News
-
"Apple Releases First-Ever Security Updates for Beats, AirPods Headphones"Apple has recently released the first-ever security updates for its Beats and AirPods products to patch a vulnerability that can be exploited to gain access to headphones through a Bluetooth attack. The flaw is tracked as CVE-2023-27964, and it was…
-
"UCSB to Lead NSF-Funded Research Institute for Next-Level AI-Powered Cybersecurity"The Institute for Agent-based Cyber Threat Intelligence and Operation (ACTION), funded by the National Science Foundation (NSF), is composed of the top US computer scientists and engineers. It combines the continuous learning and reasoning of Artificial…
-
"OSU Research Shows How Hackers Can Target Smart Meters to Destabilize Electricity Grid"Researchers from the Oregon State University (OSU) College of Engineering have demonstrated that hackers can destabilize a power transmission grid by manipulating smart meters to cause an oscillation in electricity demand. A smart meter is a digital…
-
"AMD TPM Exploit: faulTPM Attack Defeats BitLocker and TPM-Based Security"A newly published paper by security researchers at the Technical University of Berlin reveals that AMD's firmware-based Trusted Platform Module (fTPM/TPM) can be fully compromised using a voltage fault injection attack, allowing full access to the…
-
"US Authorities Dismantle Dark Web Card Checking Platform"The US government recently claimed it had dismantled another popular cybercrime service after unsealing a four-count indictment against its alleged Russian operator. Try2Check played a vital role in the online fraud supply chain by enabling…
-
"Meta Expunges Multiple APT, Cybercrime Groups From Facebook, Instagram"Meta, the parent company of Facebook, announced that it thwarted the activities of three Advanced Persistent Threat (APT) groups in South Asia engaged in cyber espionage and six adversarial groups from different global regions involved in "inauthentic…
-
"ChatGPT and Other AI-Themed Lures Used to Deliver Malicious Software"According to Check Point researchers, from the beginning of 2023 until the end of April, one out of every 25 newly created domains related to ChatGPT or OpenAI was malicious or potentially malicious. In addition, Meta has stated that, since March 2023,…
-
"Hackers Start Using Double DLL Sideloading To Evade Detection"An Advanced Persistent Threat (APT) group known as Dragon Breath, Golden Eye Dog, or APT-Q-27 demonstrates a new trend of evading detection by using multiple complex variations of the classic DLL sideloading technique. These attacks begin with an initial…
-
"Chinese Hacker Group Earth Longzhi Resurfaces with Advanced Malware Tactics"After more than six months of inactivity, the Chinese state-sponsored cyber group Earth Longzhi has reemerged with a new campaign targeting government, healthcare, technology, and manufacturing entities in Taiwan, Thailand, the Philippines, and Fiji.…
-
"Chrome 113 Released With 15 Security Patches"Google recently announced the release of Chrome 113 to the stable channel with 15 security fixes, including patches for 10 vulnerabilities reported by external researchers. The latest Chrome update only resolves medium and low severity flaws.…
-
"Netgear Vulnerabilities Lead to Credentials Leak, Privilege Escalation"Security researchers at Flashpoint have discovered that vulnerabilities in Netgear's NMS300 ProSAFE network management system allow attackers to retrieve cleartext credentials and escalate privileges. The tool provides users with a web-based…
-
"Three-Quarters of Firms Predict Breach in Coming Year"According to new research by Trend Micro, most global organizations anticipate suffering a data breach or cyberattack in the next 12 months. The security vendor’s Cyber Risk Index (CRI), compiled every six months, was compiled from interviews…