StopCrypt unleashes stealthy new variant that evades detection
March 18th -- One of the most prevalent ransomware groups of 2023, known as StopCrypt, has revealed its new ransomware variant, which leverages sophisticated evasion tactics.
This StopCrypt development was brought to light last week. According to a new report, the ransomware family has become more common than LockBit. In contrast with other ransomware groups, StopCrypt typically targets...
Alabama under siege, DDoS disruption
March 15th – For cyber security professionals who are defending the state of Alabama’s networks, the last couple of weeks have translated to a trial-by-fire. The state has found itself in the crosshairs of a number of cyber attacks that have crippled systems and disrupted critical infrastructure operations for government agencies.
The trouble began on March 6th, when...
French government hacked, shocking data breach
March 13th – In recent weeks, multiple French government departments have been targeted by sophisticated cyber attacks. These breaches have compromised sensitive data and systems, exposing vulnerabilities within the digital infrastructure of the French government.
According to reports from French cyber security agencies, the attacks affected several ministries. Hackers were able to gain unauthorized access to internal networks...
HP’s firmware now prevents quantum hacks
March 11th – Quantum computers may bring transformative capabilities to organizations, especially those dealing with specific, complex computational challenges. But they also introduce a certain level of risk.
Hewlett Packard has launched what it’s calling the world’s first business-grade PCs, which are designed to protect firmware from quantum-based cyber attacks.
Preventing quantum hacks
Devices will be upgraded with HP’s Endpoint...
CISA aims to prevent next Log4Shell by…
March 8th – CISA intends to bring agencies, industry, regulators and the open source community closer together for the purpose of better securing the open source ecosystem.
The agency announced its commitment to this effort during a two-day summit on open source software (OSS) security, where director Jen Easterly emphasized the role of open source code in critical...
Cloud storage budgets EMEA, busted by fees
March 6th – In Europe, cloud storage costs have taken an outsized bite from budgets, with usage fees eating up a significant portion of allocated resources. More than 50% of EMEA-based firms spent more than intended on cloud storage in 2023.
Nonetheless, according to new research, many EMEA organizations are looking to expand cloud storage portfolios. Due to...
North Korea breaks into South Korean chip firms
March 4th – As North Korea looks to upgrade its semiconductor programs for weapon development purposes, several North Korean hacking groups appear to have infiltrated at least two different South Korean chip manufacturing entities.
The news follows an announcement by South Korean President Yoon Suk Yeol, which warned that North Korea may attempt to stage provocations – in...
Ransomware takedowns, they’re not working
February 29th – Last year, ahead of the Christmas holiday, the U.S. Federal Bureau of Investigation (F.B.I) ran an international operation intended to squelch the notorious hacking group known as BlackCat or ALPHV.
The hacking group is known for operating on a Ransomware-as-a-Service (RaaS) model, and it has also been ranked as the second-most active organized ransomware group...
NCSC warns of new TTPs employed by APT 29
February 27th – A recent advisory from the U.K. National Cyber Security Centre (NCSC) and international partners highlights the recently developed tactics, techniques and procedures (TTPs) used by APT 29 (also known as Midnight Blizzard, the Dukes or Cozy Bear).
The U.S. National Security Agency (NSA), the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the U.S. Cyber National...
New tactics adopted by SolarWinds hackers
February 26th -- Western officials have warned that the cyber spies responsible for the 2019 SolarWinds breach are altering their methods and preparing to infiltrate organizations that have transitioned their networks to the cloud.
In the past, cloud hosting has presented a challenge for hackers, as it has significantly diminished the attack surface, limiting hackers' capacity to exploit...
Wireless chargers inject voice commands, damage phones
February 22nd – The ‘VoltSchemer’ attacks involve injecting voice commands into a smartphone’s voice assistant using the magnetic field emitted by a standard wireless charger.
VoltSchemer can cause physical damage to a phone and can generate intense heat, potentially resulting in temperatures in excess of 500F (260C), which may also affect nearby items.
How it works
VoltSchemer is an attack...
‘Most Wanted’ pleads guilty to cyber attacks
February 20th – In a U.S. federal court, a man has plead guilty to taking a leadership role in two different cyber attacks that resulted in tens of millions of dollars in losses and that temporarily prevented a Vermont hospital from functioning correctly.
Although the attacks occurred more than three years ago, the impact has been felt for...
