Category: AI in news
Ukraine claims to have successfully hacked Russian military servers and gained access to highly sensitive information. According to an official statement from the Defence Intelligence of Ukraine, the hack has allowed Ukraine to gain possession of “the information security and encryption software” used by Russia’s Ministry of Defence (Minoborony), as well as secret documents, reports,…
Read More
Mar 06, 2024NewsroomCyber Crime / Ransomware The threat actors behind the BlackCat ransomware have shut down their darknet website and likely pulled an exit scam after uploading a bogus law enforcement seizure banner. “ALPHV/BlackCat did not get seized. They are exit scamming their affiliates,” security researcher Fabian Wosar said. “It is blatantly obvious when you…
Read More
Operational technology (OT) organizations face increasing challenges when it comes to cybersecurity. Manufacturing in particular has become a bigger target for bad actors; in fact, it was one of the sectors most impacted by extortion attacks, according to Palo Alto Networks’ 2023 Unit 42 Extortion and Ransomware Report. As Industry 4.0 continues to roll out,…
Read More
Apple is advising immediate patching against two critical zero-day vulnerabilities attackers are using to carry out memory corruption attacks on Apple devices. Tracked as CVE-2024-23225 and CVE-2024-23296, the vulnerabilities allow attackers with arbitrary kernel read and write capabilities to bypass kernel memory protections on iOS kernel and RTKit (Apple’s real-time operating system), respectively. “Apple is aware…
Read More
Chinese mini PC manufacturer ACEMAGIC (do I really have to write that in capitals? I hate it when companies name themselves like that…) has made life a bit more interesting for its customers, by admitting that it has also been throwing in free malware with its products. Yup, the PC maker has ‘fessed up to…
Read MoreSurveillance through Push Notifications The Washington Post is reporting on the FBI’s increasing use of push notification data—”push tokens”—to identify people. The police can request this data from companies like Apple and Google without a warrant. The investigative technique goes back years. Court orders that were issued in 2019 to Apple and Google demanded that…
Read More
Mar 06, 2024The Hacker NewsData Security / Cloud Security Every Google Workspace administrator knows how quickly Google Drive becomes a messy sprawl of loosely shared confidential information. This isn’t anyone’s fault; it’s inevitable as your productivity suite is purposefully designed to enable real-time collaboration – both internally and externally. For Security & Risk Management teams,…
Read More
Mar 06, 2024NewsroomSoftware Security / Vulnerability VMware has released patches to address four security flaws impacting ESXi, Workstation, and Fusion, including two critical flaws that could lead to code execution. Tracked as CVE-2024-22252 and CVE-2024-22253, the vulnerabilities have been described as use-after-free bugs in the XHCI USB controller. They carry a CVSS score of 9.3…
Read More
The cybercrime group called GhostSec has been linked to a Golang variant of a ransomware family called GhostLocker. “TheGhostSec and Stormous ransomware groups are jointly conducting double extortion ransomware attacks on various business verticals in multiple countries,” Cisco Talos researcher Chetan Raghuprasad said in a report shared with The Hacker News. “GhostLocker and Stormous ransomware…
Read More
Ensuring the enterprise is protected from vulnerabilities is a required function of security teams. It’s also a best practice for cyber insurance vendors and meeting compliance requirements. A popular evaluation test, the tabletop exercise, permits security teams and corporate management to select a threat and then run through the process of containing and remediating the…
Read More