Leading U.S. bank confirms cyber attack
June 17th – One of the top 10 largest commercial banks in the United States, Truist Bank, has confirmed that its systems were breached in a cyber attack. The incident is concerning in that an unauthorized party gained access to sensitive data and has since attempted to sell it on the dark web.It's all in the details...The...
Hackers target rare earth miners
June 14 – A prominent player in Australia's rare earths mining sector, IIuka Resources Limited (ASX: ILU), recently thwarted a cyber attack. While hackers were unable to bypass the firm's cyber security mechanisms, the attackers planned to deface the company's website.Attackers may have also intended to access internal systems. However, systems remain fully in-tact and no loss...
Malware campaign targeting job seekers
June 12 – Dubbed WarmCookie, this threat provides cyber attackers with initial access into targeted systems. Once in systems, attackers frequently launch ransomware attacks.How the campaign worksCyber attackers begin by sending victims phishing emails. These emails contain information about new job opportunities and attempt to convince interested parties to click on links to see role descriptions.As you’ve...
Tech giants tackle hospital cyber crisis
June 10th — Earlier today, Microsoft and Google announced the launch of low cost and no cost cyber security services for vulnerable, rural American hospitals.Eligible rural hospitals will receive free security updates, cyber security assessments and cyber security awareness training for hospital staff, as provided by Microsoft.Google is has committed to starting a pilot program that matches...
Snowflake’s infostealing malware incident
June 7th — Since Australian authorities sounded the alarm last week, cloud storage and data analysis company Snowflake has been at the center of a data theft debacle. Evidently, cyber criminals successfully compromised several businesses that depend on Snowflake environments.Via the cyber breaches, criminals allegedly obtained records belonging to major organizations; from big banks, to pharmaceutical conglomerates,...
Cyber attack hits major London hospitals
June 5th – On Monday, hospitals in London declared a major IT incident, which proved to be a ransomware attack.In the immediate aftermath, memos were sent to the staff at King’s College hospital, Guy’s and St Thomas’ (including the Royal Brompton and Evelina London children’s hospital) and primary care service providers across London.The issue stemmed from a...
Poland’s $760M cyber security overhaul
June 3rd – Poland has announced that it will spend over 3 billion zlotys ($760 million) on cyber security, following an unprecedented nation-state cyber attack.Krzysztof Gawkowski, Deputy Prime Minister of Poland, says that “Today, Poland is on the frontline of the cyber fight…”European parliament elections are to be held in Poland on Sunday and authorities are concerned...
Authorities take down major malicious botnet
May 30th – International law enforcement has removed a major botnet network from the internet. It was linked to large-scale cyber attacks, along with bomb threats, export violations and child exploitation.Investigators believe that the botnet network has infected over 19 million IP addresses, including 613,841 IP addresses that are based in the U.S.The primary operator is believed...
May 28th – Earlier this month, OpenAI launched ChatGPT-4o, a more advanced version of the 4.0 model. This latest model can process audio, visuals and text in real-time. It’s available to all users for free, although the service does have some limitations.In relation to cyber security, experts advise cyber security professionals to temper expectations surrounding any profound...
Cloud incidents drive AI-powered prevention
May 17th -- In the past year, 61% of organizations have reported experiencing cloud security breaches, an increase of nearly 40% over the prior year's numbers, according to Check Point's 2024 Cloud Security Report.The report, based on responses from over 800 cloud and cyber security professionals, indicates that most organizations prioritize threat detection and monitoring over prevention,...
School studies suspended due to cyber attacks
May 15th -- Cyber attacks are affecting schools and causing widespread disruption. In recent months, they've led to cancelled lessons, limited learning, long lunchtime queues, and operational upsets, including the inability to complete homework online.According to recent data from the U.K's Information Commissioner's Office (ICO), there were 347 cyber incidents reported in the U.K's education sector in...
Sophisticated cyber criminal network exploits OTPs
May 13th – Since mid-2023, the Estate cyber crime group, operating out of the Netherlands, has orchestrated waves of ferocious cyber attacks that are executed via a combination of social engineering and one-time passcode (OTP) exploitation.When a person (victim) inputs the OTP, attackers engage in crippling theft that can leave an individual permanently deprived of the funds...
LLM cyber threats loom large
May 9th -- A recent study by a threat research team has revealed a new cyber attack type called "LLMjacking." This attack type targets cloud-hosted large language models (LLM) services through the use of stolen cloud credentials.In contrast with previous discussions of LLM-based AI system threats, which have largely focused on prompt abuse and data manipulation, this...
