- US looking at media report that Israel used AI to identify bombing targets in Gaza
April 5, 2024
The United States was looking into a media report that the Israeli military has been using artificial intelligence to help identify bombing targets in Gaza, White House national security spokesperson John Kirby told CNN in an interview on Thursday. The report in +972 Magazine and Local Call was published on Wednesday. According to the 972+ report, ...
- Byakugan – The Malware Behind a Phishing Attack
April 4, 2024
In January 2024, FortiGuard Labs collected a PDF file written in Portuguese that distributes a multi-functional malware known as Byakugan. The PDF image shows a blurred table and asks the victim to click the malicious link on the PDF file to see the content. Once the link is clicked, a downloader is downloaded. The downloader drops ...
- The Illusion Of Privacy: Geolocation Risks In Modern Dating Apps
April 4, 2024
Dating apps traditionally utilize location data, offering the opportunity to connect with people nearby, and enhancing the chances of real-life meetings. Some apps can also display the distance of the user to other users. This feature is quite useful for coordinating meetups, indicating whether a potential match is just a short distance away or a kilometer ...
- LazyStealer: Sophisticated does not mean better
April 4, 2024
In the first quarter of 2024, researchers from Positive Technologies Expert Security Center (PT ESC) detected a series of attacks targeting government organizations in Russia, Belarus, Kazakhstan, Uzbekistan, Kyrgyzstan, Tajikistan, and Armenia. The research team could not find any links to known groups that used the same techniques. The main goal of the attack was stealing ...
- Why the threat of a ‘nightmare’ Chinese supercomputer just got a step closer
April 4, 2024
A cyber security official at the US State Department had noticed something unusual. An internal IT security system, nicknamed “Big Yellow Taxi”, had flagged unusual activity on its corporate Microsoft account. The tech team quickly raised its concerns to Microsoft, hopeful that the alert was just a false positive. What rapidly emerged, however, was that a ...
- UK: Parliamentary staff warned of dangers after suspected sexting honeytrap attacks
April 4, 2024
Sir Lindsay Hoyle, the Commons Speaker, has held talks with parliamentary staff following suspected sexting honeytrap attacks targeting MPs, staffers and political journalists. At least 12 men working in and around Parliament, including a serving minister and other MPs, have been targeted on WhatsApp in a suspected spear phishing attack. Attackers contacted their victims under the ...
- Chaos Ransomware Operator Gives Up Decryption Tool for Free
April 3, 2024
The SonicWall CaptureLabs threat research team have been recently tracking ransomware created using the Chaos ransomware builder. The builder appeared in June 2021 and has been used by many operators to infect victims and demand payment for file retrieval. The sample SonicWall researchers analyzed lead them to a conversation with the operator who freely gave up the ...
- Google patches critical vulnerability for Androids with Qualcomm chips
April 3, 2024
In April’s update for the Android operating system (OS), Google has patched 28 vulnerabilities, one of which is rated critical for Android devices equipped with Qualcomm chips. You can find your device’s Android version number, security update level, and Google Play system level in your Settings app. You’ll get notifications when updates are available for you, ...
- Unveiling the Fallout: Operation Cronos’ Impact on LockBit Following Landmark Disruption
April 3, 2024
The RaaS group LockBit that has been in operation since early 2020, grew to become one of the largest RaaS groups in the ransomware ecosphere and was responsible for 25% to 33% of all ransomware attacks in 2023. The group has claimed thousands of victims and was, by far, the biggest financial threat actor group in ...
- CVE-2024-0394: Rapid7 Minerva Armor Privilege Escalation (FIXED)
April 3, 2024
Rapid7 is disclosing CVE-2024-0394, a privilege escalation vulnerability in Rapid7 Minerva’s Armor product family. Minerva uses the open-source OpenSSL library for cryptographic functions and to support secure communications. The root cause of this vulnerability is Minerva’s implementation of OpenSSL’s OPENSSLDIR parameter, which was set to a path accessible to low-privileged users (such as C:\git\vcpkg\packages\openssl_x86-windows-static-vs2019-static\openssl.cnf). Rapid7 has ...
- OWASP Foundation reveals data breach following Wiki web server issue
April 2, 2024
The Open Worldwide Application Security Project (OWASP) suffered a data breach in late February 2024 resulting in the exposure of sensitive data belonging to some of its members. In an announcement published on the OWASP website, Executive Director Andrew van der Stock confirmed the breach and explained that it happened due to a misconfiguration of an ...