The national association for amateur radio American Radio Relay League (ARRL) recently revealed that it paid out a $1 million ransom after a disruptive May 2024 ransomware attack.  The attack occurred on May 15 and resulted in multiple systems within ARRL’s internal network being encrypted, including desktops, laptops, and Windows and Linux servers.

Texas Dow Employees Credit Union (TDECU) started notifying over 500,000 individuals that their personal information was compromised in the MOVEit campaign last year.  Conducted by the Russian-speaking Cl0p ransomware group, the hack came to light on May 31, 2023, when Progress Software warned that hackers had exploited a zero-day in the MOVEit Transfer managed file transfer (MFT) software, tracked as CVE-2023-34362, to access customer data.

MIT researchers have proposed a way to make a smaller, more noise-tolerant quantum factoring circuit for cryptography. Quantum computers are expected to quickly break complex cryptographic systems that classical computers cannot, a promise based on a quantum factoring algorithm proposed by MIT professor Peter Shor in 1994. Although researchers have made progress in the last 30 years, they have yet to build a quantum computer that is powerful enough to run Shor's algorithm.

The 33rd USENIX Security Symposium awarded CyLab researchers Matt Fredrikson and Bryan Parno prestigious "Test of Time" awards for papers that have significantly impacted their fields. Fredrikson received the USENIX Security Test of Time Award for his co-authored paper titled "Privacy in Pharmacogenetics: An End-to-End Case Study of Personalized Warfarin Dosing," which initiated the study of privacy in pharmacogenetics.

After breaching a target's network, "Qilin," the ransomware group suspected to have been behind the recent Synnovis attack, stole credentials stored in Google Chrome. According to researchers at Sophos X-Ops who detected the activity, this is an unusual tactic for ransomware groups as Qilin not only conducted an extortion attack but also carried out a credentials-harvesting scheme. This article continues to discuss Qilin's theft of credentials stored in Google Chrome.

Researchers have discovered a new macOS malware strain called "TodoSwift" that resembles the known malicious software used by North Korean hacking groups. According to Kandji security researcher Christopher Lopez, TodoSwift behaves similarly to malware originating in North Korea (DPRK), such as "KANDYKORN" and "RustBucket." This article continues to discuss findings regarding the TodoSwift macOS malware.

THN reports "New macOS Malware TodoSwift Linked to North Korean Hacking Groups"

US oil giant Halliburton recently confirmed its computer systems were hit by a cyberattack that continues to affect operations at its Houston, Texas, offices.  Halliburton, considered the world’s second largest oil service company, has engaged with external experts to investigate and mitigate the threat.  The company noted that the investigation into the incident is still ongoing, and more information will be provided in the future.  Halliburton employs about 55,000 through hundreds of subsidiaries, affiliates, and brands in more than 70 countries.

Lakera reports that 95 percent of cybersecurity experts have low confidence in Generative Artificial Intelligence (GenAI) security. In addition, red team data suggests that anyone can easily hack GenAI models. Anyone can use GenAI-specific prompt attacks to manipulate the models, gain unauthorized access, steal confidential data, and more. This article continues to discuss key findings from Lakera's "2024 GenAI Security Readiness Report."

Help Net Security reports "GenAI Models Are Easily Compromised"