New U.S. global cyber strategy
May 6th -- The U.S. State Department has announced the development of a new global cyber security strategy. The objective is to foster international cooperation around the prevention of nation-state hacking, the safe development of artificial intelligence and other urgent cyber space-related concerns.Secretary of State Antony Blinken is due to present the plan at the RSA Conference...
U.S. gov’t releases AI threat prevention resources
May 1st -- In the U.S., the Department of Homeland Security (DHS) has released new resources that are intended to help address emerging threats posed by artificial intelligence.The resources include guidelines that focus on reducing AI risks to critical infrastructure. The guidelines aim to limit AI misuse during the development and production of chemical, biological, radiological and...
Voter registration system taken offline due to breach
April 29 -- In the U.S. state of Georgia, Coffee County experienced a cyber incident that prompted officials to temporarily sever computer access to statewide election systems.Earlier this month, the Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA) informed the County of unusual cyber activity on its IT infrastructure.What happenedClose inspection revealed...
Zero trust strategies gaining popularity
April 26 – An increasing number of businesses are turning to zero trust in order to enhance cyber security. This approach reflects a shift away from traditional perimeter-based security models and towards a more comprehensive and proactive security framework.With zero trust, organizations aim to verify and authenticate every user and device that attempts to access their network,...
Alarm over North Korea’s cyber attacks
April 24th -- According to authorities in Seoul, North Korean hackers have conducted sweeping cyber attacks against South Korean defense firms. The attacks have prompted warnings for the industry, which urge organizations to take additional cyber security measures.What happenedReports say that cyber adversaries infiltrated 83 different companies. Sensitive data from at least six different computers was siphoned...
NSA guidance on deploying AI systems securely
April 22 -- The U.S. National Security Agency, in collaboration with six government agencies from the U.S. and other Five Eyes countries, has released new guidance on the secure deployment of AI systems.Published on April 15th, the corresponding publication from the NSA's Artificial Intelligence Security Center (AISC), is a landmark document. The guidance is structured around three...
Akira ransomware: $42M from 250+ victims
April 19th -- A recent joint advisory from the FBI, CISA, Europol's European Cybercrime Center (EC3) and the Netherlands' National Cyber Security Centre (NCSC-NL) highlights the extensive impact of the Akira ransomware operation on organizations worldwide.Since its emergence in March of 2023, Akira has breached the networks of over 250 organizations, amassing approximately $42 million in ransom...
Paris Olympics braces for cyber attacks
April 17th -- Olympic organizers are bracing for a surge in cyber attacks during this year's Summer Games, due to take place in Paris. Officials expect millions of hacking attempts, some of which are liable to target critical systems.Cyber attacks could cause minor inconveniences (e.g., ticketing delays) or major reputational damage (e.g., empty stadiums). Nation-state backed attempts...
Telegram addresses zero-day vulnerability in Windows app
April 15th -- Telegram recently took swift action to account for a critical zero-day vulnerability that was discovered within its Windows desktop application. This vulnerability posed a significant threat, as it allowed for the automatic launch of Python scripts.It's all in the details...Initially, rumors circulated regarding a potential remote code execution (RCE) flaw within Telegram for Windows....
Russian hackers breach government emails
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that Russian government-backed hackers exploited vulnerabilities in Microsoft’s email system to steal sensitive correspondence between officials and the tech company. This alarming breach was highlighted in an emergency directive issued by CISA on April 2.According to the directive, the hackers utilized stolen authentication details shared via email...
iPhone users hit with mercenary spyware attacks
Apple has issued a warning to iPhone users across the world about an alarming cyber attack. This highly advanced attack, known as “mercenary spyware,” has affected users in at least 92 countries, including India. Unlike typical cyber criminal activity, these attacks don’t focus on average users seeking personal information. Instead, they specifically target high-profile individuals such as...
Sophisticated Phishing Campaign Targets Latin America
In a concerning development, cyber criminals have shifted their focus to the Latin American region, deploying a highly targeted phishing scheme. According to researcher Karla Agregado, this campaign employs a clever tactic: phishing emails containing ZIP file attachments. When recipients unzip these files, they discover an HTML file that appears innocuous but actually leads to a malicious...
