Ransomware gangs increasingly deploy zero-days to maximize attacks
Microsoft issued a patch for a zero-day that researchers at Kaspersky said was used to deliver Nokoyawa ransomware. In a move meant to maximize the damage and reach of its ransomware campaign, a cybercrime group recently deployed a Microsoft zero-day vulnerability to execute a global digital extortion campaign against small and medium-sized businesses, researchers at the cybersecurity firm Kaspersky said Tuesday. READ MORE...
US cyber chiefs warn AI will help crooks, China develop nastier cyberattacks faster
Bots like ChatGPT may not be able to pull off the next big Microsoft server worm or Colonial Pipeline ransomware super-infection but they may help criminal gangs and nation-state hackers develop some attacks against IT, according to Rob Joyce, director of the NSA's Cybersecurity Directorate. Joyce, speaking at CrowdStrike's Government Summit Tuesday, said he doesn't expect to see - at least not "in the near term" - AI used "for automated attacks that will rip through systems at speeds that are unfathomable today." READ MORE...
Kodi forum breach: User data, encrypted passwords grabbed
The developers of Kodi, the widely used open-source media player app, have revealed a data breach of its user forum. The breach did not happen due to a vulnerability. Instead, an unknown attacker used the account of a legitimate but inactive member of the forum admin team to access the MyBB admin console on two occasions: February 16 and 21, 2023. The attacker was able to create backups of databases, which they then downloaded and deleted. READ MORE...
Hacked sites caught spreading malware via fake Chrome updates
Hackers are compromising websites to inject scripts that display fake Google Chrome automatic update errors that distribute malware to unaware visitors. The campaign has been underway since November 2022, and according to NTT's security analyst Rintaro Koike, it shifted up a gear after February 2023, expanding its targeting scope to cover users who speak Japanese, Korean, and Spanish. READ MORE...
How Password Managers Can Get Hacked
Password managers aren't foolproof, but they do help mitigate risks from weak credentials and password reuse. Following best practices can contribute to a company's defenses. Over the past few months, several leading password managers have been victims of hacking and data breaches. For instance, LastPass, which experienced a massive breach last year, recently announced again that the company's password vault has been stolen. And thanks to the bad practice of reusing passwords too often, Norton LifeLock also reported compromises to its password manager. READ MORE...
Hybrid work environments are stressing CISOs
The impact of the hybrid workforce on security posture, as well as the risks introduced by this way of working, are posing concerns for CISOs and driving them to develop new strategies for hybrid work security, according to Red Access. Among the report's most critical findings is the revelation that browsing-based threats ranked as CISOs' number one concern, regardless of whether their organization was operating primarily in an in-office, hybrid, or remote setting. READ MORE...
- ...in 1945, President Franklin D. Roosevelt dies in office; Vice President Harry S. Truman assumes the Presidency after only 82 days as VP.
- ...in 1954, Bill Haley & His Comets record "Rock Around the Clock," widely credited as the song that brought rock and roll into the mainstream world culture.
- ...in 1961, Cosmonaut Yuri Gagarin becomes the first man to reach outer space and achieve Earth orbit, giving Russia a temporary lead in the Space Race.
- ...in 1996, early Internet giant Yahoo! has its initial public offering, selling 2.6 million shares at $13 each.
