AI-Controlled Fighter Jets Are Dogfighting With Human Pilots Now

Plus: New York’s legislature suffers a cyberattack, police disrupt a global phishing operation, and Apple removes encrypted messaging apps in China.

Protecting yourself after a medical data breach – Week in security with Tony Anscombe

What are the risks and consequences of having your health data exposed and what are the steps to take if it happens to you?

The many faces of impersonation fraud: Spot an imposter before it’s too late

What are some of the most common giveaway signs that the person behind the screen or on the other end of the line isn’t who they claim to be?

The ABCs of how online ads can impact children’s well-being

From promoting questionable content to posing security risks, inappropriate ads present multiple dangers for children. Here’s how to help them stay safe.

Bitcoin scams, hacks and heists – and how to avoid them

Here’s how cybercriminals target cryptocurrencies and how you can keep your bitcoin or other crypto safe

eXotic Visit includes XploitSPY malware – Week in security with Tony Anscombe

Almost 400 people in India and Pakistan have fallen victim to an ongoing Android espionage campaign called eXotic Visit

Beyond fun and games: Exploring privacy risks in children’s apps

Should children’s apps come with ‘warning labels’? Here's how to make sure your children's digital playgrounds are safe places to play and learn.

eXotic Visit campaign: Tracing the footprints of Virtual Invaders

ESET researchers uncovered the eXotic Visit espionage campaign that targets users mainly in India and Pakistan with seemingly innocuous apps

7 reasons why cybercriminals want your personal data

Here's what drives cybercriminals to relentlessly target the personal information of other people – and why you need to guard your data like your life depends on it

The devil is in the fine print – Week in security with Tony Anscombe

Temu's cash giveaway where people were asked to hand over vast amounts of their personal data to the platform puts the spotlight on the data-slurping practices of online services today

How often should you change your passwords?

And is that actually the right question to ask? Here’s what else you should consider when it comes to keeping your accounts safe.

Malware hiding in pictures? More likely than you think

There is more to some images than meets the eye – their seemingly innocent façade can mask a sinister threat.

Chronicles of a F/OSS tool (Arachni)

submitted by /u/tasos_laskos
[link] [comments]

Sacramento airport goes no-fly after AT&T internet cable snipped

Police say this appears to be a 'deliberate act.'

Sacramento International Airport (SMF) suffered hours of flight delays yesterday after what appears to be an intentional cutting of an AT&T internet cable serving the facility.…

Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack

Palo Alto Networks has shared more details of a critical security flaw impacting PAN-OS that has come under active exploitation in the wild by malicious actors. The company described the vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), as "intricate" and a combination of two bugs in versions PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 of the software. "In

Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks

Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the discovery of a security flaw that has come under targeted exploitation in the wild. "CrushFTP v11 versions below 11.1 have a vulnerability where users can escape their VFS and download system files," CrushFTP said in an advisory released Friday.

Backdooring Dotnet Applications

submitted by /u/lightgrains
[link] [comments]

The Biggest Deepfake Porn Website Is Now Blocked in the UK

The world's most-visited deepfake website and another large competing site are stopping people in the UK from accessing them, days after the UK government announced a crackdown.

EvilLsassTwin - PPL Bypass, Fast 12MB In-Memory Dumps

submitted by /u/EphReborn
[link] [comments]

WhatsApp, Threads, more banished from Apple App Store in China

Still available in Hong Kong and Macau, for now

Apple has removed four apps from its China-regional app store, including Meta's WhatsApp and Threads, after it was ordered to do so by Beijing for security reasons.…

Cybercriminals threaten to leak all 5 million records from stolen database of high-risk individuals

It’s the second time the World-Check list has fallen into the wrong hands

The World-Check database used by businesses to verify the trustworthiness of users has fallen into the hands of cybercriminals.…

Germany cuffs alleged Russian spies over plot to bomb industrial and military targets

Apparently an attempt to damage Ukraine's war effort

Bavarian state police have arrested two German-Russian citizens on suspicion of being Russian spies and planning to bomb industrial and military facilities that participate in efforts to assist Ukraine defend itself against Vladimir Putin’s illegal invasion.…

BlackTech Targets Tech, Research, and Gov Sectors New 'Deuterbear' Tool

Technology, research, and government sectors in the Asia-Pacific region have been targeted by a threat actor called BlackTech as part of a recent cyber attack wave. The intrusions pave the way for an updated version of modular backdoor dubbed Waterbear as well as its enhanced successor referred to as Deuterbear. Cybersecurity firm Trend Micro is tracking the