Insider threat exposes open-source vulnerability
Last month, German software developer Andres Freund, who works for Microsoft, was conducting detailed performance tests when he noticed suspicious behavior in a little-known open-source program called XZ Utils.Freund's investigation revealed a disturbing discovery: the latest version of XZ Utils had been deliberately sabotaged by one of its developers, a move that could have created a secret...
Omni hotels experiences nationwide IT outage
April 3rd – Since Friday, the Omni Hotels and Resorts chain, which owns more than 50 different properties across the United States, Canada and Mexico, has been experiencing a widespread system outage.While the company’s website was initially rendered inaccessible by the outage, it has since been restored with a prominent alert warning visitors of “technical difficulties” due...
Hundreds rescued from cyber scam factories
April 1st – The Indian government has rescued 250 citizens who were entrapped and forced to engage in illegal cyber activities in Cambodia.Reports show that the individuals were offered seemingly legitimate job placements, but upon arriving in the country, were corralled, entrapped and used for forced labor.What’s happening Official documentation indicates that more than 5,000 Indians have...
Elon Musk’s new chatbot
March 29th – X, the social networking service owned by Elon Musk, has introduced a new conversational AI-based chatbot, known as Grok. In contrast with mild-mannered and neutral-tone chatbots like ChatGPT or Microsoft AI Copilot, Grok exhibits a more unconventional demeanor.Its responses are often delivered in a candid and informal style, occasionally employing extremely colloquial language. For...
Watchdog suspends controversial Worldcoin project
March 27th – The Portuguese data protection authority has ordered Worldcoin, a controversial project aiming to create a global digital identity system, to temporarily halt collection of biometric data from Portuguese citizens.The National Data Protection Commission (CNPD) announced the suspension on March 26th, citing concerns over Worldcoin’s unauthorized data gathering, including data collection from minors.About WorldcoinWorldcoin, founded...
GoFetch: Apple’s Cryptographic Keys at Risk
March 25th – A new security vulnerability called “GoFetch” has been discovered. It affects Apple’s M1, M2 and M3 processors. The vulnerability can be exploited to steal secret cryptographic keys stored in the CPU’s cache memory.The attack leverages a feature called data memory-dependent prefetchers (DMPs), which are present in modern Apple CPUs. DMPs are designed to improve...
CISA and FBI warn about DDoS attacks
March 22nd - The U.S Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI) and Multi-State Information Sharing and Analysis Center (MS-ISAC) have jointly released an advisory to provide government groups with guidance around defending against Distributed Denial of Service (DDoS) attacks.These attacks aim to disrupt ordinary web traffic by overwhelming target systems with massive...
Water sector cyber security threats
March 20th – In the U.S., the White House has issued an urgent warning to state leaders, highlighting the occurrence of “disabling” cyber attacks targeting water systems nationwide.In a joint letter, the White House and the Environmental Protection Agency (EPA) have invited state officials to a meeting scheduled for Thursday. The purpose of the gathering is to...
StopCrypt unleashes stealthy new variant that evades detection
March 18th -- One of the most prevalent ransomware groups of 2023, known as StopCrypt, has revealed its new ransomware variant, which leverages sophisticated evasion tactics.This StopCrypt development was brought to light last week. According to a new report, the ransomware family has become more common than LockBit. In contrast with other ransomware groups, StopCrypt typically targets...
Alabama under siege, DDoS disruption
March 15th – For cyber security professionals who are defending the state of Alabama’s networks, the last couple of weeks have translated to a trial-by-fire. The state has found itself in the crosshairs of a number of cyber attacks that have crippled systems and disrupted critical infrastructure operations for government agencies.The trouble began on March 6th, when...
French government hacked, shocking data breach
March 13th – In recent weeks, multiple French government departments have been targeted by sophisticated cyber attacks. These breaches have compromised sensitive data and systems, exposing vulnerabilities within the digital infrastructure of the French government.According to reports from French cyber security agencies, the attacks affected several ministries. Hackers were able to gain unauthorized access to internal networks...
HP’s firmware now prevents quantum hacks
March 11th – Quantum computers may bring transformative capabilities to organizations, especially those dealing with specific, complex computational challenges. But they also introduce a certain level of risk.Hewlett Packard has launched what it’s calling the world’s first business-grade PCs, which are designed to protect firmware from quantum-based cyber attacks.Preventing quantum hacksDevices will be upgraded with HP’s Endpoint...
