According to researchers at Tenable, the popular logging utility Fluent Bit, which several major companies use, has a critical vulnerability that could enable Denial-of-Service (DoS) attacks, information disclosure, and Remote Code Execution (RCE). Fluent Bit is an open source data collector and processor that can handle large amounts of log data from various sources. With billions of downloads, the tool is deployed over 10 million times daily. Microsoft, Google Cloud, AWS, Cisco, LinkedIn, VMware, Splunk, Intel, Arm, and Adobe use it.

A new version of "BiBi Wiper" malware deletes the disk partition table, making data restoration harder and prolonging victim downtime. BiBi Wiper attacks on Israel and Albania are linked to "Void Manticore," also tracked as Storm-842, an Iranian hacking group suspected of being affiliated with Iran's Ministry of Intelligence and Security (MOIS). Security Joes discovered BiBi Wiper in October 2023, and Israel's CERT warned in November 2023 of large-scale offensive cyber operations involving it against critical organizations.

IBM X-Force warns of a new "Grandoreiro" banking Trojan campaign. After a January law enforcement takedown, the Grandoreiro banking Trojan operators resumed operations. The recent campaign targeted more than 1,500 banks in over 60 countries in Central and South America, Africa, Europe, and the Indo-Pacific. Grandoreiro, a modular backdoor, is capable of keylogging, command execution, imitating mouse movements, and more. This article continues to discuss findings regarding the new Grandoreiro banking Trojan campaign.

Four popular generative Artificial Intelligence (AI) chatbots are vulnerable to basic jailbreak attempts, according to UK AI Safety Institute (AISI) researchers. The UK AISI conducted tests to assess cyber risks associated with these AI models. They were found to be vulnerable to basic jailbreak techniques, with the models producing harmful responses in 90 percent to 100 percent of cases when the researchers repeated the same attack patterns five times in a row.

The American Radio Relay League (ARRL) has recently been targeted in a cyberattack that resulted in service disruptions and possibly a data breach. The ARRL is the United States’ national association for amateur radio. The ARRL says it has 100 full-time and part-time staff members, and roughly 160,000 members. The ARRL informed members on Thursday, May 16, that it had been in the process of responding to a “serious incident” involving access to its network and headquarter systems.

The Department of Justice (DoJ) recently announced charges, seizures, arrests, and rewards as part of an effort to disrupt a scheme in which North Korean IT workers infiltrated hundreds of companies and earned millions of dollars for North Korea. According to the DoJ, North Korea has dispatched thousands of skilled IT workers around the world. These workers stole the identities of people living in the United States and leveraged them to get jobs at more than 300 companies.

A team of experts, including researchers from Monash University, have developed a method for implementing quantum-safe digital signatures significantly faster, making online transactions quicker and safer. The study developed a much faster way to implement Falcon, a post-quantum digital signature scheme, for Graphic Processing Units (GPUs).

A new paper led by UC Santa Cruz researchers explores two pieces of malware that attempted to cause blackouts in Ukraine. The paper presents the first study of how the "Industroyer One" and "Industroyer Two" malware attacks operated and interacted with physical power system equipment. The Five Eyes intelligence alliance, including Australia, Canada, New Zealand, the UK, and the US, attributed both attacks to Russia's military intelligence agency, the GRU. This article continues to discuss the study of the Industroyer attacks.