Cerber Ransomware Exploits Atlassian Confluence Vulnerability CVE-2023-22518

On October 31, 2023, Atlassian published an advisory on CVE-2023-22518, an Improper authorization vulnerability involving the Confluence Data Center and Server. Initially reported to cause data loss, it was eventually revealed that exploiting this vulnerability allows unauthorized users to reset Read More …

YouTube shows ads for ad blocker, financial scams

After performing local experiments for a few months, YouTube recently expanded its effort to block ad blockers. The move was immediately unpopular with some users, and raised some questions in Europe about whether it was breaking privacy laws. In addition, Read More …

Ducktail fashion week

Ducktail is a malware family that has been active since the second half of 2021 and aims to steal Facebook business accounts. Kaspersky Daily Iran, WithSecure, and GridinSoft have all covered Ducktail attacks: the infostealer spread under the guise of documents Read More …

U.S. arm of China mega-lender ICBC hit by ransomware attack

The U.S. arm of China’s largest bank said Thursday that it was hit by a ransomware attack, forcing clients to reroute trades and disrupting the U.S. Treasury market. Ransomware attacks typically access vulnerable computer systems and encrypt or steal data, Read More …

Modern Asian APT groups’ tactics, techniques and procedures (TTPs)

This report consists of six main sections – Incidents involving Asian APT groups in various regions of the planet Information on five unique incidents that Kaspersky researchers detected in different parts of the world. Each incident is a unique case within Read More …

Secretary General: Through NATO, we can build a secure cyberspace for all

The Secretary General emphasized that cyber is driving strategic competition and that authoritarian regimes, including China and Russia, are: “challenging our interests, our values and our security.” He said they are: “determined to shape the future of cyberspace in [their] Read More …

Threat Predictions for 2024: Chained AI and CaaS Operations Give Attackers More “Easy” Buttons Than Ever

With the growth of Cybercrime-as-a-Service (CaaS) operations and the advent of generative AI, threat actors have more “easy” buttons at their fingertips to assist with carrying out attacks than ever before. By relying on the growing capabilities in their respective Read More …

OpenAI Blames ChatGPT’s Intermittent Outages On ‘Abnormal Traffic’ That Suggests Potential Cyber Attack

ChatGPT continued to face intermittent outages late Wednesday, which the platform’s maker OpenAI blamed on a potential cyberattack, hours after the AI chatbot platform recovered from a wide outage that the company initially attributed to a surge in interest for Read More …