CISA aims to prevent next Log4Shell by…
March 8th – CISA intends to bring agencies, industry, regulators and the open source community closer together for the purpose of better securing the open source ecosystem.The agency announced its commitment to this effort during a two-day summit on open source software (OSS) security, where director Jen Easterly emphasized the role of open source code in critical...
Cloud storage budgets EMEA, busted by fees
March 6th – In Europe, cloud storage costs have taken an outsized bite from budgets, with usage fees eating up a significant portion of allocated resources. More than 50% of EMEA-based firms spent more than intended on cloud storage in 2023.Nonetheless, according to new research, many EMEA organizations are looking to expand cloud storage portfolios. Due to...
North Korea breaks into South Korean chip firms
March 4th – As North Korea looks to upgrade its semiconductor programs for weapon development purposes, several North Korean hacking groups appear to have infiltrated at least two different South Korean chip manufacturing entities.The news follows an announcement by South Korean President Yoon Suk Yeol, which warned that North Korea may attempt to stage provocations – in...
Ransomware takedowns, they’re not working
February 29th – Last year, ahead of the Christmas holiday, the U.S. Federal Bureau of Investigation (F.B.I) ran an international operation intended to squelch the notorious hacking group known as BlackCat or ALPHV.The hacking group is known for operating on a Ransomware-as-a-Service (RaaS) model, and it has also been ranked as the second-most active organized ransomware group...
NCSC warns of new TTPs employed by APT 29
February 27th – A recent advisory from the U.K. National Cyber Security Centre (NCSC) and international partners highlights the recently developed tactics, techniques and procedures (TTPs) used by APT 29 (also known as Midnight Blizzard, the Dukes or Cozy Bear).The U.S. National Security Agency (NSA), the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the U.S. Cyber National...
New tactics adopted by SolarWinds hackers
February 26th -- Western officials have warned that the cyber spies responsible for the 2019 SolarWinds breach are altering their methods and preparing to infiltrate organizations that have transitioned their networks to the cloud.In the past, cloud hosting has presented a challenge for hackers, as it has significantly diminished the attack surface, limiting hackers' capacity to exploit...
Wireless chargers inject voice commands, damage phones
February 22nd – The ‘VoltSchemer’ attacks involve injecting voice commands into a smartphone’s voice assistant using the magnetic field emitted by a standard wireless charger.VoltSchemer can cause physical damage to a phone and can generate intense heat, potentially resulting in temperatures in excess of 500F (260C), which may also affect nearby items.How it worksVoltSchemer is an attack...
‘Most Wanted’ pleads guilty to cyber attacks
February 20th – In a U.S. federal court, a man has plead guilty to taking a leadership role in two different cyber attacks that resulted in tens of millions of dollars in losses and that temporarily prevented a Vermont hospital from functioning correctly.Although the attacks occurred more than three years ago, the impact has been felt for...
Game-changing AI video tool by OpenAI
February 16th – The artificial intelligence company OpenAI has given the world a preview of a new AI tool that, if given a simple text prompt, can generate beautiful, high-quality 60-second videos. The new tool has been dubbed Sora.“We’re teaching AI to understand the physical world in motion, with the goal of training models that help people...
Biden audio deepfakes alarm experts
February 14th – Last month, deepfake robocalls that impersonated U.S. President Joe Biden raised alarm among government officials.In the state of New Hampshire, an AI version of Biden encouraged voters not to go to the polls in order to vote this year.Statement authThe emergence of these robocalls, combined with a general rise in deepfakes and AI-based content,...
U.S. offers $10M for Hive ransomware intel
February 12th – Hive ransomware operators have extorted more than $100 million from thousands of victim organizations. Affected sectors include healthcare, education, finance, and critical infrastructure.The group first emerged in 2021. In November of 2023, cyber security researchers discovered that a new ransomware group, known as Hunters International, had obtained the source code and infrastructure from Hive...
Raspberry Robin malware adopts new stealth tactics
February 9th – The malware family identified as Raspberry Robin is back, with new and innovative methods that facilitate higher levels of unauthorized privilege access than previously.According to Check Point Researchers, Raspberry Robin has introduced two new 1-day Local Privilege Escalation (LPE) exploits, indicating either access to a dedicated exploit developer or a high level of potential...
Mozilla scrubs leaked personal info, for a fee
February 7th — Mozilla has recently launched a new paid service that automatically monitors data and removes people's private info from the web. The service is known as Mozilla Monitor Plus, and is an extension of the Mozilla Monitor (formerly Firefox Monitor) service, which provides information around email address compromises.Mozilla Monitor Plus The new data service aims...
