October 13, 2023 at 01:47PM Cyberattackers are using the ShellBot malware to target Linux SSH servers. They are now using hexadecimal IP addresses to evade detection. This new method allows them to hide their activity from behavior-based detection systems. ShellBot is a well-known botnet that compromises servers with weak SSH credentials and can be used … Read more
October 13, 2023 at 01:26PM Microsoft has introduced an AI bug-bounty program for researchers to identify vulnerabilities in its Bing generative AI chatbot and AI integrations. Rewards for eligible submissions range from $2,000 to $15,000. The program covers AI-powered Bing on bing.com, as well as integrations in Microsoft Edge, the Microsoft Start app, and Skype … Read more
October 13, 2023 at 12:50PM Microsoft has announced that the NTLM authentication protocol will be phased out in Windows 11. Kerberos has replaced NTLM as the default authentication protocol since Windows 2000. Despite being used in older versions, NTLM is still vulnerable to attacks such as relay attacks and pass-the-hash attacks. Microsoft is working on … Read more
October 13, 2023 at 12:29PM Researchers are currently monitoring state-sponsored information operations connected to the Israel-Hamas conflict, but no significant cyber activities have been observed yet. However, experts predict an increase in cyber attacks over time. There have been two notable information operations campaigns identified, one related to Iran and the other to China. The … Read more
October 13, 2023 at 11:38AM A single-click exploit has raised concerns about the security of Microsoft’s Visual Studio IDE once again. Developed by security researcher Zhiniang Peng, the exploit takes advantage of the default implementation of the IDE’s “trusted locations” feature. Peng argues that enabling this feature by default would protect users from potential attacks, … Read more
October 13, 2023 at 11:24AM A new cyber attack campaign called PEAPOD has targeted EU military personnel and political leaders working on gender equality. Cybersecurity firm Trend Micro has attributed the attacks to a threat actor known as Void Rabisu, which is associated with Cuba ransomware. The group conducts both financial motivated and espionage attacks, … Read more
October 13, 2023 at 10:57AM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has shared new details about vulnerabilities exploited by ransomware groups in order to help critical infrastructure organizations defend against attacks. Through its Ransomware Vulnerability Warning Pilot program, CISA has identified over 800 vulnerable systems frequently targeted by ransomware operations. CISA has also … Read more
October 13, 2023 at 10:49AM The European Union’s Cyber Resilience Act (CRA) is causing concern among the open source community. The Act, aimed at addressing cybersecurity issues, imposes strict regulations on software publishers, potentially hindering open source development. The open source community is advocating for more flexibility in the regulations and better understanding of how … Read more
October 13, 2023 at 10:12AM The US cybersecurity agency CISA has released two new resources to help organizations identify and eliminate security flaws targeted by ransomware groups. The resources include a column in the Known Exploited Vulnerabilities catalog that flags flaws associated with ransomware campaigns, and a table on the StopRansomware project’s website listing misconfigurations … Read more
October 13, 2023 at 10:07AM The Writers Guild of America’s strike, centered on the role of artificial intelligence (AI) in creative processes, has ended with a victory for writers. The agreement bans the independent use of AI for writing and ensures that writers receive credit for their creative contributions. This sets a precedent that AI … Read more