Russian hackers are using a zero-day exploit in Microsoft Outlook to attack NATO member countries. The hackers are targeting companies in 14 countries, including vital infrastructure and sources of strategic intelligence. The exploit, tracked as CVE-2023-23397, allows the hackers to gain access to the targeted organizations. The group behind the attacks, known as Fighting Ursa, is linked to Russian military intelligence. It is important to address this vulnerability and set up endpoint security to prevent further attacks. #RussianHackers #ZeroDayExploit #OutlookAttack #NATO
https://cybersecuritynews.com/russian-hackers-exploiting-outlook/
Summary:
Meta announces default end-to-end encryption for Facebook Messenger, promising enhanced security and privacy for users. The update also introduces additional features to elevate user experience and control. The global rollout will occur gradually over the coming months.
Hashtags: #Meta #EndToEndEncryption #FacebookMessenger #Security #Privacy
https://cybersecuritynews.com/meta-end-to-end-facebook-messenger/
Europe has reached a deal on the world's first comprehensive AI rules, setting clear regulations for the use of AI. The deal was signed after marathon closed-door talks this week and the European Parliament will still need to vote on the act early next year. The AI Act aims to mitigate the risks posed by AI systems and includes regulations on generative AI and face recognition surveillance. Researchers have warned about the dangers of powerful AI models being used for cyberattacks and disinformation. #Europe #AIregulations #Cybersecurity
https://www.securityweek.com/europe-reaches-a-deal-on-the-worlds-first-comprehensive-ai-rules/
Influencer accidentally posts QR code for restaurant table ordering on social media, resulting in a flood of food orders. #restaurant #QRcode #socialmedia
Researchers have discovered a critical privilege escalation vulnerability in macOS devices, specifically in the GOG Galaxy software. The vulnerability involves the XPC service and the connection validation of the software. The vulnerability has been assigned the CVE-2023-40713 and has a severity rating of 7.8. The exploit allows threat actors to gain root access by replacing the PID of a legitimate binary. For more information, refer to the complete report published by Security Intelligence. #macOS #vulnerability #GOGGalaxy #privilegeescalation
https://cybersecuritynews.com/gog-galaxy-xpc-service-exploited/
New iPhone Hack Convinces Users With Fake Lockdown Mode: A new technique has been discovered that visually tricks iPhone users into thinking their device is in Lockdown Mode. Lockdown Mode does not prevent malware execution or identify installed malware. It limits entry points for attackers. Lockdown Mode disables certain file formats, blocks certain features, and restricts functionality to reduce the attack surface. However, it does not stop an attack that has already been initiated on the device. The main goal of Lockdown Mode is to decrease potential attack vectors. #cyberattack #cybersecurity #malware
https://cybersecuritynews.com/new-iphone-hack-lockdown-mode/
The cloud is essential for modern business, but it also poses significant security risks, with nearly half of all data breaches originating in the cloud. Traditional security measures are failing in the cloud, so organizations need to prioritize robust cloud security to protect their valuable data and maintain consumer trust. Breaches in the cloud not only threaten data but also reputational damage and revenue-generating operations. Legacy security systems are inadequate for the dynamic nature of the cloud, so organizations must embrace a Zero Trust framework. Zero Trust Segmentation, or microsegmentation, plays a vital role in securing cloud resources by quickly isolating critical assets and reducing the attack surface. Implementing dynamic defenses like segmentation is crucial for organizations to navigate the complexities of the cloud and safeguard their most critical assets, reputation, and trust.
#CloudSecurity #DataBreach #ZeroTrust #Segmentation #Cybersecurity
https://www.infosecurity-magazine.com/blogs/bringing-resilience-cloud-zero/
Summary of the text:
1. Malware sandboxes offer a range of benefits that are often overlooked, including enhancing the training and productivity of junior security staff.
2. Utilizing a malware sandbox can prevent quishing attacks, which use QR codes to distribute malicious payloads.
3. Sandboxes are effective in detecting and analyzing script-based threats, providing insights into the actions performed within scripts.
4. Digital signature analysis in a sandbox can quickly verify file authenticity and identify potentially malicious files.
5. Sandboxes equipped with a residential proxy can bypass restrictions and analyze geo-targeted phishing campaigns.
Hashtags:
#MalwareSandbox #ThreatAnalysis #JuniorStaffTraining #QuishingAttacks #ScriptBasedThreats #DigitalSignatures #GeoTargetedPhishing #Cybersecurity
Two Russian citizens charged with hacking government accounts in the US, UK, NATO countries, and Ukraine. They targeted defense department employees, defense contractors, and government officials. The hackers also leaked information ahead of the 2019 UK elections. The cyber attack involved a sophisticated spear phishing campaign. The US Department of Treasury has sanctioned the two individuals and the US Department of State announced rewards for information on their whereabouts. #cybersecurity #hacking #governmenthacking
Meta has announced that it is making end-to-end encryption the default for Facebook Messenger, ensuring that only the sender and recipient can access messages. The feature was first introduced as an option in 2016. Critics argue that enhanced encryption could be used to facilitate illegal activities. The new feature will be rolled out gradually to users. #Meta #FacebookMessenger #Encryption #Privacy
https://www.securityweek.com/meta-makes-end-to-end-encryption-a-default-on-facebook-messenger/
Ransomware drives up UK inflation, according to Veeam. Large companies increase prices by an average of 17% following a ransomware attack. Three-quarters of UK firms fell victim to ransomware last year. Breached organizations cut operating costs by an average of 17% and reduced staff numbers. Businesses fear another ransomware attack could result in closure. Recovery from a ransomware attack takes an average of two months. Veeam advises investing in immutable backups for quick data recovery. #Ransomware #UKinflation #Datasecurity #Businessimpact
https://www.infosecurity-magazine.com/news/ransomware-surge-driving-uk/
Malicious Android loan apps discovered on Google Play collected personal and financial data from victims. Apps called "SpyLoan" harassed users and targeted individuals in Southeast Asia, Africa, and Latin America. Operators of the apps were mainly from various countries. The apps requested sensitive permissions and gathered personal information, as well as device data and local Wi-Fi network information. Google updated its policies to restrict apps from accessing sensitive information, but existing apps still had permissions. Victims were threatened with extortion. Detailed information and indicators of compromise are available. Hashtags: #Android #MaliciousApps #DataBreach #CyberSecurityNews
