Summary: Mac users are being targeted by a new malware called 'ClearFake' that is delivered through fake browser updates. This malware poses a significant risk to data security and privacy by stealing valuable credentials and files. The malware utilizes smart contracts and is a dangerous social engineering technique. Organizations should use web protection tools to block these malicious threats.
Hashtags: #MacUsers #Malware #ClearFake #DataSecurity #Privacy
Summary:
The British Library has revealed that HR data was stolen and leaked in a recent ransomware breach. The breach involved internal HR files, but there is no evidence that user data was compromised. The group behind the attack, Rhysida, has reportedly put a starting price of 20 bitcoins on the stolen data. The British Library has advised users to change their passwords on other sites as a precautionary measure. CEO Camellia Chan emphasizes the need for a proactive approach to cybersecurity, especially for HR files which are prime targets for cybercriminals.
Hashtags:
#BritishLibrary #RansomwareAttack #DataBreach #HRData #Cybersecurity #Rhysida #PasswordSecurity #Cybercrime #ProactiveApproach
https://www.infosecurity-magazine.com/news/british-library-ransomware-attack/
Citrix warns admins to kill active sessions to thwart hackers. #CyberSecurity #Vulnerability #Threats #DataBreaches #Citrix
Bug Hunter GPT is an AI assistant that replies to hacking questions. It is based on ChatGPT and provides answers without any irritating filters. #BugHunterGPT #AIAssistant #HackingQuestions
Bug Hunter GPT is a bug bounty hunters’ assistant that easily replies to any question related to hacking. #BugBounty #HackingQuestions
ChatGPT, which Bug Hunter GPT is based on, follows prompts for detailed responses and composes content similar to customer service chatbots. #ChatGPT #CustomerService
Bug Hunter GPT is designed to support ethical guidelines and does not provide assistance with any illegal activities, including hacking. #EthicalAI #NoIllegalActivities
Hackers are exploiting a zero-day vulnerability in Windows SmartScreen. The vulnerability allows them to bypass SmartScreen's security warnings using a crafted Internet Shortcut File. Microsoft has released security patches to address this issue. The vulnerability is being actively exploited in the wild. #Hackers #WindowsSmartScreen #ZeroDay
https://cybersecuritynews.com/hackers-windows-smartscreen-zero-day/
North Korean hackers posed as job recruiters and seekers to carry out cyber attacks. Two ongoing campaigns, Contagious Interview and Wagemole, target job-seeking activities. In Contagious Interview, developers are tricked into installing malware by posing as employers. In Wagemole, unauthorized employment with US companies is sought for espionage and financial gain. The threat actors impersonate potential employers in advertisements on job search networks and use online collaboration tools for interviews. They infect victims' systems with backdoor malware. Employers and job seekers should be cautious of remote work implications. #NorthKoreanHackers #CyberAttacks #JobRecruiters #JobSeekers
Windows Hello Fingerprint Authentication Bypassed: Researchers have discovered a way to bypass the fingerprint sensors used for Windows Hello on popular laptops. #WindowsHello #FingerprintAuthentication #Bypassed #LaptopSecurity
Researchers Bypass Windows Hello on Popular Laptops: Security researchers have successfully bypassed the Windows Hello fingerprint authentication feature on three popular laptop models. #WindowsHello #Bypassed #LaptopSecurity
Fingerprint Authentication Vulnerability on Windows Hello: Researchers have found a vulnerability in the Windows Hello fingerprint authentication system, allowing them to bypass the security feature on popular laptops. #WindowsHello #FingerprintAuthentication #Vulnerability
https://www.securityweek.com/windows-hello-fingerprint-authentication-bypassed-on-popular-laptops/
185,000 individuals impacted by MOVEit hack at Car Parts Giant AutoZone. Hashtags: #DataBreaches #Cybersecurity.
https://www.securityweek.com/185000-individuals-impacted-by-moveit-hack-at-car-parts-giant-autozone/
Researchers at Aqua Security have discovered a dangerous exposure of sensitive Kubernetes secrets. This poses a supply chain attack threat to hundreds of organizations and open-source projects. The researchers found encoded Kubernetes configuration secrets in public repositories, including those of SAP and two top blockchain companies. These secrets are vulnerable to attacks because they are often stored unencrypted. Aqua Security called attention to the severity of the issue, which affects both individuals and large organizations. The exposure of these secrets can lead to data breaches, supply chain attacks, and compromises in organizations' security. The Aqua team found that practitioners often neglect to remove secrets from files they commit to public repositories, leaving sensitive information exposed. #Kubernetes #Cybersecurity #SupplyChainAttack
The space sector faces cyberattack threats from nation-states, making it crucial to know the origin of every component in a spacecraft. Supply chain security is highly relevant in the space sector due to the potential harm caused by attacks on spacecraft. The space sector's unique cybersecurity approach could benefit the wider industry. Cybersecurity professionals can learn from the space sector's use of detection and response techniques. Machine learning plays a crucial role in equipping spacecraft to handle cyber incidents. Understanding what is "normal" in your business is critical for fast response to cyberattacks. #SupplyChainSecurity #SpaceSector #Cybersecurity #NationStateAttacks #MachineLearning #CyberIncidents #Normalcy
https://www.infosecurity-magazine.com/news/supply-chain-security-space/
Employee policy violations account for 26% of cyber incidents, almost equal to the 20% caused by external hacking attempts. A study by Kaspersky revealed that intentional violations by employees, both in IT and non-IT roles, have a significant impact on cybersecurity. Weak passwords, visiting unsecured websites, and neglecting system updates are common employee behaviors that lead to incidents. Unsolicited services and devices also contribute to policy violations. The financial services sector reports 34% of incidents driven by personal gain. It is crucial to foster a culture of cybersecurity within organizations to address these issues.
