Hashtag Trending Feb.26-Cybersecurity firm selling your data? AT&T outage; Microsoft’s updates may no longer force you to reboot your computer
Hashtag Trending Feb.26-Cybersecurity firm selling your data? AT&T outage; Microsoft’s updates may no longer force you to reboot your computer Go to Source A cybersecurity firm selling your data? AT&T says a flawed network update...
Microsoft catches the Wi-Fi 7 wave with Windows 11
Microsoft catches the Wi-Fi 7 wave with Windows 11 Go to Source In with the new, but old Insider bugs remain More than a month after the Wi-Fi alliance introduced certification for Wi-Fi 7 devices, Microsoft has added support for the...
Dormant PyPI Package Compromised to Spread Nova Sentinel Malware
A dormant package available on the Python Package Index (PyPI) repository was updated nearly after two years to propagate an information stealer malware called Nova Sentinel. The package, named django-log-tracker, was first published to PyPI in April 2022, according...
‘SlashAndGrab’ ScreenConnect Vulnerability Widely Exploited for Malware Delivery
ConnectWise ScreenConnect vulnerability tracked as CVE-2024-1709 and SlashAndGrab exploited to deliver ransomware and other malware. The post ‘SlashAndGrab’ ScreenConnect Vulnerability Widely Exploited for Malware Delivery appeared first on SecurityWeek.
FBI warns Chinese hackers’ malware prepositioning efforts at a ‘fever pitch’
Federal Bureau of Investigation Director Christopher Wray put the spotlight on the threat posed by Chinese state-backed hackers during a security summit held over the weekend. Speaking at the Munich Security Conference on Sunday, Wray said that such hacking groups’...
Microsoft releases its internal generative AI red teaming tool to the public
Microsoft releases its internal generative AI red teaming tool to the public Go to Source PyRIT can generate thousands of malicious prompts to test a gen AI model, and even score its response.
Russian Government Software Backdoored to Deploy Konni RAT Malware
An installer for a tool likely used by the Russian Consular Department of the Ministry of Foreign Affairs (MID) has been backdoored to deliver a remote access trojan called Konni RAT (aka UpDog). The findings come from German cybersecurity company DCSO, which linked...
Ask HN: Cleanest way to manage Windows OS?
Ask HN: Cleanest way to manage Windows OS? Go to Source So, I'm going to enroll in a university and they specify that I need to use Windows in class because there are some softwares that only works on Windows. My initial plan was to...
Google promises to fix Gemini’s image generation following complaints that it’s ‘woke’
Google's Gemini chatbot, which was formerly called Bard, has the capability to whip up AI-generated illustrations based on a user's text description. You can ask it to create pictures of happy couples, for instance, or people in period clothing walking modern streets....
Facebook Marketplace – 77,267 breached accounts
In February 2024, 200k Facebook Marketplace records allegedly obtained from a Meta contractor in October 2023 were posted to a popular hacking forum. The data contained 77k unique email addresses alongside names, phone numbers, Facebook profile IDs and geographic...
New Wi-Fi Vulnerabilities Expose Android and Linux Devices to Hackers
Cybersecurity researchers have identified two authentication bypass flaws in open-source Wi-Fi software found in Android, Linux, and ChromeOS devices that could trick users into joining a malicious clone of a legitimate network or allow an attacker to join a trusted...
LockBit leaks expose nearly 200 affiliates and bespoke data-stealing malware
Operation Cronos's 'partners' continue to trickle the criminal empire's secrets The latest revelation from law enforcement authorities in relation to this week's LockBit leaks is that the ransomware group had registered nearly 200 "affiliates" over the past two...
Diversifying Defenses: FjordPhantom Malware Shows Importance of a Multi-Pronged Approach
Security teams need to combine the angles of client-side and server-side detection in order to have the best chance of mitigating the risk of advanced mobile malware. The post Diversifying Defenses: FjordPhantom Malware Shows Importance of a Multi-Pronged Approach...
Redis Servers Targeted With New ‘Migo’ Malware
Attackers weaken Redis instances to deploy the new Migo malware and install a rootkit and cryptominers. The post Redis Servers Targeted With New ‘Migo’ Malware appeared first on SecurityWeek.
Hashtag Trending Feb.21- LockBit website goes down; Microsoft takes on Nvidia; Online backlash against OpenAI
Hashtag Trending Feb.21- LockBit website goes down; Microsoft takes on Nvidia; Online backlash against OpenAI Go to Source An international effort has brought down the notorious LockBit ransomware gang, Microsoft has developed its own...
