Category: AI in news
Feb 20, 2024NewsroomHacking / Cyber Espionage The North Korean state-sponsored threat actors have been attributed to a cyber espionage campaign targeting the defense sector across the world. In a joint advisory published by Germany’s Federal Office for the Protection of the Constitution (BfV) and South Korea’s National Intelligence Service (NIS), the agencies said the goal…
Read More
Feb 20, 2024NewsroomWebsite Security / PHP Code A critical security flaw in the Bricks theme for WordPress is being actively exploited by threat actors to run arbitrary PHP code on susceptible installations. The flaw, tracked as CVE-2024-25600 (CVSS score: 9.8), enables unauthenticated attackers to achieve remote code execution. It impacts all versions of the Bricks…
Read More
Some of the first phishing took place in the early 1990s when hackers used fake screen names to pose as AOL administrators and steal sensitive information via AOL Instant Messenger. Phishing really blew up in 2000, when an email with the subject line “ILOVEYOU” duped millions of people into clicking on an attachment loaded with…
Read More
Hackers backed by Iran and Hezbollah staged cyber attacks designed to undercut public support for the Israel-Hamas war after October 2023. This includes destructive attacks against key Israeli organizations, hack-and-leak operations targeting entities in Israel and the U.S., phishing campaigns designed to steal intelligence, and information operations to turn public opinion against Israel. Iran accounted…
Read More
Feb 20, 2024NewsroomDark Web / Cybercrime An international law enforcement operation has led to the seizure of multiple darknet domains operated by LockBit, one of the most prolific ransomware groups, marking the latest in a long list of digital takedowns. While the full extent of the effort, codenamed Operation Cronos, is presently unknown, visiting the…
Read MoreEU Court of Human Rights Rejects Encryption Backdoors The European Court of Human Rights has ruled that breaking end-to-end encryption by adding backdoors violates human rights: Seemingly most critically, the [Russian] government told the ECHR that any intrusion on private lives resulting from decrypting messages was “necessary” to combat terrorism in a democratic society. To…
Read More
Meta Platforms said it took a series of steps to curtail malicious activity from eight different firms based in Italy, Spain, and the United Arab Emirates (U.A.E.) operating in the surveillance-for-hire industry. The findings are part of its Adversarial Threat Report for the fourth quarter of 2023. The spyware targeted iOS, Android, and Windows devices.…
Read More
Vulnerable webmail servers seem to be a part of the general modus operandi the Russian hackers use for espionage campaigns. Previously in June 2023, another Russian state-sponsored cyber espionage group BlueDelta (aka FancyBear, APT28) was targeting vulnerable Roundcube installations across Ukraine and had also exploited CVE202323397, a critical zero-day vulnerability in Microsoft Outlook in 2022,…
Read More
Feb 19, 2024NewsroomMalware / Mobile Security The Android banking trojan known as Anatsa has expanded its focus to include Slovakia, Slovenia, and Czechia as part of a new campaign observed in November 2023. “Some of the droppers in the campaign successfully exploited the accessibility service, despite Google Play’s enhanced detection and protection mechanisms,” ThreatFabric said…
Read More
Microsoft recently released a security news update that addresses chilling reports that attackers have been able to pivot from a test tenant to the C suite to obtain access to emails being sent and received. In addition, it came to light that HPE’s corporate mailboxes had been accessed using a similar exploit. Both appear to…
Read More