Thursday, June 1, 2023
Internet Storm Center Infocon Status

LATEST

The Register

Ukraine war blurs lines between cyber-crims and state-sponsored attackers

This RomCom is no laughing matter A change in the deployment of the RomCom malware strain has illustrated the blurring distinction between cyberattacks motivated by money and those fueled by geopolitics, in this case Russia's illegal invasion of Ukraine,...
SC Magazine

We need to refine and secure AI, not turn our backs on the technology 

While the potential poisoning of ChatGPT raises some concerns, we need to take this threat as an opportunity to better refine and secure emerging AI models.
The Hacker News

Active Mirai Botnet Variant Exploiting Zyxel Devices for DDoS Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw in Zyxel gear to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-28771 (CVSS score: 9.8), the issue relates to a command injection flaw impacting...
The Hacker News

Urgent WordPress Update Fixes Critical Flaw in Jetpack Plugin on Million of Sites

WordPress has issued an automatic update to address a critical flaw in the Jetpack plugin that’s installed on over five million sites. The vulnerability, which was unearthed during an internal security audit, resides in an API present in the plugin since version 2.0,...
The Register

Dark Pink cyber-spies add info stealers to their arsenal, notch up more victims

Not to be confused with K-Pop sensation BLACKPINK, gang pops military, govt and education orgs Dark Pink, a suspected nation-state-sponsored cyber-espionage group, has expanded its list of targeted organizations, both geographically and by sector, and has carried out at...
The Register

Feds, you’ll need a warrant for that cellphone border search

Here's a story with a twist A federal district judge has ruled that authorities must obtain a warrant to search an American citizen's cellphone at the border, barring exigent circumstances.…
Graham Cluley

Smashing Security podcast #324: .ZIP domains, AI lies, and did social media inflame a riot?

height="315" class="aligncenter size-full wp-image-292324" /> ChatGPT hallucinations cause turbulence in court, a riot in Wales may have been ignited on social media, and do you think .MOV is a good top-level domain for "a website that moves you"? All this and...
Smashing Security

.ZIP domains, AI lies, and did social media inflame a riot?

ChatGPT hallucinations cause turbulence in court, a riot in Wales may have been ignited on social media, and do you think .MOV is a good top-level domain for "a website that moves you"?All this and much much more is...

Researchers tell owners to “assume compromise” of unpatched Zyxel firewalls

Enlarge (credit: Getty Images) Firewalls made by Zyxel are being wrangled into a destructive botnet, which is taking control of them by exploiting a recently patched vulnerability with a severity...

AI-expanded album cover artworks go viral thanks to Photoshop’s Generative Fill

Enlarge / An AI-expanded version of a famous album cover involving four lads and a certain road created using Adobe Generative Fill. (credit: Capitol Records / Adobe / Dobrokotov) Over...
TechRepublic

8 best practices for securing your Mac from hackers in 2023

Best practices for securing your Mac against potential hacks and security vulnerabilities include enabling the firewall, using strong passwords and encryption, and enabling Lockdown Mode. The post 8 best practices for securing your Mac from hackers in 2023 appeared first...

Yet Another Toyota Cloud Data Breach Jeopardizes Thousands of Customers

The newly found misconfigured cloud services are discovered just two weeks after an initial data breach affecting millions came to light.
SC Magazine

New hacking forum exposes RaidForums member data

SiliconAngle reports that disrupted hacking site RaidForums had its member database including information from 478,870 members leaked on the new Exposed hacking forum, which is claimed to be owned and administered by the threat actor dubbed as 'Impotent.'
SC Magazine

CAPTCHA-breaking services gaining traction

More threat actors have been leveraging illicit services aimed at bypassing CAPTCHA checks, according to The Hacker News.
SC Magazine

Universal 2FA implemented for PyPI project maintainers

All Python Package Index project maintainers have been required to adopt two-factor authentication by the end of the year in a bid to better prevent account takeover attacks, reports SecurityWeek.
SC Magazine

Over 8.9M impacted by MCNA Dental ransomware attack

Over 8.9M impacted by MCNA Dental ransomware attack Major government-sponsored dental insurance provider Managed Care of North America Dental has disclosed being impacted by a cyberattack compromising personal and health information from more than 8.92 million individuals, including patients,...

Can Cloud Services Encourage Better Login Security? Netflix's Accidental Model

Netflix's unpopular password-sharing policy change had a positive cybersecurity silver lining. Can more B2C service providers nudge their users toward secure authentication?
The CyberWire Podcast

Two RAT infestations. Ghosts of sites past. Trends in identity security. Detecting deepfakes may prove more difficult than you think.

SeroXen is a new elusive evolution of the Quasar RAT that seems to live up to its hype, and DogeRAT is a cheap Trojan targeting Indian Android users. Salesforce ghost sites...

MacOS 'Migraine' Bug: Big Headache for Device System Integrity

Microsoft says the vulnerability could allow cyberattackers with root access to bypass security protections and install malware.
SC Magazine

The most overhyped identity trends, according to cybersecurity investors

Identiverse panelists cite identity solutions and concepts whose short-term trajectories might not live up to the buzz surrounding them.

Ways to Help Cybersecurity's Essential Workers Avoid Burnout

To support and retain the people who protect assets against bad actors, organizations should create a more defensible environment.

BrandPost: Cybercriminals are abusing security tools—here’s how we’re stopping them

By Microsoft SecurityCybercriminals are constantly looking for novel ways to evade detection and enact harm. Outdated copies of common security tools have become one avenue. Microsoft, cybersecurity software company Fortra™ and the Health Information Sharing and Analysis Center (Health-ISAC)...
IBM Security

Machine Learning Applications in the Cybersecurity Space

Machine learning is one of the hottest areas in data science. This subset of artificial intelligence allows a system to learn from data and make accurate predictions, identify anomalies or make recommendations using different techniques. Machine learning techniques extract information...

What Apple's RSRs Reveal About Mac Patch Management

Apple's Rapid Security Response updates are designed to patch critical security vulnerabilities, but how much good can they do when patching is a weeks-long process?
1,007FollowersFollow

LEADERS

Graham Cluley

Smashing Security podcast #324: .ZIP domains, AI lies, and did social media inflame a riot?

height="315" class="aligncenter size-full wp-image-292324" /> ChatGPT hallucinations cause turbulence in court, a riot in Wales may have been ignited on social media, and do you think .MOV is a good top-level domain for "a website that moves you"? All this and...
Graham Cluley

Hacking forum hacked, user database leaked online

RaidForums, the notorious hacking and data leak forum seized and shut down by the authorities back in April 2022, is - perhaps surprisingly - at the centre of another cybersecurity breach.
Bruce Schneier

Chinese Hacking of US Critical Infrastructure

Everyone is writing about an interagency and international report on Chinese hacking of US critical infrastructure. Lots of interesting details about how the group, called Volt Typhoon, accesses target networks and evades detection.
Graham Cluley

SAS Airlines hit by $3 million ransom demand following DDoS attacks

Scandinavian Airlines (SAS) has received a US $3 million ransom demand following a prolonged campaign of distributed denial-of-service (DDoS) attacks against its online services. Read more in my article on the Hot for Security blog.
Graham Cluley

Venezuela pays people to tweet state propaganda and deepfake videos

The BBC reports that the Venezuelan government is paying people to tweet in support of it, in an attempt to drown out the noise of its critics.