.com – Author: Nathan Eddy, Contributing Writer, Dark Reading Hackers are turning to obfuscation tactics relying on glossy advertising photos from Delta Airlines and retailer...
Streamers Ditch Netflix for Dark Web After Password Sharing Ban – Source: www.darkreading.com
Source: www.darkreading.com – Author: Nate Nelson, Contributing Writer, Dark Reading From the outside, Netflix’s ban on password sharing may seem like a net positive for cybersecurity,...
Want Sustainable Security? Find Middle Ground Between Tech & Education – Source: www.darkreading.com
Source: www.darkreading.com – Author: Johanna Baum, CEO & Founder, Strategic Security Solutions (S3) End users get a bad rap with security — for good reason. As...
Apple Zero-Days, iMessage Used in 4-Year, Ongoing Spying Effort – Source: www.darkreading.com
Source: www.darkreading.com – Author: Jai Vijayan, Contributing Writer, Dark Reading For at least the past four years, an advanced persistent threat (APT) actor has been covertly...
Biometric Bypass: BrutePrint Makes Short Work of Fingerprint Security – Source: www.darkreading.com
Source: www.darkreading.com – Author: Robert Lemos, Contributing Writer, Dark Reading Weaknesses in the biometric security architecture of Android phones could allow attackers to brute-force an encoded...
OpenAI Unveils Million-Dollar Cybersecurity Grant Program – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ryan Naraine Artificial intelligence technology startup OpenAI has launched a $1 million cybersecurity grant program aimed at boosting defender-focused research and capabilities...
Galvanick Banks $10 Million for Industrial XDR Technology – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ryan Naraine Galvanick, an early-stage startup working on an Extended Detection & Response (XDR) platform for industrial infrastructure, has scored $10 million...
Information of 2.5M People Stolen in Ransomware Attack at Massachusetts Health Insurer – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Point32Health, the second-largest health insurer in Massachusetts, is in the process of informing more than 2.5 million individuals that their...
US, South Korea Detail North Korea’s Social Engineering Techniques – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The United States and South Korea on Thursday warned of North Korean social engineering attacks targeting the employees of think...
High-Severity Vulnerabilities Patched in Splunk Enterprise – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Splunk on Thursday announced Splunk Enterprise security updates that resolve multiple high-severity vulnerabilities, including some impacting third-party packages used by...
Idaho Hospitals Working to Resume Full Operations After Cyberattack – Source: www.securityweek.com
Source: www.securityweek.com – Author: Associated Press Two eastern Idaho hospitals and their clinics are working to resume full operations after a cyberattack on their computer systems....
Enzo Biochem Ransomware Attack Exposes Information of 2.5M Individuals – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Biotechnology company Enzo Biochem has revealed that the clinical test information of roughly 2.47 million individuals was exposed in a...
Apple Denies Helping US Government Hack Russian iPhones – Source: www.securityweek.com
Source: www.securityweek.com – Author: Eduard Kovacs Apple has denied working with any government to add backdoors to its products after Russia accused the company of helping...
Zero-Day in MOVEit File Transfer Software Exploited to Steal Data From Organizations – Source: www.securityweek.com
Source: www.securityweek.com – Author: Eduard Kovacs A zero-day vulnerability affecting Progress Software’s MOVEit Transfer product has been exploited to hack organizations and steal their data. Progress...
Google Temporarily Offering $180,000 for Full Chain Chrome Exploit – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Google today announced significantly higher bug bounty rewards for vulnerability reports containing full chain exploits leading to a sandbox escape...
Microsoft is killing Cortana on Windows starting late 2023 – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Sergiu Gatlan After introducing a string of AI-powered assistants for its products, Microsoft has now announced that it will soon end support...
The Week in Ransomware – June 2nd 2023 – Whodunit? – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Lawrence Abrams It has been a fairly quiet week regarding ransomware, with only a few reports released and no new significant attacks....
Windows 11 to require SMB signing to prevent NTLM relay attacks – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Sergiu Gatlan Microsoft says SMB signing (aka security signatures) will be required by default for all connections to defend against NTLM relay...
NSA and FBI: Kimsuky hackers pose as journalists to steal intel – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas State-sponsored North Korean hacker group Kimsuky (a.ka. APT43) has been impersonating journalists and academics for spear-phishing campaigns to collect intelligence from think...
Burton Snowboards discloses data breach after February attack – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Sergiu Gatlan Leading snowboard maker Burton Snowboards confirmed notified customers of a data breach after some of their sensitive information was “potentially”...
Malicious Chrome extensions with 75M installs removed from Web Store – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Google has removed from the Chrome Web Store 32 malicious extensions that could alter search results and push spam or...