Month: August 2024
Image: Midjourney The American Radio Relay League (ARRL) confirmed it paid a $1 million ransom to obtain a decryptor to restore systems encrypted in a May ransomware attack. After discovering the incident, the National Association for Amateur Radio took impacted systems offline to contain the breach. One month later, it said its network was hacked…
Read More
Google recruited Noam Shazeer in a funding and licensing deal. Google has named Noam Shazeer, the Character.AI CEO and co-founder recruited in a funding deal with the startup, as a technical lead on its Gemini artificial intelligence project, according to multiple media reports. The Mountain View, Calif.-based cloud and AI vendor will have Shazeer work…
Read More
Microsoft has provided a workaround to temporarily fix a known issue that is blocking Linux from booting on dual-boot systems with Secure Boot enabled. The company says this temporary fix can help Linux users revive unbootable systems displaying “Something has gone seriously wrong: SBAT self-check failed: Security Policy Violation” errors after installing the August 2024…
Read More
Microsoft has released a new Windows 10 22H2 beta (KB5041582) with memory leak and crash fixes for Insiders in the Beta and Release Preview channels. The company says the KB5041582 update fixes an issue causing some apps to stop because of a memory leak in a Bluetooth device and an Input Method Editor (IME) memory…
Read More
A wave of attacks that started in July 2024 rely on a less common technique called AppDomain Manager Injection, which can weaponize any Microsoft .NET application on Windows. The technique has been around since 2017, and multiple proof-of-concept apps have been released over the years. However, it is typically used in red team engagements and seldomly observed in…
Read More
Aug 23, 2024Ravie LakshmananMalware / Threat Intelligence Cybersecurity researchers have uncovered a never-before-seen dropper that serves as a conduit to launch next-stage malware with the ultimate goal of infecting Windows systems with information stealers and loaders. “This memory-only dropper decrypts and executes a PowerShell-based downloader,” Google-owned Mandiant said. “This PowerShell-based downloader is being tracked as…
Read More
The planned Sept. 10 event at Microsoft’s Redmond headquarters comes after the massive, unprecedented Windows outage in July caused by a faulty CrowdStrike update. Microsoft said Friday it has scheduled a Windows security event for September that will feature CrowdStrike, following the massive Windows outage in July caused by a faulty update from the cybersecurity…
Read More
Image: MidjourneyHalliburton, one of the world’s largest providers of services to the energy industry, has confirmed a cyberattack that forced it to shut down some of its systems earlier this week. “On August 21, 2024, Halliburton Company (the “Company”) became aware that an unauthorized third party gained access to certain of its systems,” the oil…
Read More
Introduction Welcome to the July 2024 installment of the Sensor Intelligence Series, our monthly summary of vulnerability intelligence based on distributed passive sensor data. Last month we observed a massive increase in scanning for CVE-2017-9841 as well as continued increases in scanning for CVE-2023-1389 and scanning for a newly discovered PHP vulnerability – CVE-2024-4577. This…
Read More
A developer that researchers now track as Greasy Opal, operating as a seemingly legitimate business, has been fueling the cybercrime-as-a-service industry with a tool that bypasses account security solutions and allows bot-led CAPTCHA solving at scale. Greasy Opal has been active for more nearly two decades and tailors its tools based on customers’ targeting needs.…
Read More