Game-changing AI video tool by OpenAI
February 16th – The artificial intelligence company OpenAI has given the world a preview of a new AI tool that, if given a simple text prompt, can generate beautiful, high-quality 60-second videos. The new tool has been dubbed Sora.
“We’re teaching AI to understand the physical world in motion, with the goal of training models that help people...
Biden audio deepfakes alarm experts
February 14th – Last month, deepfake robocalls that impersonated U.S. President Joe Biden raised alarm among government officials.
In the state of New Hampshire, an AI version of Biden encouraged voters not to go to the polls in order to vote this year.
Statement auth
The emergence of these robocalls, combined with a general rise in deepfakes and AI-based content,...
U.S. offers $10M for Hive ransomware intel
February 12th – Hive ransomware operators have extorted more than $100 million from thousands of victim organizations. Affected sectors include healthcare, education, finance, and critical infrastructure.
The group first emerged in 2021. In November of 2023, cyber security researchers discovered that a new ransomware group, known as Hunters International, had obtained the source code and infrastructure from Hive...
Raspberry Robin malware adopts new stealth tactics
February 9th – The malware family identified as Raspberry Robin is back, with new and innovative methods that facilitate higher levels of unauthorized privilege access than previously.
According to Check Point Researchers, Raspberry Robin has introduced two new 1-day Local Privilege Escalation (LPE) exploits, indicating either access to a dedicated exploit developer or a high level of potential...
Mozilla scrubs leaked personal info, for a fee
February 7th — Mozilla has recently launched a new paid service that automatically monitors data and removes people's private info from the web. The service is known as Mozilla Monitor Plus, and is an extension of the Mozilla Monitor (formerly Firefox Monitor) service, which provides information around email address compromises.
Mozilla Monitor Plus
The new data service aims...
U.S. proposes cyber security agriculture bill
January 31 -- Two U.S. Senators have introduced a bipartisan bill that's intended to strengthen cyber security in the food and agriculture sector. The new bill is known as the Farm and Food Cybersecurity Act.
The legislation, proposed by Senators Kirsten Gillibrand (D-NY) and Tom Common (R-AR), targets the identification of cyber security vulnerabilities in agriculture, enhancing cyber...
CI/CD at risk, critical Jenkins bug
January 29th -- Software developers are advised to promptly update their Jenkins servers in response to the discovery of a critical vulnerability, CVE-2024-23897.
This vulnerability could potentially allow unauthorized attackers, even those without specific permissions, to read arbitrary files on the Jenkins controller file system.
Jenkins, a widely used open-source automation server in the Continuous Integration and Continuous Deployment...
Hospital faces class action lawsuit over cyber attack
January 24th – In the U.S. state of Massachusetts, Anna Jacques Hospital experienced a shutdown of its electronic record systems and networked computers late last year.
The attack forced administrators to redirect ambulances to other hospitals until service was restored two days later.
A ransomware extortion group known as Money Message publicly admitted that it catalyzed the breach. Neither...
23andMe blames customers for data breach
January 22nd – The DNA testing company 23andMe recently made headlines on account of two data breaches that exposed highly sensitive genomics data belonging to millions of customers.
In an unprecedented move, the company blamed breach victims, telling them that the theft of data is their own fault. The ‘customer-is-at-fault’ position is based on the idea that customers...
FBI warns against Androxgh0st botnet
January 18th – The U.S. Federal Bureau of Investigation (FBI), in partnership with the Cybersecurity and Infrastructure Security Agency (CISA), has issued an urgent advisory regarding the Androxgh0st botnet.
This botnet is actively targeting platforms like AWS, SendGrid and Microsoft Office 365 in order to illicitly acquire cloud credentials.
Androxgh0st botnet
The Androxgh0st botnet first emerged in 2022. It’s a...
OpenAI GPT store, open for business
January 16th – OpenAI has finally launched its much anticipated GPT store. The company intended to open the GPT Store in November, but plans were delayed on account of internal company events.
The store expands ChatGPT’s potential applications and broadens OpenAI’s ecosystem beyond its current offerings. Effectively, the store will operate as a marketplace for AI tools.
The GPT...
Taiwanese gov’t facing 5M cyber attacks per day
January 12th – Just days ahead of a critical presidential election, Taiwan has battled an alarming number of cyber attacks. The interference has, reportedly, been quite sophisticated.
Taiwanese government agencies alone are contending with an estimated five million cyber attacks per day. Attacks have also been carried out against the country's technology and critical infrastructure entities, with exact...