U.S. proposes cyber security agriculture bill
January 31 -- Two U.S. Senators have introduced a bipartisan bill that's intended to strengthen cyber security in the food and agriculture sector. The new bill is known as the Farm and Food Cybersecurity Act.The legislation, proposed by Senators Kirsten Gillibrand (D-NY) and Tom Common (R-AR), targets the identification of cyber security vulnerabilities in agriculture, enhancing cyber...
CI/CD at risk, critical Jenkins bug
January 29th -- Software developers are advised to promptly update their Jenkins servers in response to the discovery of a critical vulnerability, CVE-2024-23897.This vulnerability could potentially allow unauthorized attackers, even those without specific permissions, to read arbitrary files on the Jenkins controller file system.Jenkins, a widely used open-source automation server in the Continuous Integration and Continuous Deployment...
Hospital faces class action lawsuit over cyber attack
January 24th – In the U.S. state of Massachusetts, Anna Jacques Hospital experienced a shutdown of its electronic record systems and networked computers late last year.The attack forced administrators to redirect ambulances to other hospitals until service was restored two days later.A ransomware extortion group known as Money Message publicly admitted that it catalyzed the breach. Neither...
23andMe blames customers for data breach
January 22nd – The DNA testing company 23andMe recently made headlines on account of two data breaches that exposed highly sensitive genomics data belonging to millions of customers.In an unprecedented move, the company blamed breach victims, telling them that the theft of data is their own fault. The ‘customer-is-at-fault’ position is based on the idea that customers...
FBI warns against Androxgh0st botnet
January 18th – The U.S. Federal Bureau of Investigation (FBI), in partnership with the Cybersecurity and Infrastructure Security Agency (CISA), has issued an urgent advisory regarding the Androxgh0st botnet.This botnet is actively targeting platforms like AWS, SendGrid and Microsoft Office 365 in order to illicitly acquire cloud credentials.Androxgh0st botnetThe Androxgh0st botnet first emerged in 2022. It’s a...
OpenAI GPT store, open for business
January 16th – OpenAI has finally launched its much anticipated GPT store. The company intended to open the GPT Store in November, but plans were delayed on account of internal company events.The store expands ChatGPT’s potential applications and broadens OpenAI’s ecosystem beyond its current offerings. Effectively, the store will operate as a marketplace for AI tools.The GPT...
Taiwanese gov’t facing 5M cyber attacks per day
January 12th – Just days ahead of a critical presidential election, Taiwan has battled an alarming number of cyber attacks. The interference has, reportedly, been quite sophisticated.Taiwanese government agencies alone are contending with an estimated five million cyber attacks per day. Attacks have also been carried out against the country's technology and critical infrastructure entities, with exact...
Lawsuit reveals weakness in iOS 16
January 10th – In Moscow, a lawsuit filed by Russian company Elcomsoft alleges that competitor MKO-Systems stole code that can reach into the depths of iOS 16 devices to extract information.The code can grab hidden passwords, locations, browsing history and other data. Elcomsoft states that its law enforcement clients find this software tool useful when trying to...
Beirut airport screens hijacked by cyber criminals
January 8th – Over the weekend, Beirut International Airport’s information display screens were hacked by domestic anti-Hezbollah groups.Where departure and arrival information would ordinarily be listed, a message accused Hezbollah of putting Lebanon at risk of an all-out war with Israel, which the message writers didn't want.Beirut International Airport attackThe message on airport monitors read, “Hassan Nasrallah,...
Cyber criminals take over gold accounts on X
January 4th – On the social media platform X, formerly known as Twitter, a gold badge indicates that the service has independently verified the account as owned by a celebrity or an organization.The gold badge system was introduced last year as a paid option to help individuals and organizations show account authenticity. It’s the high-profile and business...
New Year’s resolutions for cyber security
January 2nd – Fortunately, your cyber security isn’t trying to lose 100 lbs in 3 months.Unfortunately, cyber threats are escalating, and organizations do need to take more action in order to protect data and the people to whom it belongs. As the new year unfolds, seize the opportunity to elevate your organization’s cyber security.Be sure to set...
Update Chrome to get new safety features
Dec. 28 – Chrome's latest version includes a 'safety check' tool, which is designed to notify users of malicious activity and to help free up the browser's memory.When a user's stored passwords have been compromised in a known breach, the tool offers up an alert. It also scans recently installed extensions to identify any software that may...
