Security
Check before you click: ransomware gangs are disguising their tools as popular AI apps
Multiple ransomware gangs are disguising their malicious software as AI tools: fake ChatGPT, InVideo, and other installers plant destructive malware, a new report by Cisco Talos has warned.
Read more about Check before you click: ransomware gangs are disguising their tools as popular AI apps
AI predicts the exact date of a global blackout
Get ready: artificial intelligence (AI) has predicted the day of a worldwide power shutdown, when multiple continents will go dark.
Read more about AI predicts the exact date of a global blackout
Two foreigners tried to export sensitive US defense technology to China in a blender, DOJ says
The US indicted two foreign nationals on Friday for attempting to smuggle US military technology to China, including missiles, air defense radar, drones, and cryptographic devices – at one point even plotting to ship the sensitive tech in a blender.
Read more about Two foreigners tried to export sensitive US defense technology to China in a blender, DOJ says
No more user scripts in Chrome extensions by default: Google tightens security
Google has announced a significant change in how Chrome extensions gain permission to use the User Scripts API, which allows injecting custom JavaScript code on web pages. This will be the first permission that users need to enable individually for each extension.
Read more about No more user scripts in Chrome extensions by default: Google tightens security
Cyberattacks on M&S and Co-op trigger shift in UK online shopping habits
Major UK retailers like M&S, Co-op, and Harrods have faced cyberattacks recently. Two-thirds of UK shoppers are now changing how they shop online, a new survey shows
Read more about Cyberattacks on M&S and Co-op trigger shift in UK online shopping habits
UK allocates over £1 billion to bolster cyber and electromagnetic warfare capabilities
The United Kingdom Armed Forces wants to apply lessons learned from Ukraine and will spend more than £1 billion ($1.35 billion) to equip a “pioneering battlefield system.” A new Cyber and Electromagnetic Command will further enhance the UK’s cyber warfare capabilities.
Read more about UK allocates over £1 billion to bolster cyber and electromagnetic warfare capabilities
Latrodectus malware detected on over 44,000 IP addresses
Over 44,000 IP addresses were infected with dangerous Latrodectus malware, which is used to deploy banking trojans, before a law enforcement takedown during this month's Operation Endgame, new data reveals.
Read more about Latrodectus malware detected on over 44,000 IP addresses
Privacy nightmare: Microsoft OneDrive gives AI chatbot full read access to user content
Users discover that letting an AI chatbot or other app access a single file on OneDrive also grants it access to their entire OneDrive content.
Read more about Privacy nightmare: Microsoft OneDrive gives AI chatbot full read access to user content
This security specialist earns $700k annually. Would you want their job?
Quite a few people in charge of cybersecurity at big companies earn close to a million dollars per year. However, with the dream salary comes nightmare responsibilities.
Read more about This security specialist earns $700k annually. Would you want their job?
Major data leak hits Unimed, 14M patient-doctor messages exposed
The world’s largest healthcare cooperative, Unimed, left an exposed instance that leaked millions of patient-doctor messages.
Read more about Major data leak hits Unimed, 14M patient-doctor messages exposed
Unheard of: Chinese hackers use Google Calendar to control malware and steal data
Chinese state-sponsored cyber espionage group APT41, also known as HOODOO, abused Google Calendar as a command and control tool. The specialized malware stored encrypted commands and exfiltrated data as calendar events.
Read more about Unheard of: Chinese hackers use Google Calendar to control malware and steal data
Microsoft to unify Windows app updates under a centralized system
Microsoft wants to unify future app updates on Windows under a single update system – the Windows Update orchestration platform. The preview is currently available for developers and product teams.
Read more about Microsoft to unify Windows app updates under a centralized system
Red teaming – why cybersecurity’s coolest job is basically Top Gun for hackers
Red teaming is cybersecurity’s top defense – ethical hackers simulate attacks to find weaknesses before real hackers do, helping organizations stay secure.
Read more about Red teaming – why cybersecurity’s coolest job is basically Top Gun for hackers
Thousands of Asus routers infected with backdoor that survives firmware updates
A new botnet is compromising modern Asus WiFi 6 routers and leaving backdoors that allow attackers to remotely control them even after firmware updates. Researchers warn that 9,000 Asus routers are already infected.
Read more about Thousands of Asus routers infected with backdoor that survives firmware updates
Victoria’s Secret temporarily takes website offline due to security issue
Clothing and lingerie retailer Victoria’s Secret suspended most of the functionality of its website and some in-store services to “address a security incident,” according to a statement posted to the company’s website on Wednesday.
Read more about Victoria’s Secret temporarily takes website offline due to security issue
Everest ransomware gang has a new cash cow – the Middle East, and we’ll tell you why
Move over United States and Europe, the Middle East region of the world is experiencing an uptick in ransomware attacks, including the latest breach of Coca-Cola by the Everest gang just this past week. So, what's the reasoning behind the dramatic increase? Cybernews has the inside story.
Read more about Everest ransomware gang has a new cash cow – the Middle East, and we’ll tell you why
Massive security blunder: Russian nuclear site blueprints exposed in public procurement database
Russia is modernizing its nuclear weapon sites, including underground missile silos and support infrastructure. Data, including building plans, diagrams, equipment, and other schematics, is accessible to anyone in the public procurement database.
Read more about Massive security blunder: Russian nuclear site blueprints exposed in public procurement database
Stay cautious: these fake AI video generators are stealing passwords
Cybercriminals have entered the AI gold rush to spread malware. Fake AI video generators are tempting users and stealing their data.
Read more about Stay cautious: these fake AI video generators are stealing passwords
Hackers say they’ve snatched data from the Salvation Army
One of the largest providers of social services globally, the Christian organization Salvation Army, has been allegedly hit by a ransomware attack.
Read more about Hackers say they’ve snatched data from the Salvation Army
Major data leak exposes 1.6M Etsy, TikTok Shop customer emails
Hundreds of thousands of customer files have been discovered leaking from an unprotected instance. Researchers believe the data exposed mostly American customers of Etsy, Poshmark, and TikTok shops.
Read more about Major data leak exposes 1.6M Etsy, TikTok Shop customer emails
