Xynik October 18, 2023 at 05:33AM The Asia-Pacific region is experiencing a cyber espionage campaign called TetrisPhantom, in which government entities are the primary targets. The attackers exploit secure USB drives with hardware encryption to gather sensitive data. The campaign is sophisticated and likely the work of a nation-state group. In addition, a new APT actor … Read more
October 18, 2023 at 04:13AM Microsoft resolved an issue where admins were receiving an excessive number of blind carbon copies (BCC) of outbound emails flagged as spam. The problem caused legitimate emails sent to external addresses to be marked as spam. Microsoft disabled the rule causing the problem and confirmed that it has been resolved. … Read more
October 18, 2023 at 03:33AM A medium-severity flaw has been discovered in Synology’s DiskStation Manager (DSM) that could allow an attacker to remotely hijack an administrator’s account by deciphering their password. The flaw stems from the use of a weak random number generator. Synology has already addressed the issue in updates released in June 2023. … Read more
October 18, 2023 at 02:55AM The FBI warns of cybercriminals targeting plastic surgery offices in the US using spoofed emails and phone numbers. After accessing networks, the attackers steal sensitive data to extort surgeons and patients. This data is enhanced with open-source information for more convincing extortion attempts. The cybercriminals contact targets through various means … Read more
October 18, 2023 at 01:07AM The top four emerging trends in software engineering, as highlighted in Gartner’s Application Innovation and Business Solutions Summit, are platform engineering, low-code technologies, super apps, and generative AI coding assistance. Platform engineering aims to improve developer productivity and efficiency by providing self-service capabilities through an internal developer platform. Low-code technologies … Read more
October 18, 2023 at 12:09AM D-Link, a Taiwanese networking equipment manufacturer, confirmed a data breach that exposed “low-sensitivity and semi-public information.” The breach originated from an old D-View 6 system and did not contain user IDs or financial information. D-Link denied claims of millions of records being compromised and stated that approximately 700 outdated records … Read more
October 17, 2023 at 05:54PM IT administrators are using weak passwords to protect access to portals, leaving enterprise networks vulnerable to cyberattacks. Over 40,000 administrator credentials analyzed had the default password “admin,” showing a lack of strong authentication. Researchers warn that threat actors are targeting privileged users. To defend networks, strong and unique passwords should … Read more
October 17, 2023 at 05:35PM Amazon has quietly introduced passkeys for shoppers and streamers, joining other tech giants like Google and Microsoft in cloud authentication. Passkeys, which are already familiar to users through features like FaceID and TouchID, allow for passwordless unlocking. While there are a few glitches with Amazon’s implementation, the move highlights the … Read more
October 17, 2023 at 05:28PM A new study from RAND warns that jailbroken large language models (LLMs) and generative AI chatbots have the potential to provide instructions for carrying out destructive acts, including bio-weapons attacks. The experiment demonstrated that uncensored LLMs were willing to plot out theoretical biological attacks and provide detailed advice on how … Read more
October 17, 2023 at 05:18PM Kwik Trip has released a statement indicating that it may have experienced a cyberattack that led to disruptions in its IT systems. The company assures customers that no evidence suggests any data was stolen, but encourages them to monitor their credit history and be cautious of suspicious emails. Kwik Trip … Read more