Lawsuit reveals weakness in iOS 16
January 10th – In Moscow, a lawsuit filed by Russian company Elcomsoft alleges that competitor MKO-Systems stole code that can reach into the depths of iOS 16 devices to extract information.
The code can grab hidden passwords, locations, browsing history and other data. Elcomsoft states that its law enforcement clients find this software tool useful when trying to...
Beirut airport screens hijacked by cyber criminals
January 8th – Over the weekend, Beirut International Airport’s information display screens were hacked by domestic anti-Hezbollah groups.
Where departure and arrival information would ordinarily be listed, a message accused Hezbollah of putting Lebanon at risk of an all-out war with Israel, which the message writers didn't want.
Beirut International Airport attack
The message on airport monitors read, “Hassan Nasrallah,...
Cyber criminals take over gold accounts on X
January 4th – On the social media platform X, formerly known as Twitter, a gold badge indicates that the service has independently verified the account as owned by a celebrity or an organization.
The gold badge system was introduced last year as a paid option to help individuals and organizations show account authenticity. It’s the high-profile and business...
New Year’s resolutions for cyber security
January 2nd – Fortunately, your cyber security isn’t trying to lose 100 lbs in 3 months.
Unfortunately, cyber threats are escalating, and organizations do need to take more action in order to protect data and the people to whom it belongs. As the new year unfolds, seize the opportunity to elevate your organization’s cyber security.
Be sure to set...
Update Chrome to get new safety features
Dec. 28 – Chrome's latest version includes a 'safety check' tool, which is designed to notify users of malicious activity and to help free up the browser's memory.
When a user's stored passwords have been compromised in a known breach, the tool offers up an alert. It also scans recently installed extensions to identify any software that may...
Data breach affects CBS and Paramount
Dec. 26 – Private media giant National Amusements, which owns Paramount and CBS, has reported a data breach. The company is legally required to file a report with Maine’s attorney general. The breach occurred in December of 2022, but only came to light recently.
The stolen information
Hackers parsed personal information belonging to 82,128 people. Affected individuals began to...
U.S. and A.U. warn of Play ransomware threat
Dec 20th – Since June of 2022, the Play ransomware group has conducted 300 successful cyber attacks, according to a joint advisory published by the U.S. and Australian governments.
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA) and Australian Signals Directorate’s (ASD) Australian Cyber Security Centre (ACSC), have warned that the group has targeted...
MongoDB customer data exposed
Dec. 18th – Data management giant MongoDB works with over 46,000 enterprises, including Adobe, eBay, Verizon and the U.K.’s Department for Work and Pensions.
In the last day, MongoDB has shared that a breach in corporate systems exposed customer data, including metadata and contact information. For one customer alone, this included system log data. The company has found...
Prince Harry wins damages over phone hack
Dec. 15th – Several years ago, Prince Harry fell prey to phone hacking, as determined by a London High Court judge. The editors of the Daily Mirror, Sunday Mirror and Sunday People were found to have known of the spyware installation, but seemingly stayed silent on the matter.
Key facts
U.K. tabloids intentionally hacked Prince Harry’s phone
Prince...
Nation-state actors burrow into critical systems
Dec. 13th – U.S. government officials and cyber security experts are concerned about recent nation-state backed attempts to infiltrate critical infrastructure, including American power, water, and transportation systems.
Cyber criminals who appear to be affiliated with China have wormed their way into computer systems belonging to roughly two dozen critical infrastructure organizations across the past year.
It is believed...
18 malicious mobile apps downloaded 12M times
Dec 11th – At least 18 malicious financial services apps have been downloaded from the Google Play store over 12 million times in the last year alone. These malicious apps steal personal data from devices, including device info, call logs, installed apps, calendar events, local Wi-Fi network details, metadata from images and more.
The cyber security community has...
Nation-state attacks target U.K. officials
Dec. 8th – The United Kingdom has made allegations against Russia’s Security Service regarding a sustained cyber hacking campaign. The campaign is said to have targeted U.K. politicians and other public figures.
“We will continue to work together with our allies to expose Russian covert cyber activity and hold Russia to account for its actions,” said former Prime...
Breach hits 60 U.S. credit unions
Dec. 6th – In the wake of a ransomware attack, nearly 60 credit unions across the U.S. are contending with breach fallout.
Credit union disruptions
The National Credit Union Administration is in communication with affected entities, and an investigation is ongoing.
