Comcast's Xfinity is informing customers that their information has been compromised in a cyberattack that involved exploitation of the vulnerability known as CitrixBleed. CitrixBleed, officially tracked as CVE-2023-4966, is a critical vulnerability affecting Citrix's Netscaler ADC and Gateway appliances. Malicious actors can exploit the flaw to hijack existing sessions, which can give them access to the targeted organization's systems. READ MORE...
American global apparel and footwear giant VF Corporation, the owner of brands like Supreme, Vans, Timberland, and The North Face, has disclosed a security incident that caused operational disruptions. VF Corp. is a Colorado-based apparel firm owning 13 globally recognized brands. The company employs 35,000 people and has an annual revenue of $11.6 billion. Apart from the brands mentioned above, VF Corp. owns Dickies, Eastpak, Kipling, Napapijri, AND1, JanSport, Icebreaker, Altra Running, and SmartWool. READ MORE...
Multiple sources are confirming the resurgence of Qakbot malware mere months after the FBI and other law enforcement agencies shuttered the Windows botnet. Microsoft Threat Intelligence reckons a new Qakbot phishing campaign is active as of December 11 but attack attempts are currently low in volume. The gang targets the hospitality sector, initially using phishing emails containing malicious PDF attachments that they've doctored to look like they come from the US Internal Revenue Service (IRS). READ MORE...
The US Justice Department is passing a decryptor to more than 500 victims of AlphV/BlackCat's ransomware following a disruption campaign. It believes the decryptor, which will allow victims to recover from ransomware for free, will prevent $68 million in ransom payments from being made. "Today's announcement highlights the Justice Department's ability to take on even the most sophisticated and prolific cybercriminals," said US Attorney Markenzy Lapointe of the Southern District of Florida. READ MORE...
The Federal Bureau of Investigation (FBI) says the Play ransomware gang has breached roughly 300 organizations worldwide between June 2022 and October 2023, some of them critical infrastructure entities. The warning comes as a joint advisory issued in partnership with CISA and the Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC). The Play ransomware operation surfaced in June 2022, after the first victims reached out for help in BleepingComputer's forums. READ MORE...
In the movie Everything Everywhere All at Once, protagonist Evelyn Wang must travel between dimensions to confront and defeat an evil that threatens her family's existence in their home universe. For Wang it is a confusing and taxing fight that requires her to use information, experience, and power gained to overcome the challenges she meets along the way. It's a convoluted story arc that is not unlike the day-to-day of a CISO working to protect the modern enterprise and the universe of "things" that are being deployed. READ MORE...
Prompt injection is, thus far, an unresolved challenge that poses a significant threat to Language Model (LLM) integrity. This risk is particularly alarming when LLMs are turned into agents that interact directly with the external world, utilizing tools to fetch data or execute actions. Malicious actors can leverage prompt injection techniques to generate unintended and potentially harmful outcomes by distorting the reality in which the LLM operates. READ MORE...