Virginia Attorney General's Office Struck by Cyberattack Targeting Attorneys' Computer Systems
The Virginia Attorney General's office, the state's top prosecutorial agency led by Jason Miyares, was struck by a cyberattack this week that forced officials off the office's computer systems. According to the Richmond Times-Dispatch, the chief deputy attorney general of the agency sent an email on Wednesday that said nearly all of is computer systems were offline, and that Virginia State Police and other law enforcement officials were investigating the attack. READ MORE...
Two Estonians plead guilty in $577M cryptocurrency Ponzi scheme
Two Estonian nationals may spend the next 20 years in prison for stealing hundreds of millions of dollars through a massive cryptocurrency Ponzi scheme, the US Department of Justice announced last week. "According to court documents, Sergei Potapenko and Ivan Turõgin, both 40, sold contracts to customers entitling them to a share of cryptocurrency mined by the defendants' purported cryptocurrency mining service, HashFlare," said the Justice Department. READ MORE...
PirateFi game on Steam caught installing password-stealing malware
A free-to-play game named PirateFi in the Steam store has been distributing the Vidar infostealing malware to unsuspecting users. The title was present in the Steam catalog for almost a week, between February 6th and February 12th, and was downloaded by up to 1,500 users. The distribution service is sending notices to potentially impacted users, advising them to reinstall Windows out of an abundance of caution. READ MORE...
New FinalDraft malware abuses Outlook mail service for stealthy comms
A new malware called FinalDraft has been using Outlook email drafts for command-and-control communication in attacks against a ministry in a South American country. The attacks were discovered by Elastic Security Labs and rely on a complete toolset that includes a custom malware loader named PathLoader, the FinalDraft backdoor, and multiple post-exploitation utilities. The abuse of Outlook, in this case, aims to achieve covert communications. READ MORE...
This open text-to-speech model needs just seconds of audio to clone your voice
Palo Alto-based AI startup Zyphra unveiled a pair of open text-to-speech (TTS) models this week said to be capable of cloning your voice with as little as five seconds of sample audio. In our testing, we generated realistic results with less than half a minute of recorded speech. Founded in 2021 by Danny Martinelli and Krithik Puthalath, the startup aims to build a multimodal agent system called MaiaOS. READ MORE...
Nearly 10 years after Data and Goliath, Bruce Schneier says: Privacy's still screwed
It has been nearly a decade since famed cryptographer and privacy expert Bruce Schneier released the book Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World - an examination of how government agencies and tech giants exploit personal data. Today, his predictions feel eerily accurate. At stake, he argued then, was a possibly irreversible loss of privacy, and the archiving of everything. READ MORE...
DOGE's .gov site lampooned as coders quickly realize it can be edited by anyone
"An official website of the United States government," reads small text atop the Department of Government Efficiency (DOGE) website that Elon Musk's team started populating this week with information on agency cuts. But you apparently don't have to work in government to push updates to the site. A couple of prankster web developers told 404 Media that they separately discovered how "insecure" the DOGE site was, seemingly pulling from a "database that can be edited by anyone." READ MORE...
Xerox Versalink Printer Vulnerabilities Enable Lateral Movement
Vulnerabilities in Xerox VersaLink multifunction printers could allow attackers to retrieve authentication credentials via pass-back attacks targeting LDAP and SMB/FTP services, Rapid7 discovered. Two security defects were identified in the all-in-one enterprise color printers, namely CVE-2024-12510 and CVE-2024-12511, and Xerox released security updates to address both. In short, in a pass-back attack, the printer is directed to authenticate against a server controlled by the attacker. READ MORE...
- ...in 1801, The House of Representatives breaks an electoral college tie and chooses Thomas Jefferson over Aaron Burr for President.
- ...in 1913, the Armory Show opens in New York City, introducing art aficionados to the European avant-garde and inspiring a generation of American artists.
- ...in 1920, comic book artist Curt Swan, whose art appeared in Superman comics for over 30 years, is born in Minnesota.
- ...in 1936, former Cleveland Browns fullback and action film star Jim Brown ("The Dirty Dozen", "Ice Station Zebra") is born in St. Simons, GA.