#cybersecurity #employeepolicies #policyviolations #cyberincidents #ITsecurity
https://www.infosecurity-magazine.com/news/employee-violations-cause-26-cyber/
Flaw in Apache ActiveMQ exposes Linux systems to Kinsing malware. The vulnerability allows for remote code execution. Kinsing targets Linux-based systems and spreads through web application vulnerabilities. Active exploitation of the vulnerability has been reported. The Kinsing exploit utilizes the ProcessBuilder method to install cryptocurrency miners and malware. Users are urged to upgrade and apply the patch to mitigate the risks. #ApacheActiveMQ #Kinsingmalware #Linuxvulnerability
https://www.infosecurity-magazine.com/news/apache-activemq-flaw-exposes-linux/
Microsoft has launched the Defender Bounty Program, offering rewards up to $20,000 USD to incentivize researchers to identify security vulnerabilities in its Defender suite of products. The program aims to address potential security issues before exploitation. Researchers worldwide can participate to find vulnerabilities in Defender services and products. The program will expand to include more products under the Defender brand. The program has specific criteria for bounty awards and researchers need to submit their findings through the MSRC Researcher Portal. The program restricts its scope to technical flaws in designated Microsoft Online Services. #cybersecurity #cybersecuritynews #vulnerability
https://cybersecuritynews.com/microsoft-defender-bounty-program/
Hackers are exploiting 0-day RCE flaws to deploy Mirai malware. The Mirai botnet is used for large-scale DDoS attacks and can disrupt online services and cause internet outages. Akamai SIRT researchers have observed increased activity targeting a rare TCP port, indicating a potential zero-day exploit. Investigations have revealed specific manufacturers and vendors targeted by the hackers. The Mirai botnet activity is centered around the JenX variant. IOCs and malware samples have been identified. #Hackers #CyberAttack #Vulnerability #Malware #Mirai
https://cybersecuritynews.com/hackers-exploiting-0-day-rce-flaws/
Apple is adding manual authentication to iMessage. The feature is called Contact Key Verification and allows users to confirm the identity of the person they are messaging. It involves a short verification code that is shared verbally or through a phone call. The authentication process maintains privacy and encryption. #Apple #authentication #iPhone
https://www.schneier.com/blog/archives/2023/11/apple-to-add-manual-authentication-to-imessage.html
Europol launches OSINT taskforce to hunt for Russian war crimes. OSINT is used for intelligence gathering in military and cybersecurity. Russia's forces were exposed by the open source community before the invasion of Ukraine. The taskforce will be led by Dutch and German police with support from Europol. Russian threat actors are suspected of breaching the International Criminal Court.
https://www.infosecurity-magazine.com/news/europol-osint-taskforce-hunt/
Email security flaw found in the wild: Google's Threat Analysis Group (TAG) has discovered a zero-day vulnerability in the Zimbra Collaboration email server. This flaw has been exploited by four different groups to steal email data, user credentials, and authentication tokens. To protect against these exploits, users and organizations are advised to keep software up-to-date. #EmailSecurity #ZeroDay #ZimbraCollaboration
Note: The text does not provide a specific number of sentences or hashtags, so please replace "{nr_of_sentences}" and "{nr_of_hashtags}" with the desired numbers.
https://www.schneier.com/blog/archives/2023/11/email-security-flaw-found-in-the-wild.html
Canadian military and police personnel impacted by data breach at moving companies. The breach involved two third-party service providers, Brookfield Global Relocation Services (BGRS) and Sirva Canada. Personal and financial information of employees and personnel may have been compromised. The LockBit ransomware gang has claimed responsibility for the attack. Hashtags: #DataBreach #Cybersecurity #CanadianMilitary #Police #MovingCompanies #LockBit
https://www.securityweek.com/canadian-military-police-impacted-by-data-breach-at-moving-companies/
CISA offers free cybersecurity services to non-federal critical infrastructure entities. The pilot program aims to reduce cybersecurity risks and provide support. The services are free of charge. #CISA #cybersecurity
LLM Security Startup Lasso has emerged from stealth mode with $6 million in seed funding to tackle cyber threats to secure generative AI and large language model algorithms. #cybersecurity #AI #securitystartup
Lasso aims to prevent data exposure, security risks, and compliance risks faced by generative AI and LLM technologies. #datasecurity #privacy #compliance
The company's technology protects every LLM touchpoint and prevents data poisoning, model theft, malicious code generation, prompt injection, and supply chain attacks. #cyberthreats #dataattacks #supplychainsecurity
Additionally, Lasso provides oversight for sensitive data disclosures and offers real-time guidance on the safe use of LLM-based tools. #datadisclosure #dataprivacy #datasecurity
The funding will be used to expand the team and improve the products. #startupfunding #productdevelopment
https://www.securityweek.com/llm-security-startup-lasso-emerges-from-stealth-mode/