How Attackers Can Own a Business Without Touching the Endpoint

Attackers are increasingly making use of “networkless” attack techniques targeting cloud apps and identities. Here’s how attackers can (and are) compromising organizations – without ever needing to touch the endpoint or conventional networked systems and services.  Before getting into the details of the attack techniques being used, let’s discuss why

Akira Ransomware Gang Extorts $42 Million; Now Targets Linux Servers

Threat actors behind the Akira ransomware group have extorted approximately $42 million in illicit proceeds after breaching the networks of more than 250 victims as of January 1, 2024. "Since March 2023, Akira ransomware has impacted a wide range of businesses and critical infrastructure entities in North America, Europe, and Australia," cybersecurity agencies from the Netherlands and the U.S.,

Ransomware feared as IT 'issues' force Octapharma Plasma to close 150+ centers

Source blames BlackSuit infection – as separately ISP Frontier confirms cyberattack

Updated Octapharma Plasma has blamed IT "network issues" for the ongoing closure of its 150-plus centers across the US. It's feared a ransomware infection may be the root cause of the medical firm's ailment.…

Crooks exploit OpenMetadata holes to mine crypto – and leave a sob story for victims

'I want to buy a car. That's all'

Crooks are exploiting now-patched OpenMetadata vulnerabilities in Kubernetes environments to mine cryptocurrency using victims' resources, according to Microsoft.…

The Trump Jury Has a Doxing Problem

One juror in former US president Donald Trump’s criminal case in New York has been excused over fears she could be identified. It could get even messier.

On Windows Registry by researcher who got 50+ CVEs there

submitted by /u/gynvael
[link] [comments]

Hackers Target Middle East Governments with Evasive "CR4T" Backdoor

Government entities in the Middle East have been targeted as part of a previously undocumented campaign to deliver a new backdoor dubbed CR4T. Russian cybersecurity company Kaspersky said it discovered the activity in February 2024, with evidence suggesting that it may have been active since at least a year prior. The campaign has been codenamed 

House passes bill banning Uncle Sam from snooping on citizens via data brokers

Vote met strong opposition from Biden's office

A draft law to restrict the US government's ability to procure data on citizens through data brokers will progress to the Senate after being passed in the House of Representatives.…

Fraudsters abused Apple Stores' third-party pickup policy to phish for profits

Scam prevalent across Korea and Japan actually had some winners

Black Hat Asia Speaking at the Black Hat Asia conference on Thursday, a Korean researcher revealed how the discovery of a phishing operation led to the exposure of a criminal operation that used stolen credit cards and second-hand stores to make money by abusing Apple Stores’ practice of letting third parties pick up purchases.…

Lawmakers Are Kicking Warrantless Wiretapping Into Overdrive

Kremlin-Backed Actors Spread Disinformation Ahead Of US Elections

EU Tells Meta It Can't Paywall Privacy

Russia's Sandworm APT Linked To Attack On Texas Water Plant

Phishing Platform LabHost Shut Down By Law Enforcement

Five Eyes Agencies Release New AI Security Guidance

Introducing Cloud Console Cartographer: An Open-Source Tool To Help Security Teams Easily Understand Log Events Generated by AWS Console Activity

submitted by /u/permis0
[link] [comments]

185K people's sensitive data in the pits after ransomware raid on Cherry Health

Extent of information seized will be a concern for those affected

Ransomware strikes at yet another US healthcare organization led to the theft of sensitive data belonging to just shy of 185,000 people.…

EU tells Meta it can't paywall privacy

Platforms should not confront users with 'binary choice' over personal data use

The EU's Data Protection Board (EDPB) has told large online platforms they should not offer users a binary choice between paying for a service and consenting to their personal data being used to provide targeted advertising.…

The Real-Time Deepfake Romance Scams Have Arrived

Watch how smooth-talking scammers known as “Yahoo Boys” use widely available face-swapping tech to carry out elaborate romance scams.

Breaking Custom Encryption Using Frida (Mobile Application Pentesting)

submitted by /u/Waste-Kick-6814
[link] [comments]

Prolific phishing-made-easy emporium LabHost knocked offline in cyber-cop op

Police emit Spotify Wrapped-style videos to let crims know they're being hunted

Feature Cops have brought down a dark-web souk that provided cyber criminals with convincing copies of trusted brands' websites for use in phishing campaigns.…

Element Android CVE-2024-26131, CVE-2024-26132 - Never Take Intents From Strangers - Shielder

submitted by /u/smaury
[link] [comments]

Cisco creates architecture to improve security and sell you new switches

Hypershield detects bad behavior and automagically reconfigures networks to snuff out threats

Cisco has developed a product called Hypershield that it thinks represents a new way to do network security.…

