March 5, 2024 at 05:37PM Generative AI technology is expected to boost cybercriminals’ synthetic identity fraud capabilities, with current fraud detection tools likely insufficient to counter this emerging threat. Cybercriminals leverage generative AI for creating fake documents, exploiting its widespread availability and affordability. Fighting synthetic identity fraud requires a multilayered approach, including AI and behavioral … Read more
March 5, 2024 at 05:23PM United Healthcare’s Change Healthcare subsidiary paid $22 million to ransomware attackers, but the move didn’t resolve the cyber incident. There are allegations of the attackers stealing the money and threatening to leak stolen data. The ransomware gang, BlackCat, is speculated to be undergoing an exit strategy, possibly related to Bitcoin … Read more
March 5, 2024 at 03:02PM North Korean hackers exploit ConnectWise’s ScreenConnect software vulnerability with ToddleShark malware. Kimsuky, a DPRK-based APT, targets organizations using the CVE-2024-1709 bug. ToddleShark gathers system info and sends it to attacker-controlled servers via encrypted channels. It evades detection through randomization and junk code. Organizations are urged to patch their systems promptly. … Read more
March 5, 2024 at 02:31PM Nearly 30,000 Fidelity Investments Life Insurance customers’ personal and financial information was likely stolen by hackers who infiltrated Infosys’ IT systems. The breach may have compromised names, Social Security numbers, bank account details, and more, leaving individuals vulnerable to financial fraud and identity theft. The incident also affected Bank of … Read more
March 5, 2024 at 01:10PM The RA World ransomware group, formed in April, has significantly expanded its attack scope. Targeting global organizations, the group recently launched sophisticated cyberattacks, notably in Latin America’s healthcare sector. With a focus on the US and adoption of double-extortion tactics, it poses a major threat, emphasizing the need for robust … Read more
March 5, 2024 at 11:50AM Malicious actors used QEMU as a tunneling tool to establish a network tunnel in a cyberattack on a large company. This unusual case demonstrates the diverse methods attackers use to evade detection. Kaspersky analysts discovered the attack and emphasized the need for multi-level protection, including 24/7 network monitoring, to defend … Read more
March 5, 2024 at 11:27AM Audio and video calling features initially for X Premium users on Elon Musk’s Twitter are now available to all users, but concerns about IP exposure have emerged. Enabling the features could potentially expose users to trolls and make tracking easier. Enhanced call privacy is disabled by default, and users are … Read more
March 5, 2024 at 11:06AM Dtex Systems, a California-based company, has secured $50 million in late-stage funding, with a total of $138 million raised. The funding aims to accelerate the application of large language models and behavioral science research to disrupt the insider risk management market. Dtex utilizes machine learning and network monitoring to detect … Read more
March 5, 2024 at 10:56AM The BlackCat ransomware gang is attempting to pull an exit scam by announcing the sale of their malware source code for $5 million, claiming the FBI seized their site. This follows complaints from affiliates and rumors of an exit scam, demonstrating the gang’s untrustworthiness and questionable operations in the past. … Read more
March 5, 2024 at 10:02AM Summary: Biometrics, though dating back to 1901, has significantly evolved with widespread use in public and private sectors. However, there are security risks, as shown by gaps in the US DoD’s biometrics data management. Enterprises also face data theft and privacy concerns, emphasizing the need for robust security policies and … Read more