News
-
"Dark Web ChatGPT Unleashed: Meet DarkBERT"The snowball effect caused by Large Language Models (LLMs) such as ChatGPT is still in the early stages. Combined with the open-sourcing of other Generative Pre-Trained Transformer (GPT) models, the number of Artificial Intelligence (AI)-based…
-
"FTC to Crack Down on Biometric Tech, Health App Data Privacy Violations"The Federal Trade Commission (FTC) plans to update its Health Breach Notification Rule (HBNR) to clarify language regarding security breaches, user consent, and other functions, which will result in stricter enforcement for developers of consumer-driven…
-
"Google Debuts Quality Ratings for Security Bug Disclosures"Google and Android announced recently that they will now assess device vulnerability disclosure reports based on the level of information that bug hunters provide in order to encourage more comprehensive submissions. According to Google,…
-
"Apple Patches 3 Exploited WebKit Zero-Day Vulnerabilities"Apple recently released security updates for its operating systems to patch dozens of vulnerabilities that could expose iPhones and Macs to hacker attacks, including three zero-days affecting the WebKit browser engine. Two of the actively exploited…
-
"Satellite Signal Jamming Reaches New Lows: Starlink and Other LEO Constellations Face a New Set of Security Risks"Before Russia invaded Ukraine, Russian hackers knocked out Viasat satellite ground receivers across Europe. Elon Musk then offered access to Starlink, SpaceX's network of low Earth orbit (LEO) communications satellites. However, Musk reported shortly…
-
"Experts Warn of Voice Cloning-as-a-Service"Security researchers at Recorded Future warn that threat actors are gaining significant interest in voice cloning-as-a-service (VCaaS) offerings on the dark web, designed to streamline deepfake-based fraud. The researchers noted that deepfake audio…
-
"Teen Hacker Charged in Scheme to Siphon Funds From Sports Betting Accounts"An 18-year-old has been charged for allegedly hacking and selling access to thousands of online sports betting accounts. Joseph Garrison of Madison, Wisconsin, who is accused of masterminding the credential stuffing scheme, is facing criminal charges.…
-
"Popular Android TV Boxes Sold on Amazon Are Laced With Malware"AllWinner and RockChip are China-based companies that power several popular Android TV boxes sold on Amazon. These Android-powered TV set-top boxes are typically inexpensive and highly customizable, incorporating multiple streaming services into a single…
-
"Searching for AI Tools? Watch Out for Rogue Sites Distributing RedLine Malware"As part of a BATLOADER campaign designed to distribute the RedLine Stealer malware, malicious Google Search ads for generative Artificial Intelligence (AI) services such as OpenAI ChatGPT and Midjourney are being used to direct users to questionable…
-
"Once Again, Malware Discovered in npm"Two code packages named "nodejs-encrypt-agent" were recently discovered to contain the open-source information-stealing malware TurkoRat in the popular npm JavaScript library and registry. The malware-containing packages were discovered by ReversingLabs…
-
"Inadequate Tools Leave Appsec Fighting an Uphill Battle for Cloud Security"According to Backslash Security, AppSec teams are struggling to keep up with the increasingly rapid and agile development pace, and playing security defense through a continuous and unproductive vulnerability hunt. Fifty-eight percent of respondents…
-
"Hackers Target Vulnerable WordPress Elementor Plugin After PoC Released"In massive Internet scans, hackers are actively searching for vulnerable Essential Addons for Elementor plugin versions on thousands of WordPress websites in an attempt to exploit a recently disclosed critical account password reset vulnerability. The…