New Migo Malware Targeting Redis Servers for Cryptocurrency Mining
A novel malware campaign has been observed targeting Redis servers for initial access with the ultimate goal of mining cryptocurrency on compromised Linux hosts. "This particular campaign involves the use of a number of novel system weakening techniques against the...
Recent Zero-Day Could Impact Up to 97,000 Microsoft Exchange Servers
Recent Zero-Day Could Impact Up to 97,000 Microsoft Exchange Servers Go to Source Shadowserver Foundation has identified roughly 28,000 Microsoft Exchange servers impacted by a recent zero-day. The post Recent Zero-Day Could Impact Up...
Members of ransomware gang Lockbit arrested by law enforcement
International law enforcement, led by the UK’s National Crime Agency, disrupted ransomware gang Lockbit's operation. The group behind notable hacks against aircraft manufacturer Boeing, chip giant Taiwan Semiconductor Manufacturing Company, sandwich chain Subway and...
Websites Hacked via Vulnerability in Bricks Builder WordPress Plugin
Attackers are exploiting a recent remote code execution flaw in the Bricks Builder WordPress plugin to deploy malware. The post Websites Hacked via Vulnerability in Bricks Builder WordPress Plugin appeared first on SecurityWeek.
Menlo Secure Cloud Browser Enables a Safer Enterprise Workspace
Instead of trying to force users to embrace a new browser -- and thus expand the enterprise attack surface -- Menlo's add-on tools protect data and users with end-to-end visibility and dynamic policy enforcement directly inside browser sessions to block zero-hour...
Menlo Secure Cloud Browser Enables a Safer Enterprise Workspace
Instead of trying to force users to embrace a new browser -- and thus expand the enterprise attack surface -- Menlo's add-on tools protect data and users with end-to-end visibility and dynamic policy enforcement directly inside browser sessions to block zero-hour...
Installing SteamOS and Windows on a Google Meet Video Conference Computer
Installing SteamOS and Windows on a Google Meet Video Conference Computer Go to Source The Lenovo Meet is a collaboration with Google to bring Google Meet to customers in a ready to install kit for conference rooms and similar. Also...
Meta Warns of 8 Spyware Firms Targeting iOS, Android, and Windows Devices
Meta Platforms said it took a series of steps to curtail malicious activity from eight different firms based in Italy, Spain, and the United Arab Emirates (U.A.E.) operating in the surveillance-for-hire industry. The findings are part of its Adversarial Threat...
FBI’s Most-Wanted Zeus and IcedID Malware Mastermind Pleads Guilty
A Ukrainian national has pleaded guilty in the U.S. to his role in two different malware schemes, Zeus and IcedID, between May 2009 and February 2021. Vyacheslav Igorevich Penchukov (aka Vyacheslav Igoravich Andreev, father, and tank), 37, was arrested by Swiss...
Google open sources file-identifying Magika AI for malware hunters and others
Cool, but it's 2024 – needs more hype, hand wringing, and flashy staged demos to be proper ML Google has open sourced Magika, an in-house machine-learning-powered file identifier, as part of its AI Cyber Defense Initiative, which aims to give IT network defenders and...
Zeus, IcedID malware kingpin faces 40 years in slammer
Nearly a decade on the FBI’s Cyber Most Wanted List after getting banks to empty vics' accounts A Ukrainian cybercrime kingpin who ran some of the most pervasive malware operations faces 40 years in prison after spending nearly a decade on the FBI's Cyber Most Wanted...
CISA Warning: Akira Ransomware Exploiting Cisco ASA/FTD Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched security flaw impacting Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software to its Known Exploited Vulnerabilities (KEV) catalog, following...
CISA Urges Patching of Cisco ASA Flaw Exploited in Ransomware Attacks
CISA has added CVE-2020-3259, an old Cisco ASA vulnerability exploited by ransomware, to its KEV catalog. The post CISA Urges Patching of Cisco ASA Flaw Exploited in Ransomware Attacks appeared first on SecurityWeek.
Ukrainian Pleads Guilty in US to Key Role in Zeus, IcedID Malware Operations
Ukrainian national Vyacheslav Igorevich Penchukov has pleaded guilty to holding key roles in the Zeus and IcedID malware operations. The post Ukrainian Pleads Guilty in US to Key Role in Zeus, IcedID Malware Operations appeared first on SecurityWeek.
Spyware startup Variston is losing staff, some say it’s closing
Spyware startup Variston is losing staff, some say it’s closing Go to Source In July 2021, someone sent Google a batch of malicious code that could be used to hack Chrome, Firefox, and PCs running Windows Defender. That code was part...