Category: Kamban

Image: MidjourneyMicrosoft has released the September 2024 non-security preview update for Windows 10, version 22H2, with fixes for bugs causing Edge web browser freezes and media playback issues. Today’s optional cumulative update (KB5043131) is a maintenance release designed to allow Windows administrators to test fixes and improvements. This will ensure a more reliable user experience…

AutoCanada is warning that employee data may have been exposed in an August cyberattack claimed by the Hunters International ransomware gang. Although the firm says it has detected no fraud campaigns targeting impacted individuals, it is sending notifications to alert affected people of potential risks. In mid-August, the car dealership company disclosed that it had…

Image: MidjourneyArkansas City, a small city in Cowley County, Kansas, was forced to switch its water treatment facility to manual operations over the weekend to contain a cyberattack detected on Sunday morning. City officials have informed relevant authorities about the incident, and Homeland Security and FBI agents are investigating, as reported by local media. City…

The Centers for Medicare & Medicaid Services (CMS) federal agency announced earlier this month that health and personal information of more than three million health plan beneficiaries was exposed in the MOVEit attacks Cl0p ransomware conducted last year. The hackers stole the data after breaching the Wisconsin Physicians Service (WPS) health insurance corporation, which provided Medicare…

Infostealer malware developers released updates claiming to bypass Google Chrome’s recently introduced feature App-Bound Encryption to protect sensitive data such as cookies. App-Bound Encryption was introduced in Chrome 127 and is designed to encrypt cookies and stored passwords using a Windows service that runs with system privileges. This model does not allow infostealer malware, which runs with the…

In an email campaign targeting French users, researchers discovered malicious code believed to have been created with the help of generative artificial intelligence services to deliver the AsyncRAT malware. While cybercriminals have used generative AI technology to create convincing emails, government agencies have warned about the potential abuse of AI tools to creating malicious software, despite the safeguards…

CISA has tagged another critical Ivanti security vulnerability, which can let threat actors create rogue admin users on vulnerable Virtual Traffic Manager (vTM) appliances, as actively exploited in attacks. Tracked as CVE-2024-7593, this auth bypass flaw is caused by an incorrect implementation of an authentication algorithm that lets remote unauthenticated attackers circumvent authentication on Internet-exposed…

This article was written in collaboration with Varonis’ Nathan Coppinger and Mike Smith, Distinguished Security Architect at Salesforce. It covers how Salesforce Einstein Copilot’s security model works and the risks you must mitigate to ensure a safe and secure rollout. Salesforce is officially rolling out Einstein Copilot to eagerly-awaiting customers. This new conversational AI assistant will revolutionize how sales,…

A new version of the Octo Android malware, named “Octo2,” has been seen spreading across Europe under the guise of NordVPN, Google Chrome, and an app called Europe Enterprise. The new variant, analyzed by ThreatFabric, features better operational stability, more advanced anti-analysis and anti-detection mechanisms, and a domain generation algorithm (DGA) system for resilient command and…

Money transfer giant MoneyGram has confirmed it suffered a cyberattack after dealing with system outages and customer complaints about lack of service since Friday. While many suspected the company was hit by a cyberattack, it wasn’t until Monday morning that MoneyGram confirmed that a cybersecurity incident caused the systems outage. “MoneyGram recently identified a cybersecurity…