"Qilin Caught Red-Handed Stealing Credentials in Google Chrome"

"Qilin Caught Red-Handed Stealing Credentials in Google Chrome"

After breaching a target's network, "Qilin," the ransomware group suspected to have been behind the recent Synnovis attack, stole credentials stored in Google Chrome. According to researchers at Sophos X-Ops who detected the activity, this is an unusual tactic for ransomware groups as Qilin not only conducted an extortion attack but also carried out a credentials-harvesting scheme. This article continues to discuss Qilin's theft of credentials stored in Google Chrome.

Submitted by Gregory Rigby on

30th ACM SIGKDD Conference on Knowledge Discovery and Data Mining

"The annual ACM SIGKDD conference is the premier international forum for data mining researchers and practitioners from academia, industry, and government to share their ideas, research results and experiences. The KDD conferences feature keynote presentations, oral paper presentations, poster sessions, workshops, tutorials, panels, exhibits, demonstrations, and the KDD Cup competition."

Topics of interest include, but are not limited to security and privacy.

"New macOS Malware TodoSwift Linked to North Korean Hacking Groups"

"New macOS Malware TodoSwift Linked to North Korean Hacking Groups"

Researchers have discovered a new macOS malware strain called "TodoSwift" that resembles the known malicious software used by North Korean hacking groups. According to Kandji security researcher Christopher Lopez, TodoSwift behaves similarly to malware originating in North Korea (DPRK), such as "KANDYKORN" and "RustBucket." This article continues to discuss findings regarding the TodoSwift macOS malware.

THN reports "New macOS Malware TodoSwift Linked to North Korean Hacking Groups"

Submitted by Gregory Rigby on

26th International Symposium on Principles and Practice of Declarative Programming (PPDP 2024)

"The PPDP 2024 symposium brings together researchers from the declarative programming communities, including those working in the functional, logic, answer-set, and constraint handling programming paradigms. The goal is to stimulate research in the use of logical formalisms and methods for analyzing, performing, specifying, and reasoning about computations, including mechanisms for concurrency, security, static analysis, and verification."

"Oil Giant Halliburton Confirms Cyber Incident, Details Scarce"

"Oil Giant Halliburton Confirms Cyber Incident, Details Scarce"

US oil giant Halliburton recently confirmed its computer systems were hit by a cyberattack that continues to affect operations at its Houston, Texas, offices.  Halliburton, considered the world’s second largest oil service company, has engaged with external experts to investigate and mitigate the threat.  The company noted that the investigation into the incident is still ongoing, and more information will be provided in the future.  Halliburton employs about 55,000 through hundreds of subsidiaries, affiliates, and brands in more than 70 countries.

Submitted by Adam Ekwall on

"GenAI Models Are Easily Compromised"

"GenAI Models Are Easily Compromised"

Lakera reports that 95 percent of cybersecurity experts have low confidence in Generative Artificial Intelligence (GenAI) security. In addition, red team data suggests that anyone can easily hack GenAI models. Anyone can use GenAI-specific prompt attacks to manipulate the models, gain unauthorized access, steal confidential data, and more. This article continues to discuss key findings from Lakera's "2024 GenAI Security Readiness Report."

Help Net Security reports "GenAI Models Are Easily Compromised"

Submitted by Gregory Rigby on

2024 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm)

"This conference aims to provide a forum for researchers and practitioners from academia, industry, government institutions, and regulators with background in communications, energy, control, signal processing, analytics and information systems to exchange ideas, explore enabling technologies and share experiences related to smart grids."

Topics of interest include, but are not limited to security and privacy.

"NSA Joins Allies in Releasing Best Practices for Event Logging"

"NSA Joins Allies in Releasing Best Practices for Event Logging"

The National Security Agency (NSA), together with the Australian Signals Directorate's Australian Cyber Security Centre (ASD ACSC) and international co-authors, has released a Cybersecurity Information Sheet (CSI) titled "Best Practices for Event Logging and Threat Detection." The new CSI aims to help protect against malicious actors using Living off the Land (LOTL) techniques. It delves into best practices for event logging and threat detection in cloud services, enterprise networks, mobile devices, and Operational Technology (OT) networks.

Submitted by Gregory Rigby on

"Microsoft Copilot Studio Exploit Leaks Sensitive Cloud Data"

"Microsoft Copilot Studio Exploit Leaks Sensitive Cloud Data"

Researchers at Tenable have exploited a vulnerability in Microsoft's Copilot Studio tool to make external HTTP requests that could access sensitive information on internal services within a cloud environment, potentially affecting multiple tenants. The researchers found and exploited a Server-Side Request Forgery (SSRF) vulnerability in the chatbot creation tool. The exploitation of this flaw allowed them to access Microsoft's internal infrastructure, including the Instance Metadata Service (IMDS) and internal Cosmos DB instances.

Submitted by Gregory Rigby on
Subscribe to