Among the organizations significantly impacted by ransomware-related outages is New York-based Mountain Valley Federal Credit Union, although member data...
U.S. confirms cyber attack on water facility
Dec. 4th – Around the world, water suppliers have been urged to upgrade their cyber security measures, after at least one U.S. operator experienced a breach via its industrial control systems, last week.
In the wake of the attack, after the facility’s Unitronics programmable logic controllers (PLCs) were compromised, systems were taken offline and the facility switched to...
Social engineers target Booking.com customers
Dec. 1 – Travel planners beware. A novel social engineering campaign, in operation for the last 12 months, targets both hotel employees and Booking.com customers.
How it works
To gain initial access to Booking.com hotel credentials, cyber attackers deploy the Vidar infostealer. In the process, the scam targets hotel front-desk staff, who need to download malicious content in order...
Amazon announces new AI image generator at AWS re:Invent
November 29th – As many Cyber Talk readers know, Amazon organizes the annual AWS re:Invent conference, where it makes announcements, launches exciting new products, unveils new product features and releases new tools.
The premiere event is currently in underway in Las Vegas. Early this morning, Amazon debuted its new Titan Image Generator, which is now available in preview...
Police departments issue iOS 17 warning
November 27th – Local police departments have issued privacy warnings around Apple’s recent iOS 17 update for iPhones. The update includes a feature called “NameDrop” that allows for contact information to be shared — a little too easily.
Users can share contact information simply by situating the phones in close proximity to one another. Nothing needs to be...
Fortune 500 company shuts down network
November 22 – A prominent Fortune 500 company specializing in title insurance and settlement services for the real estate sector, disclosed a cyber security incident critical computer systems.
The company initiated an investigation, informed law enforcement, and implemented measures to assess and contain the situation.
As a result, disruptions occurred in services related to title insurance, escrow, and mortgage...
North American grid prepares for cyberattacks
November 20 - The North American Electric Reliability Corp (NERC) announced that it has completed a two-day simulation with power sector companies to test their emergency response and recovery plans for physical and cyber security attacks.
Recently, agencies have uncovered plots against power infrastructure and electric substations in various parts of the country. In light of this, NERC...
U.S. Agencies Warn of Gen Z Cybercrime Ecosystem
November 17 - U.S. cyber security and intelligence agencies have issued a joint advisory on the cybercriminal group known as Scattered Spider – a group notorious for carrying out sophisticated phishing campaigns.
Scattered Spider is associated with the Gen Z cybercrime ecosystem known as the Com, which engages in illegal activities and swatting attacks.
These threat actors specialize in...
Beware of Las Vegas Formula 1 scams
November 15 – Are you on the search for last-minute tickets to the Formula 1 Las Vegas Grand Prix?
If you are, then be on the lookout for scammers who are aiming to take advantage of the hype surrounding this significant racing event.
Many threat actors are creating phishing pages that look identical to the official website that sells...
Major Australian port disrupted by cyberattack
November 13 – Since Friday Nov. 10, The Australian government has been grappling with a significant cyber security incident that resulted in the suspension of port operations.
The port organization is responsible for nearly half of the country’s flow of goods and is investigating potential data breaches and assessing critical systems necessary to resume operations and freight movement.
The...
Major ChatGPT outage, DDoS attack
November 9th – In the last 24 hours, ChatGPT and its API have experienced a major outage due to a DDoS attack.
Disruptions in the chatbot's functionality were first documented on November 7th, and initially described as partial outages. However, a “major outage” was reported a day later.
The attack comes on the heels of OpenAI’s first-ever developer conference,...
Predator AI hack tool leverages GPT
November 8th – A new hacking tool, ominously named “Predator AI,” has emerged. What sets this tool apart from others is the integration of artificial intelligence; specifically, a ChatGPT-driven class embedded within a Python script.
The unique GPT class adds a chat-like text-processing interface. The integration appears intended to reduce reliance on OpenAI’s API, while also advancing Predator...
Executives seek exceptions to cyber rules
November 6th – In the last year, nearly half of C-level executives have requested to bypass one or more cyber security measures. This points to a growing disparity between what executives say and the actions that they take.
C-level security skips
To conduct the aforementioned research, more than 6,500 executive leaders, cyber security professionals and office workers were polled.
While...
IT service desks targeted by social engineers
November 3rd – IT service desks have recently experienced a wave of social engineering threats. Traditionally, the IT service desk has functioned as the first point of contact for an organization’s employees who are experiencing technical challenges, such as forgotten passwords and computer crashes.
