Federal authorities said they are investigating China-linked attacks on U.S. telecom networks in the wake of reports that hackers conducted a broad espionage campaign, targeting senior elected officials and candidates. "After the FBI identified specific malicious activity targeting the sector, the FBI and the Cybersecurity and Infrastructure Security Agency immediately notified affected companies," the agencies said in a joint statement Friday. READ MORE...
One of the largest internet providers in France, Free S.A.S, has confirmed that it recently suffered a cybersecurity breach after a hacker attempted to sell what purported to be stolen data from the organisation on the dark web. Free told Le Monde that personal data related to some customers had indeed compromised after an attacker targeted a management tool. However, according to the firm, no passwords, bank card information, or the contents of communications were compromised by the attack. READ MORE...
Fully patched Windows 11 systems are vulnerable to attacks that allow an adversary to install custom rootkits that can neutralize endpoint security mechanisms, hide malicious processes and network activity, maintain persistence and stealth on a compromised system, and more. The assault involves a Windows OS downgrade attack technique that SafeBreach security researcher Alon Leviev demonstrated at Black Hat USA 2024 in August. READ MORE...
Crooks are leveraging the event management and ticketing website Eventbrite to deliver their phishing emails to potential targets. "Since July, these attacks have increased 25% week over week, resulting in a total growth rate of 900%," Perception Point researchers say. The phishing emails look like they are coming from Eventbrite because they are, but their content is crafted to impersonate legitimate businesses. READ MORE...
Apple has released security patches for most of its operating systems, including iOS, Mac, iPadOS and watchOS. Especially important are the updates for iOS and iPadOS which tackle vulnerabilities which could potentially leak sensitive user information. You should make sure you update as soon as you can. To check if you're using the latest software version, go to Settings > General > Software Update. READ MORE...
Ukrainian efforts to recruit new soldiers to serve in its military in the country's war against Russia is under a two-pronged cyberattack by Kremlin-backed threat actors. Researchers at Google's Threat Intelligence Group (TAG) and Mandiant have tracked down an active campaign that uses a spoofed version of the legitimate Ukrainian-language tool "Civil Defense," a crowdsourced mapping tool used to locate military recruiters. Attackers are using the fake version to perform dual malicious actions. READ MORE...
Malicious instructions encoded in hexadecimal format could have been used to bypass ChatGPT safeguards designed to prevent misuse. The new jailbreak was disclosed on Monday by Marco Figueroa, gen-AI bug bounty programs manager at Mozilla, through the 0Din bug bounty program. Launched by Mozilla in June 2024, 0Din, which stands for 0Day Investigative Network, is a bug bounty program focusing on large language models (LLMs) and other deep learning technologies. READ MORE...
An investigation by French newspaper Le Monde found that the highly confidential movements of U.S. President Joe Biden, presidential rivals Donald Trump and Kamala Harris, and other world leaders can be easily tracked online through a fitness app that their bodyguards use. But the U.S. Secret Service told the newspaper that it doesn't believe the protection it provides was in any way compromised. READ MORE...