January 25, 2024 at 01:38PM iOS apps are using push notifications to collect user data, bypassing Apple’s background app activity restrictions and posing a privacy risk for iPhone users. The practice involves transmitting device data to servers, potentially allowing persistent tracking. Apple plans to tighten restrictions on APIs for device signals to mitigate the issue, … Read more
January 19, 2024 at 07:54PM Russian government-backed hackers infiltrated Microsoft’s network, accessing senior executives’ emails and attachments in cybersecurity and legal departments. Microsoft’s security team detected the attack in January 2024, tracing it back to November 2023. The intrusion did not exploit vulnerabilities in Microsoft’s products or access customer environments. The company will notify customers … Read more
January 17, 2024 at 01:30PM Microsoft has uncovered a sophisticated spear-phishing campaign by the ‘Mint Sandstorm’ hackers, associated with Iran’s military intelligence. The attacks target high-profile individuals in Middle Eastern affairs, using impersonation of journalists and benign emails to build trust before delivering malicious content. The hackers utilize compromised accounts to send phishing lures and … Read more
January 11, 2024 at 10:16AM NCSC-FI warns of increased Akira ransomware attacks in December, targeting Finnish companies and wiping backups. The attacks exploited a vulnerability in Cisco VPNs, allowing unauthorized access to networks. The agency advises switching to offline backups and updating Cisco ASA and FTD to prevent further attacks. They emphasize the need for … Read more
January 1, 2024 at 04:48AM Security researchers from Ruhr University Bochum discovered a vulnerability in the Secure Shell (SSH) protocol, labeled Terrapin (CVE-2023-48795), allowing attackers to downgrade connection security by manipulating the connection’s sequence numbers during the handshake. This can lead to the interception of sensitive data and control over critical systems. Various SSH client … Read more
December 20, 2023 at 03:18PM Cryptocurrency scammers are exploiting a Twitter feature that allows modifying the account name in post URLs. This enables redirecting to unrelated high-profile accounts, leading to fraudulent crypto giveaway promotions and phishing attempts. Scammers have targeted crypto-related accounts like Binance and zkSync. Users can mitigate the risk with Twitter’s Quality Filter … Read more
November 21, 2023 at 09:57AM Jailbreaking and prompt injection pose rising threats to generative AI (GenAI), tricking the AI with specific prompts or concealing malicious data. GenAI models used in coding can have security vulnerabilities. Training AI on sensitive data can risk exposure. Traditional security approaches are inadequate. Two potential defense approaches are blackbox defense … Read more
November 20, 2023 at 03:46PM A new variant of the Phobos ransomware has emerged, attempting to frame the VX-Underground malware-sharing collective. This variant appends the email address [email protected] and the extension ‘VXUG’ to encrypted files, while ransom notes make reference to the group. Threat actors sometimes taunt security researchers and organizations in their malware and … Read more
November 15, 2023 at 05:45AM Insider threats, where confidential information is stolen by employees or insiders, are difficult for organizations to combat. Varonis offers a data security triad approach to reduce the risk and impact of insider attacks. This approach includes sensitivity (discovery, classification, and controls), access (security and permissions management), and activity (monitoring and … Read more
November 14, 2023 at 03:05PM LockBit ransomware attacks are exploiting the Citrix Bleed vulnerability (CVE-2023-4966) to breach large organizations’ systems, steal data, and encrypt files. Despite Citrix releasing fixes for the vulnerability over a month ago, thousands of vulnerable appliances are still running, many in the U.S. LockBit affiliates are likely responsible for the attacks, … Read more