Rockwell Automation has recently issued a security notice urging customers to ensure that their industrial control systems (ICS) are not connected to the internet and exposed to cyber threats.

Mastercard has recently announced it is deploying generative AI technology to enhance its fraud detection capabilities. The company said that generative AI enables it to double the speed at which it can detect potentially compromised cards, allowing banks to block them far faster. The company noted that the new technology they developed can scan transaction data across billions of cards and millions of merchants "at faster rates than previously imaginable." It better predicts the full card detail of comprised cards on its network, alerting Mastercard to new, complex fraud patterns.

Video communications giant Zoom recently announced that post-quantum end-to-end encryption (E2EE) has been added to Zoom Workplace.

Semiconductor manufacturing giant OmniVision Technologies has recently disclosed a data breach following a ransomware attack it suffered in September 2023. The company said that the incident was discovered on September 30, 2023, after certain systems were encrypted by malware. The investigation was completed on April 3, 2024, and it was determined that, between September 4 and September 30, the attackers stole personal information from certain OmniVision systems.

Seventy percent of Chief Information Security Officers (CISOs) revealed that their businesses are at risk of experiencing a cyberattack in the next year.

The Russian-linked "Turla" Advanced Persistent Threat (APT) group has been using PDF and MSBuild project files to deliver the "TinyTurla" backdoor as a fileless payload. Researchers consider the campaign's seamless delivery a sophisticated advancement. Cyble Researchers and Intelligence Labs (CRIL) found the campaign, which uses emails with documents offering human rights seminar invitations or public advisories to infect users with TinyTurla. To lure victims, attackers also impersonate legitimate authorities.

YouTube has become a major cybercrime channel, with telemetry from Avast showing that 4 million users were protected against YouTube threats in 2023 and 500,000 in January-March 2024. Automated advertising systems and user-generated content allow cybercriminals to bypass security, making YouTube a powerful phishing and malware channel. Credential stealers, phishing landing pages, and malicious software disguised as legitimate software or updates are notable threats on YouTube.

The US Environmental Protection Agency (EPA) released an alert highlighting cyber-protection measures for drinking water systems. Since September 2023, EPA inspections have found that over 70 percent of water systems violate the Safe Drinking Water Act. Some systems were found to contain critical cyber vulnerabilities, including those caused by default passwords and authentication systems that can be compromised. The agency has detailed how drinking water system operators can protect their assets.

GitHub fixed a maximum severity authentication bypass vulnerability that affects GitHub Enterprise Server (GHES) instances using SAML Single Sign-On (SSO) authentication. An attacker could forge a SAML response and gain administrator privileges, enabling unrestricted access to the instance's contents without authentication. GHES is a self-hosted alternative that caters to the needs of organizations that would rather store repositories on private cloud environments or their own servers.

"CLOUD#REVERSER," a new attack campaign, uses Google Drive and Dropbox to stage malicious payloads. Securonix researchers said the CLOUD#REVERSER's VBScript and PowerShell scripts use Google Drive and Dropbox as staging platforms for managing file uploads and downloads. The scripts fetch files matching certain patterns, which suggests they are waiting for commands and scripts in Google Drive or Dropbox. A phishing email with a ZIP archive file containing a Microsoft Excel file-looking executable starts the attack chain.