Keeping Pyongyang’s coffers full North Korean-linked crews connected to the pervasive IT worker scams have upped their malware game, using more advanced tools, including a backdoor that has much of the same code as Pyongyang’s infamous Lazarus Group deploys.… READ MORE HERE…
The latest in a run of serious networking bugs gives attackers root if they have SNMP access Cisco has confirmed a new IOS and IOS XE zero-day, the latest in a string of flaws that attackers have been quick to weaponize.… READ MORE HERE…
If you recently got an email asking you to verify your credentials to a PyPI site, better change that password The Python Software Foundation warned users of a new string of phishing attacks using a phony Python Package Index (PyPI) website and asking victims to verify their account or face suspension, and advised anyone who did provide their credentials to change their password “immediately.”… READ MORE HERE…
Mandiant CTO anticipates ‘hearing about this campaign for the next one to two years’ Unknown intruders – likely China-linked spies – have broken into “numerous” enterprise networks since March and deployed backdoors, providing access for their long-term IP and other sensitive data stealing missions, all the while remaining undetected on average for 393 days, according to Google Threat Intelligence.… READ MORE HERE…
AI attacks on the rise A survey of cybersecurity bosses has shown that 62 percent reported attacks on their staff using AI over the last year, either by the use of prompt injection attacks or faking out their systems using phony audio or video generated by AI.… READ MORE HERE…
Secret Service seizes 300-server network allegedly tied to nation-state hackers The US Secret Service has dismantled a network of SIM farms in and around New York City it claims was behind multiple incidents targeting senior government officials and had enough power to disrupt entire cellular networks.… READ MORE HERE…
Not old enough to drink, old enough to be accused of causing millions in damage A teen surrendered to Las Vegas police and was booked on suspicion of breaking into multiple Las Vegas casino networks in 2023, as part of a series of hacks attributed to Scattered Spider.… READ MORE HERE…
Airport staff revert to manual ops as travellers urged to use self-service check-in where possible The EU’s cybersecurity agency today confirmed that ransonmware is the cause of continued disruption blighting major airports across Europe.… READ MORE HERE…
PLUS: Luxury brands under fire; FBI warns crims are spoofing it again; ICE buys phone cracking software Infosec in brief Online criminals prefer to deal in digital assets, but a side effect of a ransomware attack has seen a French museum robbed of $705,000 in physical gold nuggets.… READ MORE HERE…
Could this bot-prevention technique now be obsolete? ChatGPT can be tricked via cleverly worded prompts to violate its own policies and solve CAPTCHA puzzles, potentially making this human-proving security mechanism obsolete, researchers say.… READ MORE HERE…