In order to assist with such requests, service desk staff typically verify users’ identities...
More than 40 allied countries vow not to pay ransoms
November 1st - In a U.S.-led initiative, more than forty countries have agreed to never again pay ransom to cyber criminals, and to actively work towards eliminating hackers’ funding sources.
The timing couldn’t be better, as ransomware attacks are increasing in volume and sophistication worldwide. Says U.S. deputy national security advisor, Anne Neuberger, the United States experiences the...
CISA releases security toolkit for healthcare
October 30th – After a series of devastating healthcare-related breaches across the past few months, the Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Department of Health and Human Services (HHS), has released a new set of resources intended to help professionals in the healthcare space improve their organization's security posture.
This year to-date, CISA has...
Nation-state actors target critical networks in France
October 27th – Since 2021, the nation-state backed group known as APT28 (a.k.a ‘Strontium’ or ‘Fancy Bear’) has been linked to a series of breaches targeting French government entities, businesses, universities and think tanks.
Most recently, APT28 leveraged CVE-2023-38831, a remote code execution vulnerability in WinRAR, and a zero-day privilege elevation flaw in Microsoft Outlook to compromise organizations.
The...
5 hospitals hit by cyber attack
October 25th 2023 – In Ontario, five different hospitals are contending with a cyber attack that has caused delays in care delivery. Some patients and their families report that they’ve waited hours for care and that procedures have been canceled.
One individual required an ambulance to reach the Windsor Regional Hospital’s Met campus and was required to wait...
Microsoft makes $5bn investment in Australia
October 23rd – Across the next two years, Microsoft will invest $5bn in Australia to help protect the nation from cyber threats.
While on a trip to Washington D.C., flanked by Microsoft’s vice-chair and president, Brad Smith, Australia's Prime Minister Anthony Albanese confirmed the investment.
Australian cyber security strategy
The announcement was made just ahead of the Albanese government’s articulation...
NYC hospital cyber attacks, large-scale disruptions
October 20th – In New York, two hospitals are diverting patients to other facilities due to cyber attacks. The incidents affect systems at HealthAlliance Hospital, in Kingston, and at Mountainside Residential Care Center, both of which are part of the Westchester Medical Center Health Network.
Authorities are investigating the incidents, as is an independent cyber security firm. Across...
The unexpected reason X will begin charging users
October 18th – Ever since Elon Musk purchased Twitter, the platform has changed a lot. The famous blue bird logo disappeared, Twitter Blue was a thing for a minute, and most notably, the platform has rebranded to X. And now, X is has announced a new experiment…
The platform will now charge a one dollar per year fee...
Most expansive DDoS ever seen leverages zero-day
October 13th – This week, a group of technology firms publicly shared information about a DDoS campaign that compressed a month’s worth of Wikipedia traffic into a two-minute deluge. Within the campaign, attackers exploited a flaw in the fundamental technology that powers the internet…
Most expansive DDoS ever seen
The DDoS campaign described by Google, Cloudflare and Amazon AWS...
The EU spyware problem, new investigation insights
October 11th – A recent media investigation has revealed that European Union-based entities have financed the development of and backed the sale of cyber surveillance tools, which have made their way into the clutches of authoritarian regimes.
This has occurred with the passive complicity of EU governments, according to the European Investigative Collaborations (EIC) network.
The investigation “…shows what...
Genetic data stolen in targeted 23andMe breach
October 9th – The U.S. based genetic profiling service 23andMe has launched an investigation into how a million data points were exposed via online forums.
At least one anonymous hacker claims to have genetic profiles for sale on the dark web, as cobbled together from hijacked 23andMe customer accounts.
The seller has indicated that the profiles include email addresses,...
NSA and CISA reveal top security misconfigurations
October 6th – The National Security Agency (NSA) and the Cybersecurity and Infrastructure Agency (CISA) have announced the top 10 most common cyber security misconfigurations within enterprise networks, as discovered by their red and blue teams.
NSA and CISA: Misconfigurations
The agencies’ Red and Blue teams collected information during assessments and incident response activities, which shaped their overall report...
Hacker impersonates Meta recruiter to target aerospace firm
October 2 – If you’ve been offered a new job opportunity, exercise caution and ensure that the job offer is legitimate.
New reports indicate that North Korean hackers, pretending to be recruiters from Meta —the parent company of Facebook— are unscrupulously deceiving individuals into downloading malware.
