๐ต๏ธโโ๏ธ Google Discovers Fourth Zero-Day in Less Than a Month ๐ต๏ธโโ๏ธ
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
The tech company has rolled out fixes for a type confusion vulnerability that has already been exploited by malicious actors.๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
Dark Reading
Google Discovers Fourth Zero-Day in Less Than a Month
The tech company has rolled out fixes for a type confusion vulnerability that has already been exploited by malicious actors.
๐ฆ
The Rust Revolution: New Embargo Ransomware Steps In ๐ฆ
๐ Read more.
๐ Via "CYBLE"
----------
๐๏ธ Seen on @cibsecurity
Key Takeaways Cyble Research Intelligence Labs CRIL identified a sample of Embargo ransomware, developed in Rust. The Threat Actors behind this ransomware are using double extortion tactics. We observed an instance where the ransomware group Initially demanded a 1 million ransom payment, threatening data leak and notifications to various parties upon nonpayment. The leak site User Interfaces of Embargo and ALPHV ransomware resemble each other. Additionally, the leak site of ALPHV ransomware was taken down by law enforcement in March 2024. The log generation structure of both the ransomware looks similar. Embargo, to date, has disclosed details of four victims globally. This ransomware Utilizes ChaCha20 and Curve25519 for file encryption and appends ".564ba1" ...๐ Read more.
๐ Via "CYBLE"
----------
๐๏ธ Seen on @cibsecurity
Cyble
The Rust Revolution: New Embargo Ransomware Steps In - Cyble
Cyble analyzes the Rust-based Embargo ransomware, investigating its operations and possible variants.
๐ Faraday 5.3.0 ๐
๐ Read more.
๐ Via "Packet Storm - Tools"
----------
๐๏ธ Seen on @cibsecurity
Faraday is a tool that introduces a new concept called IPE, or Integrated PenetrationTest Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to reuse the available tools in the community to take advantage of them in a multiuser way.๐ Read more.
๐ Via "Packet Storm - Tools"
----------
๐๏ธ Seen on @cibsecurity
Packetstormsecurity
Faraday 5.3.0 โ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
๐๏ธ Hackers Created Rogue VMs to Evade Detection in Recent MITRE Cyber Attack ๐๏ธ
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
The MITRE Corporation has revealed that the cyber attack targeting the notforprofit company towards late December 2023 by exploiting zeroday flaws in Ivanti Connect Secure ICS involved the actor creating rogue virtual machines VMs within its VMware environment. "The adversary created their own rogue VMs within the VMware environment, leveraging compromised vCenter Server access," MITRE.๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ Microsoft's 'Recall' Feature Draws Criticism From Privacy Advocates ๐ต๏ธโโ๏ธ
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
Despite Microsoft's reassurances, multiple security researchers describe the technology as problematic for users and their organizations.๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
Darkreading
Microsoft's 'Recall' Feature Draws Criticism From Privacy Advocates
Despite Microsoft's reassurances, multiple security researchers describe the technology as problematic for users and their organizations.
๐ต๏ธโโ๏ธ AI Voice Generator App Used to Drop Gipy Malware ๐ต๏ธโโ๏ธ
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
Users get duped into downloading malicious files disguised to look like an application that uses artificial intelligence to alter voices.๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
Dark Reading
AI Voice Generator App Used to Drop Gipy Malware
Users get duped into downloading malicious files disguised to look like an application that uses artificial intelligence to alter voices.
๐งจ Deepfake Drama: How Gwyneth Paltrow Became the Latest Target in AI Deception ๐งจ
๐ Read more.
๐ Via "McAfee"
----------
๐๏ธ Seen on @cibsecurity
As technology advances, so do the methods used by cybercriminals to spread misinformation and scams. One of the most concerning... The post Deepfake Drama How Gwyneth Paltrow Became the Latest Target in AI Deception appeared first on McAfee Blog.๐ Read more.
๐ Via "McAfee"
----------
๐๏ธ Seen on @cibsecurity
McAfee Blog
Deepfake Drama: How Gwyneth Paltrow Became the Latest Target in AI Deception | McAfee Blog
As technology advances, so do the methods used by cybercriminals to spread misinformation and scams. One of the most concerning developments in recent
๐ Mandatory reporting for ransomware attacks? โ Week in security with Tony Anscombe ๐
๐ Read more.
๐ Via "ESET - WeLiveSecurity"
----------
๐๏ธ Seen on @cibsecurity
As the UK mulls new rules for ransomware disclosure, what would be the wider implications of such a move, how would cyberinsurance come into play, and how might cybercriminals respond?.๐ Read more.
๐ Via "ESET - WeLiveSecurity"
----------
๐๏ธ Seen on @cibsecurity
Welivesecurity
Mandatory reporting for ransomware attacks? โ Week in security with Tony Anscombe
As the UK mulls mandatory reporting for ransomware attacks, what would be the wider implications of such a move, how would cyber-insurance come into play, and how might cybercriminals respond?
๐2
๐๏ธ Experts Find Flaw in Replicate AI Service Exposing Customers' Models and Data ๐๏ธ
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
Cybersecurity researchers have discovered a critical security flaw in an artificial intelligence AIasaservice provider Replicate that could have allowed threat actors to gain access to proprietary AI models and sensitive information. "Exploitation of this vulnerability would have allowed unauthorized access to the AI prompts and results of all Replicate's platform customers,".๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ 6 Facts About How Interpol Fights Cybercrime ๐ต๏ธโโ๏ธ
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
So you think you know Interpol? Here are some key details of how this international law enforcement entity disrupts cybercrime worldwide.๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
Dark Reading
6 Facts About How INTERPOL Fights Cybercrime
So you think you know INTERPOL? Here are some key details of how this international law enforcement entity disrupts cybercrime worldwide.
