A newly patched zero-day vulnerability in Windows can be exploited with minimal interaction from the user, such as deleting a file or right-clicking on it, cybersecurity firm ClearSky warns. Tracked as CVE-2024-43451, the zero-day is a medium-severity flaw that impacts the MSHTM engine, which continues to be used through WebBrowser control by Edge in Internet Explorer mode and other applications, exposing them to any security defects plaguing the component. READ MORE...
The business contact information for 122 million people circulating since February 2024 is now confirmed to have been stolen from a B2B demand generation platform. The data comes from DemandScience (formerly Pure Incubation), a B2B demand generation company that aggregates data. Data aggregation is the process of collecting, compiling, and organizing data from public sources to create a comprehensive dataset valuable for digital marketers and advertisers in creating rich "profiles." READ MORE...
American Associated Pharmacies (AAP) is the latest US healthcare organization to have had its data stolen and encrypted by cyber-crooks, it is feared. The criminals over at the Embargo ransomware operation claimed responsibility for the hit job, allegedly stealing 1.469 TB of AAP's data, scrambling its files, and demanding payment to restore the information. AAP, which oversees a few thousand independent pharmacies in the country, hasn't officially confirmed an attack. READ MORE...
A 33-year-old Nigerian man living in the UK and his co-conspirators defrauded over 400 would-be home buyers in the US. In the initial phase, Babatunde Francis Ayeni and his criminal gang targeted US title companies, real estate agents, and real estate attorneys. Employees of these companies were tricked into clicking malicious attachments and links and filling in their email account login information on fake sites. READ MORE...
The US Justice Department on Wednesday unsealed charges against two Nigerian nationals accused of hacking into the systems of multiple tax preparation companies as part of a scheme that could have gotten them millions of dollars. The two suspects are Matthew Akande, 35, of Mexico, and Kehinde Oyetunji, 33, of North Dakota. Oyetunji pleaded guilty to hacking and fraud-related charges in late 2022, but he has yet to be sentenced. READ MORE...
China's APT41 threat group is using a sophisticated Windows-based surveillance toolkit in a cyber-espionage campaign targeting organizations in South Asia. The malware adds to the already broad portfolio of malicious tools that the threat actor has deployed in recent years and makes APT41 an even more pernicious threat to targeted enterprises. Researchers at BlackBerry, among the many who are tracking the threat actor, spotted the new malware toolkit earlier this year. READ MORE...
ShrinkLocker is a family of ransomware that encrypts an organisation's data and demands a ransom payment in order to restore access to their files. It was first identified by security researchers in May 2024, after attacks were observed in Mexico, Indonesia, and Jordan. The ShrinkLocker ransomware is unusual because it uses VBScript and Microsoft Windows's legitimate security tool BitLocker to assist with the encryption of victims' files. READ MORE...
Citrix and security researchers at watchTowr on Tuesday warned about security flaws in Citrix Session Recording that can allow an attacker to take control of a system. The vulnerabilities include CVE-2024-8068, a privilege escalation that allows access to NetworkService Account access, and CVE-2024-8069, which allows limited remote code execution, with the privilege of a NetworkService account access. READ MORE...
OpenAI's ChatGPT platform provides a great degree of access to the LLM's sandbox, allowing you to upload programs and files, execute commands, and browse the sandbox's file structure. The ChatGPT sandbox is an isolated environment that allows users to interact with the it securely while being walled off from other users and the host servers. It does this by restricting access to sensitive files and folders, blocking access to the internet, and attempting to restrict commands. READ MORE...
Google has fixed two flaws in Vertex AI, its platform for custom development and deployment of large language models (LLMs), that could have allowed attackers to exfiltrate proprietary enterprise models from the system. The flaw highlights once again the danger that malicious manipulation of artificial intelligence (AI) technology present for business users. Researchers at Palo Alto Networks Unit 42 discovered the flaws in Google's Vertex AI platform, a machine learning (ML) platform. READ MORE...