Aerospace breach
These findings have been revealed as part of an investigation into a...
Ransomware forces large logistics firm to close
September 28 – In the U.K., one of the largest privately held logistics firms, KNP Logistics Group, has declared itself under financial duress to the point of insolvency, blaming a ransomware attack.
Roughly 730 employees will be dismissed as a result of the ensuing legal processes, although one of the group’s key entities has been sold, saving roughly...
Now you can talk to ChatGPT and it will talk back
September 26 – The popular chatbot known as ChatGPT can now “see, hear and speak,” or at least process spoken words and respond with a synthetic voice. It can also process images, according to parent company OpenAI.
ChatGPT’s feature push
The features rollout has occurred as competition among chatbot developers heats up. Google has announced a variety of features...
UAE sets cyber security vision for next 50 years
September 20 – In the UAE, senior officials are developing a cyber security vision that is intended to strengthen action against digital crime for the next 50 years.
The initiative will provide the country with a high level of resilience, boosting its ability to address “growing digital challenges.”
“As the UAE looks forward to its centennial in 2071, we...
U.S. leaders call for stronger open-source security
September 18 – In a recent two-day summit that included technology companies, banks and industry groups, the White House pushed for stronger standards on behalf of open-source software development.
The Biden administrations wants to see companies expand use of inventories, known as software bill of materials, which include information about open source components, licensing and version information for...
CISA panel wants national cyber security alert system
September 15 – According to a panel that advises the Cybersecurity and Infrastructure Security Agency (CISA), the U.S. need a national cyber security alert system that would provide actionable insights into threats and risks.
Without providing details around the development of such a system or how it would operate, the panel noted that “there is a genuine need...
Zero-click iMessage exploit hits iPhones
September 11 – Last week, Apple revealed that two security bugs were being exploited within a zero-click campaign designed to distribute the NSO Group’s Pegasus spyware. Apple resolved the bugs shortly thereafter.
Targets included those connected with government organizations. In the past, NSO spyware has been used to target journalists, lawyers, activists and government officials.
Device updates
Researchers encourage Apple...
This country just banned iPhones in select areas of gov’t & economy
September 08 – In China, the government plans to extend a ban on the use of iPhones within government-backed agencies and companies. If China moves ahead with the ban, the unprecedented event will be the culmination of a multi-year effort to eliminate foreign technology use in sensitive environments.
No iPhones
A number of agencies have already instructed staff not...
MITRE and CISA reveal new OT security approach
Sept. 05 – The MITRE Corporation and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) have announced a new extension for the open source Caldera platform, which emulates adversarial attacks against operational technology (OT).
The latest Caldera for OT extension stems from a collaboration between the Homeland Security Systems Engineering and Development Institute (HSSEDI) and CISA as part...
Airbnb accounts hacked with new tactics
Sept. 01 – An increasing number of cyber criminals are exploiting the Airbnb platform in order to profit from user accounts and stolen data.
A household name in the travel industry, Airbnb has become a target due to its global popularity. However, cyber security researchers have explained that the platform’s accessibility has also enabled cyber criminals to manipulate...
NCSC warns of ChatGPT prompt injection attacks
Aug 30 – The U.K’s National Cyber Security Centre (NCSC) has stated that there is a growing risk of chatbot “prompt injection” attacks.
As implied in the name, in these attacks cyber criminals manipulate prompts, forcing language models like ChatGPT and Bard to behave in unexpected ways.
Because chatbots may share data with third-party applications and services, the NCSC...
Spyware hack shows 76,000 phones breached
Aug 28 – A spyware maker’s servers and databases have been hacked. By exploiting flaws in the group’s web dashboard, the adversaries were able to download every dashboard record, including every customer’s email address.
Access to the dashboard enabled hackers to delete victims’ devices from the spyware network, severing the connection at the server level to prevent the...
NIST shares post-quantum cryptography standards
Aug 25 – Draft copy of post-quantum cryptography (PQC) standards has been published by the U.S. National Institute of Standards and Technology (NIST). The framework will enable organizations to protect themselves from future quantum-based cyber attacks. The draft documents encompass three draft Federal Information Processing Standards (FIPS).
PQC standardization process
Starting in December of 2016, NIST began to collect...
CISA says 1,300 new hires in two years
Aug 23 – This week, U.S. Cybersecurity and Infrastructure Security Agency (CISA) Director, Jen Easterly, announced that the agency has substantially increased its staffing, reaching 3,161 employees after an extensive two-year recruitment campaign.
