Author: CySecurity
The Cybercrime Atlas initiative has shifted into its operational phase in 2024, marking a significant milestone in global cybersecurity efforts. Originating from discussions at the RSA Conference two years prior, the initiative aims to dismantle cybercriminal networks by mapping out their relationships, infrastructure, and supply chains.…
Among other things, the guidelines mandate that a “material” cybersecurity event be reported to the SEC within four days of its classification as such.…
Recent research has surfaced serious security vulnerabilities within ChatGPT plugins, raising concerns about potential data breaches and account takeovers. These flaws could allow attackers to gain control of organisational accounts on third-party platforms and access sensitive user data, including Personal Identifiable Information (PII).
According to Darren Guccione, CEO and co-founder of Keeper Security, the vulnerabilities found in ChatGPT plugins pose a significant risk to organisations as employees often input sensitive data, including intellectual property and financial information, into AI tools.…
In February, cybercriminals orchestrated a series of sophisticated crypto phishing scams, resulting in a staggering $47 million in losses. These scams, often initiated through social media platforms like X (formerly Twitter), saw a dramatic 40% surge in victims compared to January, with over 57,000 individuals falling prey to their deceitful tactics.…
Researchers have found a new way of hijacking WiFi networks at Tesla charging stations for stealing vehicles- a design flaw that only needs an affordable, off-the-shelf tool.
Experts find an easy way to steal a TeslaAs Mysk Inc. cybersecurity experts Tommy Mysk and Talal Haj Bakry have shown in a recent YouTube video hackers only require a simple $169 hacking tool known as Flipper Zero, a Raspberry Pi, or just a laptop to pull the hack off. …
Artificial Intelligence (AI) is reshaping the world of social media content creation, offering creators new possibilities and challenges. The fusion of art and technology is empowering creators by automating routine tasks, allowing them to channel their energy into more imaginative pursuits. AI-driven tools like Midjourney, ElevenLabs, Opus Clip, and Papercup are democratising content production, making it accessible and cost-effective for creators from diverse backgrounds. …
In exchange for the payment of a ransom, LockBit ransomware blocks access to the computer systems of its users. With LockBit, all computers on a network can be encrypted by encrypting them, confirming that the target is valuable, spreading the infection, and vetting potential targets. …
Change Ransomware Incident: Details so far
The change Ransomware attack
Last week, an Oregon medical practice suffered a serious Ransomware attack called Change Ransomware. Due to the attack, the medical practice was left with an empty bank account. The only way out was to sell the practice to United Health. …In the digital society, defenders are grappling with the transformative impact of artificial intelligence (AI), automation, and the rise of Cybercrime-as-a-Service. Recent research commissioned by Darktrace reveals that 89% of global IT security teams believe AI-augmented cyber threats will significantly impact their organisations within the next two years, yet 60% feel unprepared to defend against these evolving attacks.…
Through a recent report by PIXM, a cybersecurity firm specialising in artificial intelligence solutions, public schools in the United States face a significant increase in sophisticated phishing campaigns. Threat actors are employing targeted spear phishing attacks, utilising stealthy patterns to target officials in large school districts, effectively bypassing Multi-Factor Authentication (MFA) protections.…
In the complex world of international relations and military alliances, NATO (North Atlantic Treaty Organization) is a critical pillar of collective defense. As NATO conducts its largest military exercise since 1988, the Steadfast Defender Exercise, it grapples with a fundamental challenge: maintaining transparency while safeguarding critical information.…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) raised the alarm by adding two such vulnerabilities in Apple’s iOS and iPad to its Known Exploited Vulnerabilities catalog. These vulnerabilities are actively exploited, posing significant risks to users’ privacy, data, and device security.
The VulnerabilitiesCVE-2024-23225: This vulnerability targets the kernel of both Apple iOS and iPadOS.…
Over the past few days a security breach has transpired, hackers are taking advantage of a significant flaw in TeamCity On-Premises software, allowing them to create unauthorised admin accounts. This flaw, known as CVE-2024-27198, has prompted urgent action from software developer JetBrains, who released an update on March 4 to address the issue.…
Chinese threat actors strike again
Users of a Tibetan language translation app and website visitors to a Buddhist festival were compromised by a focused watering-hole malware connected to a Chinese threat group.
According to recent data from ESET, the so-called Evasive Panda hacking team’s cyber-operations campaign started in September 2023 or earlier and impacted systems in Taiwan, Hong Kong, Taiwan, Australia, and the United States.…
The National Security Agency (NSA) has rolled out a comprehensive roadmap to strengthen internal network security. Stepping away from the traditional trust-all model, the focus is on embracing a cutting-edge zero-trust framework. This transformative approach assumes the presence of potential threats, urging organisations to implement stringent controls for resource access.…
Woman discloses scam, alerts netizens
By bringing attention to a fresh cybercrime strategy, a marketing expert from Chennai has assisted others in avoiding the scam. Lavanya Mohan, the woman, talked about her experience on X, (formerly Twitter). She said how she got a call saying that someone was using her Aadhaar card to carry drugs over international borders.…
Recently, in a telecommunications setback, damage to submarine cables in the Red Sea is causing disruptions in communication networks, affecting a quarter of the traffic between Asia, Europe, and the Middle East, including internet services. Four major telecom networks, including Hong Kong’s HGC Global Communications, report that cables have been cut, leading to a substantial impact on communication in the Middle East.…
Change Healthcare breach
There is evidence that the ransomware group behind the Change Healthcare breach, which has caused chaos for hospitals and pharmacies attempting to handle prescriptions, may have received $22 million from UnitedHealth Group.
Researchers studying security issues discovered a post made by an associate member claiming to be a member of the ALPHV/Blackcat ransomware group in a Russian forum used by cybercriminals.…
In today’s tech-driven world, APIs (Application Programming Interfaces) are like the connective tissue that allows different software to talk to each other, making our digital experiences seamless. But because they are so crucial, they are also prime targets for hackers.
They could break in to steal our sensitive data, mess with our systems, or even shut down services.…