News
-
"Malicious Actors Manipulating Photos and Videos to Create Explicit 'Deepfake' Content and Sextortion Schemes"The FBI is warning the public about malicious actors creating synthetic content, commonly known as "deepfakes," through the manipulation of harmless photographs or videos in order to target victims. Artificial Intelligence (AI)-enabled content creation…
-
"New Malware Campaign Leveraging Satacom Downloader to Steal Cryptocurrency"A new malware campaign uses the Satacom downloader as a channel for distributing stealthy malware that can steal cryptocurrency via a malicious browser extension for Chromium-based browsers. The malware dropped by the Satacom downloader primarily aims to…
-
"Dissecting the Dark Web Supply Chain: Stealer Logs in Context"Stealer logs are one of the main threat vectors for today's companies, but many security teams continue to focus on leaked credentials and are unaware of the significant threat posed by devices infected with infostealer malware. There are numerous…
-
"High-Risk Vulnerabilities Patched in ABB Aspect Building Management System"Prism Infosec discovered two high-risk vulnerabilities in ABB's Aspect Control Engine Building Management System (BMS). Users can monitor a building's performance with ABB's Aspect BMS, which combines real-time integrated control, supervision, data…
-
"US Aerospace Contractor Hacked With 'PowerDrop' Backdoor"Hackers using native Windows tools infected at least one US defense contractor with a novel backdoor, potentially paving the way for further malware implantation or worse. In a June 6 report, Adlumin researchers dubbed the backdoor "PowerDrop," after a "…
-
"Amid Volumes of Mobile Location Data, New Framework Reduces Consumers' Privacy Risk, Preserves Advertisers' Utility"The use of mobile technologies to collect and analyze location information on individuals has generated large amounts of consumer location data, further supporting a complex multibillion-dollar system in which consumers can exchange personal data for…
-
"OWASP Lists 10 Most Critical Large Language Model Vulnerabilities"The Open Worldwide Application Security Project (OWASP) has released a list of the top 10 most critical vulnerabilities commonly found in Large Language Model (LLM) applications, emphasizing their potential impact, exploitability, and prevalence. The…
-
"Informing and Inspiring the Next Generation of Cyber Talent Through Competition"US Cyber Games kicked off the competition to identify and select the Season III US Cyber Team last week. Over the next few months, athletes aged 18 to 24 will participate in events that will culminate with the selection of the top cyber athletes in…
-
"NASA Website Flaw Jeopardizes Astrobiology Fans"A vulnerability in NASA's astrobiology website could have led users to malicious websites by masking a dangerous URL with NASA's name. The Cybernews research team independently found an open redirect vulnerability impacting NASA's astrobiology website.…
-
"Exploitation of Vulnerabilities Have Soared, Unit 42 Report Finds"Security researchers at Palo Alto Networks' Unit 42 discovered that the number of vulnerabilities exploited in 2022 has grown by 55% compared to 2021. The researchers noted that Linux malware emerged as a growing concern last year, particularly…
-
"$10.3 Billion in Cyber Crime Losses Shatters Previous Totals"The most recent FBI Internet Crime Report details over 800,000 cybercrime-related complaints filed in 2022. According to the report, total losses exceeded $10 billion, surpassing the $6.9 billion total for 2021, as reported by the FBI's Internet Crime…
-
"NSA and Co-Authors Recommend Best Practices to Secure Remote Access Software"Cybercriminals are using legitimate remote access software to gain access to victims' systems, blend in with regular network activity, and bypass detection. The National Security Agency (NSA), together with co-authors, released the "Guide to Securing…