๐๏ธ Pakistan-linked Hackers Deploy Python, Golang, and Rust Malware on Indian Targets ๐๏ธ
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
The Pakistannexus Transparent Tribe actor has been linked to a new set of attacks targeting Indian government, defense, and aerospace sectors using crossplatform malware written in Python, Golang, and Rust. "This cluster of activity spanned from late 2023 to April 2024 and is anticipated to persist," the BlackBerry Research and Intelligence Team said in a technical report.๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ฆฟ Learn how to Protect your Business with this $30 Cybersecurity Training ๐ฆฟ
๐ Read more.
๐ Via "Tech Republic"
----------
๐๏ธ Seen on @cibsecurity
This extensive bundle includes eight courses from leading instructors covering certification exams from CompTIA and Cisco to set you up for success.๐ Read more.
๐ Via "Tech Republic"
----------
๐๏ธ Seen on @cibsecurity
TechRepublic
Learn how to Protect your Business with this $30 Cybersecurity Training
This extensive bundle includes eight courses from leading instructors covering certification exams from CompTIA and Cisco to set you up for success.
๐๏ธ New Tricks in the Phishing Playbook: Cloudflare Workers, HTML Smuggling, GenAI ๐๏ธ
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
Cybersecurity researchers are alerting of phishing campaigns that abuse Cloudflare Workers to serve phishing sites that are used to harvest users' credentials associated with Microsoft, Gmail, Yahoo!, and cPanel Webmail. The attack method, called transparent phishing or adversaryinthemiddle AitM phishing, "uses Cloudflare Workers to act as a reverse proxy server for a.๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐1
๐๏ธ Moroccan Cybercrime Group Steals Up to $100K Daily Through Gift Card Fraud ๐๏ธ
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
Microsoft is calling attention to a Moroccobased cybercrime group dubbed Storm0539 that's behind gift card fraud and theft through highly sophisticated email and SMS phishing attacks. "Their primary motivation is to steal gift cards and profit by selling them online at a discounted rate," the company said in its latest Cyber Signals report. "We've seen some examples where.๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Report: The Dark Side of Phishing Protection ๐๏ธ
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
The transition to the cloud, poor password hygiene and the evolution in webpage technologies have all enabled the rise in phishing attacks. But despite sincere efforts by security stakeholders to mitigate them through email protection, firewall rules and employee education phishing attacks are still a very risky attack vector. A new report by LayerX explores the state of.๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ฆฟ SentinelOne vs Palo Alto: Compare EDR software ๐ฆฟ
๐ Read more.
๐ Via "Tech Republic"
----------
๐๏ธ Seen on @cibsecurity
Compare the key features of two EDR tools SentinelOne's Singularity XDR and Palo Alto's Cortex XDR.๐ Read more.
๐ Via "Tech Republic"
----------
๐๏ธ Seen on @cibsecurity
TechRepublic
SentinelOne vs Palo Alto: Compare EDR software
Compare the key features of two EDR tools, SentinelOne's Singularity XDR and Palo Alto's Cortex XDR, to choose the right solution for you.
๐ฆฟ Get 9 Courses on Ethical Hacking for Just $50 ๐ฆฟ
๐ Read more.
๐ Via "Tech Republic"
----------
๐๏ธ Seen on @cibsecurity
Kickstart a lucrative career in pentesting and ethical hacking with this ninecourse bundle from IDUNOVA, now on sale for just 49.99 for a limited time.๐ Read more.
๐ Via "Tech Republic"
----------
๐๏ธ Seen on @cibsecurity
TechRepublic
Get 9 Courses on Ethical Hacking for Just $50
Kickstart a lucrative career in pentesting and ethical hacking with this nine-course bundle from IDUNOVA, now on sale for just $49.99 for a limited time.
๐ข WithSecure Sphere 2024 live: All the news and updates as they happen ๐ข
๐ Read more.
๐ Via "ITPro"
----------
๐๏ธ Seen on @cibsecurity
ITPro is live on the ground in Helsinki for WithSecure SPHERE 2024 follow all the news, updates, and announcements as they happen.๐ Read more.
๐ Via "ITPro"
----------
๐๏ธ Seen on @cibsecurity
IT Pro
WithSecure Sphere 2024 live: All the news and announcements from day-two
Stay up to date with the latest updates and announcements from the day-two keynote at WithSecure SPHERE24, live from Helsinki.
๐2
๐๏ธ WordPress Plugin Exploited to Steal Credit Card Data from E-commerce Sites ๐๏ธ
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
Unknown threat actors are abusing lesserknown code snippet plugins for WordPress to insert malicious PHP code in victim sites that are capable of harvesting credit card data. The campaign, observed by Sucuri on May 11, 2024, entails the abuse of a WordPress plugin called Dessky Snippets, which allows users to add custom PHP code. It has over 200 active installations.๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ TP-Link Gaming Router Vulnerability Exposes Users to Remote Code Attacks ๐๏ธ
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
A maximumseverity security flaw has been disclosed in the TPLink Archer C5400X gaming router that could lead to remote code execution on susceptible devices by sending specially crafted requests. The vulnerability, tracked as CVE20245035, carries a CVSS score of 10.0. It impacts all versions of the router firmware including and prior to 11.1.6. It has .๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ #Infosec2024: Why Human Risk Management is Cybersecurity's Next Step for Awareness ๐
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
With most cyberattacks still involving a nonmalicious human element, it is clear that awareness training alone is insufficient, this is where human risk management comes into play.๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
Infosecurity Magazine
#Infosec2024: Why Human Risk Management is Cybersecurity's Next Step for Awareness
With most cyber-attacks still involving a non-malicious human element, it is clear that awareness training alone is insufficient, this is where human risk management comes into play