Month: March 2024
The US Cybersecurity & Infrastructure Security Agency (CISA) released 15 advisories covering serious vulnerabilities in industrial control products from Siemens, Mitsubishi Electric, Delta Electronics, and Softing Industrial Automation. Some of the flaws are rated with high and critical severity and can result in remote code execution. Eleven of the 15 advisories cover vulnerabilities in Siemens…
Read More
The United States Federal Trade Commission (FTC) has warned the public to be cautious if contacted by people claiming to be… FTC staff. In a warning published on its website, the FTC said that scammers were using its employees’ real names to steal money from consumers. A typical ruse will see the bogus FTC staffer…
Read More
Mar 20, 2024NewsroomDoS Attack / Network Security A novel denial-of-service (DoS) attack vector has been found to target application-layer protocols based on User Datagram Protocol (UDP), putting hundreds of thousands of hosts likely at risk. Called Loop DoS attacks, the approach pairs “servers of these protocols in such a way that they communicate with each…
Read More
Threats to the payment ecosystem in 2023 chiefly comprised of financial scams, with threat actors increasingly adopting AI technologies to stay at the top of their games, according to a VISA report. The top scams identified by the US-based payment card services operator included pig butchering, inheritance scams, humanitarian relief scams, and triangulation frauds. “The latest…
Read More
Are you using the same passwords in multiple places online? Well, stop. Stop right now. And make sure that you’ve told your friends and family to stop being reckless too. Because if you use the same login credentials in different places online, you’re behaving in a very risky way. If a cybercriminal breaches a system…
Read More
Multiple threat actors are exploiting the recently disclosed security flaws in JetBrains TeamCity software to deploy ransomware, cryptocurrency miners, Cobalt Strike beacons, and a Golang-based remote access trojan called Spark RAT. The attacks entail the exploitation of CVE-2024-27198 (CVSS score: 9.8) that enables an adversary to bypass authentication measures and gain administrative control over affected…
Read More
Mar 20, 2024The Hacker NewsArtificial intelligence / Webinar Did you know that 79% of organizations are already leveraging Generative AI technologies? Much like the internet defined the 90s and the cloud revolutionized the 2010s, we are now in the era of Large Language Models (LLMs) and Generative AI. The potential of Generative AI is immense,…
Read MoreCheating Automatic Toll Booths by Obscuring License Plates The Wall Street Journal is reporting on a variety of techniques drivers are using to obscure their license plates so that automatic readers can’t identify them and charge tolls properly. Some drivers have power-washed paint off their plates or covered them with a range of household items…
Read More
Mar 20, 2024NewsroomCybercrime / Financial Security Cybersecurity researchers have discovered an updated variant of a stealer and malware loader called BunnyLoader that modularizes its various functions as well as allow it to evade detection. “BunnyLoader is dynamically developing malware with the capability to steal information, credentials and cryptocurrency, as well as deliver additional malware to…
Read More
Privacy Given the unhealthy data-collection habits of some mHealth apps, you’re well advised to tread carefully when choosing with whom you share some of your most sensitive data 19 Mar 2024 • , 5 min. read In today’s digital economy there’s an app for just about everything. One area that’s booming more than most is…
Read More