1. Lazarus Group, a North Korea hacking unit, is targeting cryptocurrency projects through phishing scams on Telegram.
2. Lazarus impersonates reputable investment institutions on Telegram to deceive victims.
3. The group focuses on high-profile DeFi project teams to gain trust and initiate phishing efforts.
4. Lazarus deploys malicious scripts and links to gain remote access and compromise systems.
5. SlowMist warns of the evolving phishing strategies used by Lazarus Group.
6. SlowMist recommends thorough verification, two-factor authentication, transaction vigilance, and malware mitigation for Web3 users.
7. Hashtags: #LazarusGroup #Cryptocurrency #Phishing #Cybersecurity #Web3 #SlowMist
https://cybersecuritynews.com/lazarus-group-attacking-crypto/
1. Hackers exploit reverse TCP shells on Linux/Unix systems to gain unauthorized remote access.
2. This enables them to execute commands, exfiltrate data, and compromise system security.
3. Cybersecurity researchers at PwC discovered a reverse TCP shell called 'SnappyTCP' with C2 capabilities.
4. SnappyTCP has been used by the Teal Kurma group to target Europe and the Middle East since 2017.
5. The malware uses vulnerabilities like CVE-2021-44228, CVE-2021-21974, and CVE-2022-0847.
6. SnappyTCP has basic C2 functionality and two variants – one with TLS encryption and one without.
7. The malware communicates with a server under the attacker's control using HTTP requests.
8. SnappyTCP binaries use various toolchains and may employ shared object files or executables.
9. The malware has been linked to Teal Kurma's activity through public code and infrastructure analysis.
10. SnappyTCP has targeted the NGO, media, government, telecom, and IT provider sectors.
11. Security recommendations include checking logs, setting up alerts, conducting forensic analysis, and blocking malicious indicators.
#Cybersecurity #SnappyTCP #ReverseShell #Linux #Unix #TealKurma #Malware #SecurityRecommendations
Google Chrome 120 has been released with patches for 10 critical security flaws. #GoogleChrome #security #vulnerability #patches #browsing #update
Cambridge Hospitals admit two historic data breaches involving patient data in Excel spreadsheets shared in response to Freedom of Information requests. The first incident occurred in 2021 and was recently discovered, involving the disclosure of personal data of 22,073 maternity patients. The second incident, also in 2021, involved the accidental sharing of names, hospital numbers, and medical information of 373 cancer patients undergoing clinical trials. The Information Commissioner's Office has called for an end to the use of Excel spreadsheets for FOI data. Hashtags: #CambridgeHospitals #DataBreach #Excel #FOI #PatientData
https://www.infosecurity-magazine.com/news/cambridge-hospitals-two-excel-data/
#CyberAttackMaps #DigitalThreats #CyberSecurity #DDoS #Malware #Hackers #CyberAttackVulnerability #ZeroDay #DataBreaches #CyberAI #GlobalCyberThreatLandscape
Google has launched Gemini, its most capable and largest AI model. #AI #Google #Gemini
Gemini is a paradigm-shifting technology that redefines human-machine interactions. #AI #Gemini
Gemini has revolutionary capabilities including comprehending and processing text, images, audio, and video. #AI #Gemini
Gemini excels in natural language processing, coding, and reasoning tasks, surpassing human experts. #AI #Gemini
Gemini is optimized for diverse platforms and operates efficiently on data centers and mobile devices. #AI #Gemini
Google emphasizes responsible AI development and collaborates with experts to mitigate risks. #AI #Google
Gemini's applications include enhanced search dynamics, smarter product integration, coding efficiency, and scientific breakthroughs. #AI #Gemini
Google's commitment to responsible AI includes Gemini Pro, Gemini Nano, and Gemini Ultra. #AI #Google #Gemini
Gemini Ultra, including other premier models, will be available in 2024 for early access. #AI #Gemini
Nissan is investigating a cyberattack that may have resulted in a personal data breach. The company is working with global incident response teams to assess the impact and determine if any personal information was accessed. The National Cyber Security Center of New Zealand and the Australian Cyber Security Centre have been notified. Customers are advised to exercise caution and monitor their accounts for suspicious activity. Nissan has sold over 36,000 cars in Australia and about 3,000 in New Zealand this year. The company previously experienced a data breach in January 2023. #cyberattack #cybersecurity
https://cybersecuritynews.com/nissan-investigating-cyberattack/
Hackers exploit Adobe ColdFusion flaw to hack government servers. Cybersecurity advisory reveals breach in government servers due to vulnerability in Adobe ColdFusion. Exploit grants hackers unfettered access and potential for data exfiltration. Advisory provides insights into attack and attackers' tactics. Organizations urged to update and fortify defenses against known vulnerabilities. Knowledge of attackers' tactics aids in detection and prevention strategies.
#cybersecurity #vulnerability #attack #dataexfiltration #defenseupdate
https://cybersecuritynews.com/hackers-exploit-adobe-coldfusion-flaw/