Data breach affects CBS and Paramount
Dec. 26 – Private media giant National Amusem*nts, which owns Paramount and CBS, has reported a data breach. The company is legally required to file a report with Maine’s attorney general. The breach occurred in December of 2022, but only came to light recently.The stolen informationHackers parsed personal information belonging to 82,128 people. Affected individuals began to...
U.S. and A.U. warn of Play ransomware threat
Dec 20th – Since June of 2022, the Play ransomware group has conducted 300 successful cyber attacks, according to a joint advisory published by the U.S. and Australian governments.The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA) and Australian Signals Directorate’s (ASD) Australian Cyber Security Centre (ACSC), have warned that the group has targeted...
MongoDB customer data exposed
Dec. 18th – Data management giant MongoDB works with over 46,000 enterprises, including Adobe, eBay, Verizon and the U.K.’s Department for Work and Pensions.In the last day, MongoDB has shared that a breach in corporate systems exposed customer data, including metadata and contact information. For one customer alone, this included system log data. The company has found...
Prince Harry wins damages over phone hack
Dec. 15th – Several years ago, Prince Harry fell prey to phone hacking, as determined by a London High Court judge. The editors of the Daily Mirror, Sunday Mirror and Sunday People were found to have known of the spyware installation, but seemingly stayed silent on the matter.Key facts U.K. tabloids intentionally hacked Prince Harry’s phone Prince...
Nation-state actors burrow into critical systems
Dec. 13th – U.S. government officials and cyber security experts are concerned about recent nation-state backed attempts to infiltrate critical infrastructure, including American power, water, and transportation systems.Cyber criminals who appear to be affiliated with China have wormed their way into computer systems belonging to roughly two dozen critical infrastructure organizations across the past year.It is believed...
18 malicious mobile apps downloaded 12M times
Dec 11th – At least 18 malicious financial services apps have been downloaded from the Google Play store over 12 million times in the last year alone. These malicious apps steal personal data from devices, including device info, call logs, installed apps, calendar events, local Wi-Fi network details, metadata from images and more.The cyber security community has...
Nation-state attacks target U.K. officials
Dec. 8th – The United Kingdom has made allegations against Russia’s Security Service regarding a sustained cyber hacking campaign. The campaign is said to have targeted U.K. politicians and other public figures.“We will continue to work together with our allies to expose Russian covert cyber activity and hold Russia to account for its actions,” said former Prime...
Breach hits 60 U.S. credit unions
Dec. 6th – In the wake of a ransomware attack, nearly 60 credit unions across the U.S. are contending with breach fallout.Credit union disruptionsThe National Credit Union Administration is in communication with affected entities, and an investigation is ongoing.Among the organizations significantly impacted by ransomware-related outages is New York-based Mountain Valley Federal Credit Union, although member data...
U.S. confirms cyber attack on water facility
Dec. 4th – Around the world, water suppliers have been urged to upgrade their cyber security measures, after at least one U.S. operator experienced a breach via its industrial control systems, last week.In the wake of the attack, after the facility’s Unitronics programmable logic controllers (PLCs) were compromised, systems were taken offline and the facility switched to...
Social engineers target Booking.com customers
Dec. 1 – Travel planners beware. A novel social engineering campaign, in operation for the last 12 months, targets both hotel employees and Booking.com customers.How it worksTo gain initial access to Booking.com hotel credentials, cyber attackers deploy the Vidar infostealer. In the process, the scam targets hotel front-desk staff, who need to download malicious content in order...
Amazon announces new AI image generator at AWS re:Invent
November 29th – As many Cyber Talk readers know, Amazon organizes the annual AWS re:Invent conference, where it makes announcements, launches exciting new products, unveils new product features and releases new tools.The premiere event is currently in underway in Las Vegas. Early this morning, Amazon debuted its new Titan Image Generator, which is now available in preview...
Police departments issue iOS 17 warning
November 27th – Local police departments have issued privacy warnings around Apple’s recent iOS 17 update for iPhones. The update includes a feature called “NameDrop” that allows for contact information to be shared — a little too easily.Users can share contact information simply by situating the phones in close proximity to one another. Nothing needs to be...
Fortune 500 company shuts down network
November 22 – A prominent Fortune 500 company specializing in title insurance and settlement services for the real estate sector, disclosed a cyber security incident critical computer systems.The company initiated an investigation, informed law enforcement, and implemented measures to assess and contain the situation.As a result, disruptions occurred in services related to title insurance, escrow, and mortgage...