OfflRouter Malware Evades Detection in Ukraine for Almost a Decade

Select Ukrainian government networks have remained infected with a malware called OfflRouter since 2015. Cisco Talos said its findings are based on an analysis of over 100 confidential documents that were infected with the VBA macro virus and uploaded to the VirusTotal malware scanning platform since 2018. More than 20 such documents have been uploaded since 2022. "The documents contained VBA

FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor

The infamous cybercrime syndicate known as FIN7 has been linked to a spear-phishing campaign targeting the U.S. automotive industry to deliver a known backdoor called Carbanak (aka Anunak). "FIN7 identified employees at the company who worked in the IT department and had higher levels of administrative rights," the BlackBerry research and intelligence team said in a new write-up. "They

Recover from Ransomware in 5 Minutes—We will Teach You How!

Super Low RPO with Continuous Data Protection:Dial Back to Just Seconds Before an Attack Zerto, a Hewlett Packard Enterprise company, can help you detect and recover from ransomware in near real-time. This solution leverages continuous data protection (CDP) to ensure all workloads have the lowest recovery point objective (RPO) possible. The most valuable thing about CDP is that it does not use

New Android Trojan 'SoumniBot' Evades Detection with Clever Tricks

A new Android trojan called SoumniBot has been detected in the wild targeting users in South Korea by leveraging weaknesses in the manifest extraction and parsing procedure. The malware is "notable for an unconventional approach to evading analysis and detection, namely obfuscation of the Android manifest," Kaspersky researcher Dmitry Kalinin said in a technical analysis.

How to Conduct Advanced Static Analysis in a Malware Sandbox

Sandboxes are synonymous with dynamic malware analysis. They help to execute malicious files in a safe virtual environment and observe their behavior. However, they also offer plenty of value in terms of static analysis. See these five scenarios where a sandbox can prove to be a useful tool in your investigations. Detecting Threats in PDFs PDF files are frequently exploited by threat actors to

Global Police Operation Disrupts 'LabHost' Phishing Service, Over 30 Arrested Worldwide

As many as 37 individuals have been arrested as part of an international crackdown on a cybercrime service called LabHost that has been used by criminal actors to steal personal credentials from victims around the world. Described as one of the largest Phishing-as-a-Service (PhaaS) providers, LabHost offered phishing pages targeting banks, high-profile organizations, and other service

Cisco Hypershield: A New Era of Distributed, AI-Native Security

AI is transformative, driving huge productivity gains. The engine of AI — the data center — will grow substantially, maybe an order of magnitude or more over the coming years.

The industry went thr… Read more on Cisco Blogs

Cisco Hypershield: Reimagining Security

It is no secret that cybersecurity defenders struggle to keep up with the volume and craftiness of current-day cyber-attacks. A significant reason for the struggle is that security infrastructure has… Read more on Cisco Blogs

Singapore infosec boss warns China/West tech split will be bad for interoperability

When you decide not to trust a big chunk of the supply chain, tech (and trade) get harder

One of the biggest challenges Singapore faces is the potential for a split between tech stacks developed and used by China and the West, according to the island nation's Cyber Security Administration (CSA) chief executive David Koh.…

Taiwanese film studio snaps up Chinese surveillance camera specialist Dahua

Stymied by sanctions, it had to go … but where?

Chinese surveillance camera manufacturer Zhejiang Dahua Technology, which has found itself on the USA’s entity list of banned orgs, has fully sold off its stateside subsidiary for $15 million to Taiwan's Central Motion Picture Corporation, according to the firm's annual report released on Monday.…

Hugely expanded Section 702 surveillance powers set for US Senate vote

Opponents warn almost anyone could be asked to share info with Uncle Sam

On Thursday the US Senate is expected to reauthorize the contentious warrantless surveillance powers conferred by Section 702 of the Foreign Intelligence Surveillance Act (FISA), and may even strengthen them with language that, according to US Senator Ron Wyden (D-OR), "will force a huge range of companies and individuals to spy for the government."…

Kremlin's Sandworm blamed for cyberattacks on US, European water utilities

Water tank overflowed during one system malfunction, says Mandiant

The Russian military's notorious Sandworm crew was likely behind cyberattacks on US and European water plants that, in at least one case, caused a tank to overflow.…

An Obscure Actions Workflow Vulnerability in Google’s Flank

submitted by /u/louis11
[link] [comments]

Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes

Threat actors are actively exploiting critical vulnerabilities in OpenMetadata to gain unauthorized access to Kubernetes workloads and leverage them for cryptocurrency mining activity. That's according to the Microsoft Threat Intelligence team, which said the flaws have been weaponized since the start of April 2024. OpenMetadata is an open-source platform that operates as a