December 7, 2024 at 06:15AM Two versions of the Python AI library Ultralytics (8.3.41 and 8.3.42) were compromised, delivering a cryptocurrency miner. The affected versions have been removed, and a new one includes a security fix. The attack exploited a GitHub Actions vulnerability, raising concerns about potential future threats like backdoors. **Meeting Takeaways – Dec … Read more
December 6, 2024 at 04:10PM Microsoft has expanded its Windows Recall feature to Copilot+ PCs with AMD and Intel chipsets, following an initial rollout for Snapdragon devices. The AI-powered tool allows users to revisit recorded activities, raising privacy concerns. Microsoft has enhanced security measures and delayed the launch to address these issues before the limited … Read more
December 5, 2024 at 12:18PM Russian programmer Kirill Parubets was detained by the FSB and found spyware installed on his phone after it was returned. Citizen Lab confirmed the malware impersonates a popular app and offers extensive permissions. The spyware appears related to the Monokle variant, with enhanced features for surveillance and data extraction. ### … Read more
December 5, 2024 at 06:17AM BT Group confirmed an attempted attack by the Black Basta ransomware group on its BT Conferencing unit. The incident affected specific platform elements, which were quickly isolated, with no impact on live services. Black Basta claims to have stolen around 500 GB of outdated data, prompting an ongoing investigation. ### … Read more
December 4, 2024 at 01:40PM BT Group has confirmed the shutdown of several servers within its BT Conferencing division due to a ransomware breach by Black Basta. This incident highlights the ongoing cybersecurity challenges faced by multinational companies in protecting their infrastructure. **Meeting Takeaways: BT Group Ransomware Incident** 1. **Company Affected:** BT Group, formerly known … Read more
December 4, 2024 at 07:02AM Google released December 2024 security updates for Android, addressing 14 high-severity vulnerabilities, including a critical remote code execution flaw. The updates cover Android versions 12 through 15. Users are encouraged to update devices promptly, as no exploitation is reported. No security updates were included for Android Automotive OS and Wear … Read more
November 30, 2024 at 02:42AM Russian cybercriminal Mikhail Pavlovich Matveev, linked to LockBit and Hive ransomware, has been arrested. He is charged with developing a malware program for encrypting files and demanding ransom. Matveev has been under U.S. indictment since May 2023, facing consequences for his extensive cybercrime activities. ### Meeting Takeaways – Ransomware / … Read more
November 29, 2024 at 12:55PM Russian ransomware affiliate Mikhail Matveev, also known as Wazawaka, was arrested and indicted for his involvement in multiple hacking groups, including LockBit and Babuk. The U.S. has charged him for cyberattacks against American organizations and is offering a $10 million reward for information leading to his conviction. ### Meeting Takeaways … Read more
November 29, 2024 at 07:05AM This week’s cybersecurity news roundup highlights significant developments, including the doubling of a data breach affecting OnePoint Patient Care, Meta’s crackdown on scam operations, malware exploiting Avast’s software, and various vulnerability patches from notable companies. Additional stories cover hacking incidents, Cloudflare’s log loss, and recent data breaches at Keesal, Young … Read more
November 27, 2024 at 12:43PM A new UEFI bootkit designed to target Linux systems has been identified, indicating a significant change in the landscape of stealthy and difficult-to-remove bootkit threats, which have primarily been aimed at Windows platforms until now. **Meeting Takeaways:** – A new UEFI bootkit has been identified that specifically targets Linux systems. … Read more