North American grid prepares for cyberattacks
November 20 - The North American Electric Reliability Corp (NERC) announced that it has completed a two-day simulation with power sector companies to test their emergency response and recovery plans for physical and cyber security attacks.Recently, agencies have uncovered plots against power infrastructure and electric substations in various parts of the country. In light of this, NERC...
U.S. Agencies Warn of Gen Z Cybercrime Ecosystem
November 17 - U.S. cyber security and intelligence agencies have issued a joint advisory on the cybercriminal group known as Scattered Spider – a group notorious for carrying out sophisticated phishing campaigns.Scattered Spider is associated with the Gen Z cybercrime ecosystem known as the Com, which engages in illegal activities and swatting attacks.These threat actors specialize in...
Beware of Las Vegas Formula 1 scams
November 15 – Are you on the search for last-minute tickets to the Formula 1 Las Vegas Grand Prix?If you are, then be on the lookout for scammers who are aiming to take advantage of the hype surrounding this significant racing event.Many threat actors are creating phishing pages that look identical to the official website that sells...
Major Australian port disrupted by cyberattack
November 13 – Since Friday Nov. 10, The Australian government has been grappling with a significant cyber security incident that resulted in the suspension of port operations.The port organization is responsible for nearly half of the country’s flow of goods and is investigating potential data breaches and assessing critical systems necessary to resume operations and freight movement.The...
Major ChatGPT outage, DDoS attack
November 9th – In the last 24 hours, ChatGPT and its API have experienced a major outage due to a DDoS attack.Disruptions in the chatbot's functionality were first documented on November 7th, and initially described as partial outages. However, a “major outage” was reported a day later.The attack comes on the heels of OpenAI’s first-ever developer conference,...
Predator AI hack tool leverages GPT
November 8th – A new hacking tool, ominously named “Predator AI,” has emerged. What sets this tool apart from others is the integration of artificial intelligence; specifically, a ChatGPT-driven class embedded within a Python script.The unique GPT class adds a chat-like text-processing interface. The integration appears intended to reduce reliance on OpenAI’s API, while also advancing Predator...
Executives seek exceptions to cyber rules
November 6th – In the last year, nearly half of C-level executives have requested to bypass one or more cyber security measures. This points to a growing disparity between what executives say and the actions that they take.C-level security skipsTo conduct the aforementioned research, more than 6,500 executive leaders, cyber security professionals and office workers were polled.While...
IT service desks targeted by social engineers
November 3rd – IT service desks have recently experienced a wave of social engineering threats. Traditionally, the IT service desk has functioned as the first point of contact for an organization’s employees who are experiencing technical challenges, such as forgotten passwords and computer crashes.In order to assist with such requests, service desk staff typically verify users’ identities...
More than 40 allied countries vow not to pay ransoms
November 1st - In a U.S.-led initiative, more than forty countries have agreed to never again pay ransom to cyber criminals, and to actively work towards eliminating hackers’ funding sources.The timing couldn’t be better, as ransomware attacks are increasing in volume and sophistication worldwide. Says U.S. deputy national security advisor, Anne Neuberger, the United States experiences the...
CISA releases security toolkit for healthcare
October 30th – After a series of devastating healthcare-related breaches across the past few months, the Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Department of Health and Human Services (HHS), has released a new set of resources intended to help professionals in the healthcare space improve their organization's security posture.This year to-date, CISA has...
Nation-state actors target critical networks in France
October 27th – Since 2021, the nation-state backed group known as APT28 (a.k.a ‘Strontium’ or ‘Fancy Bear’) has been linked to a series of breaches targeting French government entities, businesses, universities and think tanks.Most recently, APT28 leveraged CVE-2023-38831, a remote code execution vulnerability in WinRAR, and a zero-day privilege elevation flaw in Microsoft Outlook to compromise organizations.The...
5 hospitals hit by cyber attack
October 25th 2023 – In Ontario, five different hospitals are contending with a cyber attack that has caused delays in care delivery. Some patients and their families report that they’ve waited hours for care and that procedures have been canceled.One individual required an ambulance to reach the Windsor Regional Hospital’s Met campus and was required to wait...