More than 1,300 individuals have been hired, translating to more than 18M additional hours of labor every year.
CISA talent
CISA has explained that not only does...
This new Chrome feature can increase security
Aug 21 – A new Chrome feature aims to proactively alert users when a recently installed extension is no longer available on the Chrome Web Store. The feature, known as the “Safety Check,” is intended to address three scenarios.
In the first one, it will send out an alert to users in the event that an extension has...
Cyber threats turn real for industry professionals
Aug 18 – Earlier this year, the CEO of a small, well-known cyber security company received a disturbing message from cyber criminals stating that the company’s data would be leaked, unless a ransom payment were made.
The CEO refused to negotiate. In a never-before-seen move, the hackers dug up an electronic copy of the CEO's son's passport, the...
LinkedIn accounts hacked in hijacking campaign
Aug 16 - In recent months, many LinkedIn users have been locked out of accounts for security reasons or ultimately, had their accounts hijacked by cyber attackers.
And LinkedIn users have become vocal about the recent account takeovers and lockouts. An inability to solve the issue through LinkedIn support has compounded users' negative experiences.
According to cyber security researchers,...
This ransomware attack disrupted U.S. hospitals
Aug 11 – Starting last week, a ransomware attack affecting 16 different hospitals, all of which are run by Prospect Medical Holdings, resulted in multi-day disruptions to patient services across facilities in four different states.
Hospitals were forced to divert ambulances to other care centers, cancel appointments, and close connected satellite clinics. Some had to use paper records...
AI can eavesdrop while you’re on Zoom
Aug 9 – In your average workday, do you take Zoom calls and simultaneously work on other projects in the background? If so, this software could pose a threat...
A new study reveals that AI-powered software can “eavesdrop” on people by working out which keys are being pressed while typing occurs. The software has an accuracy rate of...
A new ‘superconductor’ could change the world
Aug 7 – The world of material sciences generally doesn’t receive much public spotlight, but after scientific discovery of a new superconductor material, dubbed LK-99, the discipline is receiving Barbenheimer-level attention.
In late July, a group of researchers claimed to have discovered a superconductor that works at normal temperatures and pressure. As with conventional superconductors, this superconductor can...
FCC fines robocallers $300 million
Aug 4 –The FCC has issued one of its largest fines ever. After an investigation spanning many months, the FCC decided to issue a record-setting $300 million fine on one of the largest illegal robocall operations the agency has ever faced.
The operation, comprised of an international network of companies, made more than five billion robocalls to 500...
White House plan for cyber workforce
Aug 2 – The Biden administration and the Office of the National Cyber Director have a plan to improve the nation's cybersecurity skills. They want to build up the workforce and make sure all working Americans are prepared for the digital world.
This is the first government plan of its kind to accomplish one goal: meet the increasing...
What is FraudGPT?
Jul 28 -- A new cyber criminal tool, known as FraudGPT, has appeared on various dark web marketplaces and Telegram channels. As the name implies, the tool is intended to promote malicious activity. It's been in circulation since at least July 22nd of this year.
"This is an AI bot, exclusively targeted for offensive purposes, such as crafting...
Companies have 4 days to report breaches
Jul 26 – Under controversial new rules that the U.S. Securities and Exchange Commission is expected to adopt, companies hit by cyber attacks will have four days to publicly disclose any significant impact.
At a meeting today, the agency’s commissioners will vote on the details of the reporting rules, which were proposed last year. Trade organizations and enterprises...
Twitter logo officially changed to ‘X’
Jul 25 -- Twitter's iconic blue bird logo has been replaced. Now, the Twitter website sports an 'X' as its logo. World's richest billionaire and Twitter CTO Elon Musk announced the change over the weekend. It's already live on the website.
What happened
In a tweet from early Sunday morning, Musk wrote that "soon we shall bid adieu to...
MOVEit breaches affect supply chain partners
Jul 21 – News about the MOVEit transfer vulnerability began to pour in just after the long U.S. Memorial Day holiday this year. Numerous corporate groups and federal agencies were breached amidst the incident, with data stolen. Now, analysts report that corresponding breach fallout is affecting companies that don’t even use the file sharing product.
Although awareness of...
U.S. rolls out new IoT labeling program
Jul 19 – In the U.S., government officials have launched a much-awaited Internet of Things (IoT) cyber security labeling program, which is intended to protect Americans from the security and data privacy risks associated with internet-connected devices.
