Cyber Security
Microsoft Issues Security Update Fixing 118 Flaws, Two Actively Exploited in the Wild
Microsoft has released security updates to fix a total of 118 vulnerabilities across its software portfolio, two of which have come under active exploitation in the wild.
Of the 118 flaws, three are rated Critical, 113 are rated Important, and two are rated Moderate in severity. The Patch Tuesday update doesn’t include the 25 additional flaws that the tech giant addressed in its Chromium-based
Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks
Microsoft is warning of cyber attack campaigns that abuse legitimate file hosting services such as SharePoint, OneDrive, and Dropbox that are widely used in enterprise environments as a defense evasion tactic.
The end goal of the campaigns are broad and varied, allowing threat actors to compromise identities and devices and conduct business email compromise (BEC) attacks, which ultimately result
Ex-Uber CISO Requests a New, ‘Fair’ Trial
Attorneys for Joseph Sullivan argue the jury didn’t hear essential facts of the case during the original trial and that his conviction must be overturned.
Read MoreFBI Shuts Down Dispossessor Ransomware Group’s Servers Across U.S., U.K., and Germany
The U.S. Federal Bureau of Investigation (FBI) on Monday announced the disruption of online infrastructure associated with a nascent ransomware group called Dispossessor (aka Radar).
The effort saw the dismantling of three U.S. servers, three United Kingdom servers, 18 German servers, eight U.S.-based criminal domains, and one German-based criminal domain. Dispossessor is said to be led by
X faces GDPR complaints for unauthorized use of data for AI training
European privacy advocate NOYB (None of Your Business) has filed nine GDPR complaints about X using the personal data from over 60 million users in Europe to train “Grok,” the social media company’s large language model. […]
Read MoreCrowdStrike Tries to Patch Things Up With Cybersecurity Industry
Both CrowdStrike president and CEO were at Black Hat and DEF CON to face direct questions from customers and cybersecurity professionals.
Read MoreUN Approves Cybercrime Treaty Despite Major Tech, Privacy Concerns
The treaty would allow any country to request technology firms to aid in cybercrime investigations and preserve data about their users — potentially imperiling penetration testers and security researchers, among others.
Read MoreAustralian gold producer Evolution Mining hit by ransomware
Evolution Mining has informed that it has been targeted by a ransomware attack on August 8, 2024, which impacted its IT systems. […]
Read MoreCriminal IP and Maltego Join Forces for Enhanced Cyber Threat Search
AI SPERA announced today that its IP address intelligence engine, Criminal IP, can now be integrated with Maltego’s unified user interface and is available on the Maltego’s marketplace, […]
Read MoreNew Malware Hits 300,000 Users with Rogue Chrome and Edge Extensions
An ongoing, widespread malware campaign has been observed installing rogue Google Chrome and Microsoft Edge extensions via a trojan distributed via fake websites masquerading as popular software.
“The trojan malware contains different deliverables ranging from simple adware extensions that hijack searches to more sophisticated malicious scripts that deliver local extensions to steal private data