Microsoft makes $5bn investment in Australia
October 23rd – Across the next two years, Microsoft will invest $5bn in Australia to help protect the nation from cyber threats.While on a trip to Washington D.C., flanked by Microsoft’s vice-chair and president, Brad Smith, Australia's Prime Minister Anthony Albanese confirmed the investment.Australian cyber security strategyThe announcement was made just ahead of the Albanese government’s articulation...
NYC hospital cyber attacks, large-scale disruptions
October 20th – In New York, two hospitals are diverting patients to other facilities due to cyber attacks. The incidents affect systems at HealthAlliance Hospital, in Kingston, and at Mountainside Residential Care Center, both of which are part of the Westchester Medical Center Health Network.Authorities are investigating the incidents, as is an independent cyber security firm. Across...
The unexpected reason X will begin charging users
October 18th – Ever since Elon Musk purchased Twitter, the platform has changed a lot. The famous blue bird logo disappeared, Twitter Blue was a thing for a minute, and most notably, the platform has rebranded to X. And now, X is has announced a new experiment…The platform will now charge a one dollar per year fee...
Most expansive DDoS ever seen leverages zero-day
October 13th – This week, a group of technology firms publicly shared information about a DDoS campaign that compressed a month’s worth of Wikipedia traffic into a two-minute deluge. Within the campaign, attackers exploited a flaw in the fundamental technology that powers the internet…Most expansive DDoS ever seenThe DDoS campaign described by Google, Cloudflare and Amazon AWS...
The EU spyware problem, new investigation insights
October 11th – A recent media investigation has revealed that European Union-based entities have financed the development of and backed the sale of cyber surveillance tools, which have made their way into the clutches of authoritarian regimes.This has occurred with the passive complicity of EU governments, according to the European Investigative Collaborations (EIC) network.The investigation “…shows what...
Genetic data stolen in targeted 23andMe breach
October 9th – The U.S. based genetic profiling service 23andMe has launched an investigation into how a million data points were exposed via online forums.At least one anonymous hacker claims to have genetic profiles for sale on the dark web, as cobbled together from hijacked 23andMe customer accounts.The seller has indicated that the profiles include email addresses,...
NSA and CISA reveal top security misconfigurations
October 6th – The National Security Agency (NSA) and the Cybersecurity and Infrastructure Agency (CISA) have announced the top 10 most common cyber security misconfigurations within enterprise networks, as discovered by their red and blue teams.NSA and CISA: MisconfigurationsThe agencies’ Red and Blue teams collected information during assessments and incident response activities, which shaped their overall report...
Hacker impersonates Meta recruiter to target aerospace firm
October 2 – If you’ve been offered a new job opportunity, exercise caution and ensure that the job offer is legitimate.New reports indicate that North Korean hackers, pretending to be recruiters from Meta —the parent company of Facebook— are unscrupulously deceiving individuals into downloading malware.Aerospace breachThese findings have been revealed as part of an investigation into a...
Ransomware forces large logistics firm to close
September 28 – In the U.K., one of the largest privately held logistics firms, KNP Logistics Group, has declared itself under financial duress to the point of insolvency, blaming a ransomware attack.Roughly 730 employees will be dismissed as a result of the ensuing legal processes, although one of the group’s key entities has been sold, saving roughly...
Now you can talk to ChatGPT and it will talk back
September 26 – The popular chatbot known as ChatGPT can now “see, hear and speak,” or at least process spoken words and respond with a synthetic voice. It can also process images, according to parent company OpenAI.ChatGPT’s feature pushThe features rollout has occurred as competition among chatbot developers heats up. Google has announced a variety of features...
UAE sets cyber security vision for next 50 years
September 20 – In the UAE, senior officials are developing a cyber security vision that is intended to strengthen action against digital crime for the next 50 years.The initiative will provide the country with a high level of resilience, boosting its ability to address “growing digital challenges.”“As the UAE looks forward to its centennial in 2071, we...
U.S. leaders call for stronger open-source security
September 18 – In a recent two-day summit that included technology companies, banks and industry groups, the White House pushed for stronger standards on behalf of open-source software development.The Biden administrations wants to see companies expand use of inventories, known as software bill of materials, which include information about open source components, licensing and version information for...
CISA panel wants national cyber security alert system
September 15 – According to a panel that advises the Cybersecurity and Infrastructure Security Agency (CISA), the U.S. need a national cyber security alert system that would provide actionable insights into threats and risks.Without providing details around the development of such a system or how it would operate, the panel noted that “there is a genuine need...
