"86% Of Cyberattacks Are Delivered Over Encrypted Channels"

"86% Of Cyberattacks Are Delivered Over Encrypted Channels"

According to Zscaler, threats over HTTPS have increased by 24 percent since 2022, highlighting the sophistication of cybercriminal tactics that target encrypted channels. Manufacturing was the most commonly targeted industry for the second year in a row, with education and government organizations experiencing the most significant year-over-year increase in attacks. In addition, malware, including malicious web content and malware payloads, continued to conquer other types of encrypted attacks.

Submitted by Gregory Rigby on

33rd International Conference on Computer Communications and Networks (ICCCN 2024)

"ICCCN is one of the leading international conferences for presenting novel ideas and fundamental advances in the fields of computer communications and networks. ICCCN serves to foster communication among researchers and practitioners with a common interest in improving communications and networking through scientific and technological innovation. The primary focus of the conference is on new and original research results in the areas of design, implementation, and applications of computer communications and networks."

"Ubisoft Says It's Investigating Reports of a New Security Breach"

"Ubisoft Says It's Investigating Reports of a New Security Breach"

Ubisoft just started investigating whether it suffered a breach after images of the company's internal software and developer tools were leaked online.  Ubisoft is a French video game publisher known for well-known titles, including Assassin's Creed, FarCry, Tom Clancy's Rainbow Six Siege, and the new Avatar: Frontiers of Pandora.  Security researchers at VX-Underground say an unknown threat actor told them they breached Ubisoft on December 20th.  Once inside the company's systems, the unknown threat actor said they planned to exfiltrate around 900GB of data.

Submitted by Adam Ekwall on

"Europol warns 443 online shops infected with credit card stealers"

"Europol warns 443 online shops infected with credit card stealers"

Europol has recently notified over 400 websites that their online shops have been hacked with malicious scripts that steal debit and credit cards from customers making purchases.  Skimmers are small snippets of JavaScript code added to checkout pages or loaded from a remote resource to evade detection.  Europol noted that they are designed to intercept and steal payment card numbers, expiration dates, verification numbers, names, and shipping addresses and then upload the information to the attackers' servers.

Submitted by Adam Ekwall on

"SMS Scams Set to Peak on Saturday in UK"

"SMS Scams Set to Peak on Saturday in UK"

UK telco EE has recently warned customers they could be deluged with millions of scam SMS messages on December 23 as fraudsters look to capitalize on last-minute Christmas shopping.  The mobile operator claimed that the equivalent day last year saw it block three million text message scams (aka “smishing”), the highest daily number in 2022.  The copany warned that this year the figure could reach as high as five million.

Submitted by Adam Ekwall on

"Inmate, Staff Information Stolen in Rhode Island Prison Data Breach"

"Inmate, Staff Information Stolen in Rhode Island Prison Data Breach"

The Donald W. Wyatt Detention Facility in Rhode Island has recently disclosed a data breach impacting the personal information of roughly 2,000 inmates, staff, and vendors.  According to the correctional facility, the incident occurred in November, involving malware being deployed on its computer systems and data theft.  It was noted that the investigation into the matter revealed that the attackers compromised the personal information of more than 1,450 detainees, over 430 current and former staff members, and roughly 90 outside vendors.

Submitted by Adam Ekwall on

"NIST Releases 2 Draft Guides to Prepare for Post-Quantum Migration"

"NIST Releases 2 Draft Guides to Prepare for Post-Quantum Migration"

The National Institute of Standards and Technology (NIST) released two draft publications aimed at helping organizations transition from traditional encryption schemes to ones that can withstand attacks from a potential quantum computer. NIST opens the documents up for public comment as the agency ushers in the next era of cybersecurity.

Submitted by Gregory Rigby on

"New Phishing Campaign Steals Instagram Backup Codes"

"New Phishing Campaign Steals Instagram Backup Codes"

Trustwave researchers have detailed a new phishing method that aims to bypass Instagram accounts' two-step verification. A misleading email message and login page lead users to reveal their credentials and a temporary six-digit backup code. The phishing method involves sending an email purporting to be from Instagram's parent company, Meta. It informs users that their account may have violated copyrights. To prevent losing their account, the user is prompted to log in within 12 hours using a specific link.

Submitted by Gregory Rigby on

"The Impact of Prompt Injection in LLM Agents"

"The Impact of Prompt Injection in LLM Agents"

Prompt injection is an unresolved issue that poses a significant threat to the integrity of Large Language Models (LLMs). This threat is heightened when LLMs are transformed into agents that interact directly with the outside world, using tools to retrieve data or carry out actions. Prompt injection techniques can be used by malicious actors to produce unintended and potentially harmful output by distorting LLMs' reality.

Submitted by Gregory Rigby on

"Group-IB Warns of Surge in Fake Delivery Sites in the Lead-up to Christmas"

"Group-IB Warns of Surge in Fake Delivery Sites in the Lead-up to Christmas"

A new Group-IB report warns of an increase in fake delivery websites. Group-IB's Computer Emergency Response Team (CERT-GIB) identified 587 fake postal resources in the first ten days of December, 34 percent more than in the last ten days of November. CERT-GIB has identified 1,539 phishing websites impersonating postal operators and delivery companies since the beginning of November.

Submitted by Gregory Rigby on
Subscribe to