Threat actors are using compromised Facebook business accounts to run malicious ads that involve inappropriate images as lures to trick victims into downloading an updated version of NodeStealer malware. Clicking on the ads downloads an archive containing a malicious .exe 'Photo Album' file that drops a second executable written in .NET. According to Bitdefender, this payload steals browser cookies and passwords. Meta first disclosed NodeStealer in May 2023 as a JavaScript malware designed to facilitate the hijacking of Facebook accounts.

Popular messaging and calling apps may reveal a user's IP address to the person on the other end of a call. Most chat apps use peer-to-peer connections by default, which means the user and the person they are talking to connect directly to each other in order to improve call quality. This is not necessarily a significant risk, but experts say it is unclear whether users are aware of this potential privacy issue or how calls over popular messaging apps like Telegram, Signal, WhatsApp, Facebook Messenger, Apple's FaceTime, Viber, Snapchat, and Threema work.

Many cyberattacks on the transportation industry have resulted in the theft of personal data from companies such as Ferrari, Toyota, and Tesla. According to an Upstream 2023 report, data breaches account for 37 percent of cybersecurity automotive incidents, with backend server attacks accounting for 40 percent of incidents. Transportation industry leaders must respond to these trends by conducting internal assessments of existing cybersecurity strategies to ensure preparedness and quick recovery times in the event of a breach.

The BlackCat/ALPHV ransomware gang claims to have breached Henry Schein's network and stolen data, including payroll and shareholder information. Henry Schein is a healthcare solutions provider with operations and affiliates in 32 countries and an estimated revenue of more than $12 billion. On October 15, the company disclosed that it was forced to take some systems offline in order to contain a cyberattack that had impacted its manufacturing and distribution businesses the day before.

Security researchers at Zscaler ThreatLabz recently discovered the malware BunnyLoader. Hackers record keyboard activity and take over the clipboard on devices where the malware is launched. It can steal browser data and system information, with cryptocurrency wallets also being at risk. All the information collected by the malware in the background is delivered to the hackers via a ZIP archive. Stolen information can be related to credit card data, passwords, downloads, credentials from Virtual Private Network (VPN) services, chat apps, and cryptocurrency wallets.

Attackers are distributing spyware that stealthily collects private data from WhatsApp users on Android devices through the same mods previously discovered for the Telegram service. They counted 340,000 attempts to distribute the spyware via the WhatsApp mod. They believe the actual number of attempted attacks is higher due to the nature of the distribution channel. Although the attack affected users globally, Azerbaijan accounted for 46 percent of the victims. Other countries with a high number of victims include Yemen, Saudi Arabia, Egypt, and Turkey.

Fully Homomorphic Encryption (FHE) enables computation on encrypted data, or ciphertext, to maintain data protection at all times. It allows the use of untrusted networks and improves data privacy. FHE is a sophisticated cryptographic method considered the "holy grail of encryption," as it allows users to process encrypted data while the data or models remain encrypted, guaranteeing data privacy throughout the data computation process.

The US Department of Commerce's National Institute of Standards and Technology (NIST) is seeking participants in a new consortium to support the development of innovative methods for assessing Artificial Intelligence (AI) systems in order to improve the safety and trustworthiness of the technology. This consortium is a key component of the new NIST-led US AI Safety Institute.

Rapid7 cybersecurity researchers have issued a warning regarding the potential exploitation of a recently disclosed critical vulnerability in the Apache ActiveMQ, tracked as CVE-2023-46604, to launch the HelloKitty ransomware. Apache ActiveMQ is a Java-written open-source message broker software serving as a Message-Oriented Middleware (MOM) platform. ActiveMQ facilitates asynchronous communication and data exchange among various applications by providing messaging and communication capabilities.

New research on popular Artificial Intelligence (AI) image generators reveals that they could be hacked to create inappropriate and potentially harmful content. Although most online art generators claim to block violent, pornographic, and other forms of inappropriate content, Johns Hopkins University researchers were able to manipulate two of the most well-known systems to generate the type of images that the products' safeguards are supposed to prevent.