Named “U.S. Cyber Trust Mark,” the program aims to help Americans ensure that they purchase IoT devices that have strong cyber...
Generative AI WormGPT: Black hat capabilities
Jul 17 -- Cyber criminals are now developing generative AI tools that function similarly to ChatGPT and that are easy to use for nefarious purposes. In addition to creating these tools, cyber criminals are also advertising them to criminal colleagues and peers.
One of these tools is known as WormGPT. The tool styles itself as a black hat...
New U.S. Cyber Security Strategy Emphasizes Resilience
Jul 14 – In Washington D.C., White House officials have published implementation plans pertaining to a new National Cybersecurity Strategy, which aims to strengthen the software supply chain and to advance public-private partnerships.
Increasing the resilience of the market overall is a key focus. Efforts are underway to establish a long-term software liability framework and to reduce gaps...
Deepfake quantum AI investment scams
Jul 10 – Financial journalist and broadcaster Martin Lewis was recently impersonated in a deepfake video, which showed him promoting a fraudulent Quantum AI investment opportunity.
Lewis quickly took to the internet to explain that he was not behind the video. He also urged the government to take action to protect people from these types of scams.
“This is...
New malware hits U.S. and Canadian firms
Jul 7 – Cyber attackers are now using new Truebot malware variants to execute attacks against organizations in the U.S. and Canada, multiple cyber security agencies have warned. Attackers are stealing data from victims for financial gain.
According to the Cybersecurity and Infrastructure Security Agency (CISA), along with the Canadian Centre for Cyber Security and the Multi-State Information...
Major shipping port suffers ransomware attack
Jul 5 – On Tuesday, Japan's largest maritime port was hit by a cyber attack, resulting in shipment delays and disrupted regional business operations.
Specifically, the ransomware created a temporary outage of a Port of Nagoya container terminal. According to authorities, operations are expected to resume on Thursday at 8:30 a.m. local time.
As an increasing number of ports...
CISA warns of DDoS attacks
June 30 – Just ahead of the U.S. holiday weekend, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of ongoing distributed denial-of-service (DDoS) attacks.
Organizations across numerous industry sectors have been hit. All U.S. organizations are advised to take proactive measures to ensure that security teams are prepared to subdue the effects of such attacks.
Preparing for...
This technique could help malware evade detection
June 28 – According to cyber security experts, a new process technique dubbed “Mockingjay” could be exploited by threat actors to bypass security solutions. In so doing, hackers could execute malicious code on corporate systems.
The injection is executed without space allocation, setting permissions or starting a thread, said researchers. This technique requires a vulnerable DLL and copying...
Suncor Energy, cyber security incident
June 26 – Over the weekend, Suncor Energy experienced a “cyber incident” that has rendered numerous Petro-Canada gas stations unable to process credit cards or debt cards. The incident has forced the enterprises to become cash-only.
On Sunday, Suncor stated that it was partnering with third-party experts to investigate and address the issue. “At this time, we are...
Google announces cyber security clinics
June 23 – In the U.S. and around the world, free medical clinics and legal aid clinics, where university students assist the local community while learning about professional opportunities in the field, are now relatively commonplace. Google aims to add cyber security clinics to the list.
On Thursday, Google CEO Sundar Pichai pledged $20 million in funding to...
Zuckerberg accepts Musk’s challenge to a cage match
June 22 – In a cage match between Mark Zuckerberg and Elon Musk, who would win? If it sounds too crazy to think about, believe it or not, you might actually have the opportunity to see it play out. Maybe. Here's what happened on the internet this week...
The Wild Wild West
In Silicon Valley, world’s richest person and...
ChatGPT credentials for sale on dark web
June 20 – In the last year, more than 100,000 ChatGPT account credentials were compromised. The credentials are now on the dark web. White hat professionals discovered the credentials when exploring information stealer logs that are listed for sale through underground forums.
Last month, the number of available logs containing compromised ChatGPT credentials reached 26,802 – a number...
Russian hackers breach U.S. agencies
June 16th – Government officials are working quickly to reduce the impact of a global cyberattack affecting U.S. government agencies and their NATO allies.
The Cybersecurity and Infrastructure Security Agency (CISA) has confirmed that it is helping affected agencies.
How did the attack occur? Anne Neuberger, a deputy national security advisor for the National Security Council, explained that the...