The Department of Justice disrupted a botnet controlled by the Russia state-linked threat group Forest Blizzard, also known as Fancy Bear, in a court-ordered operation to disable hundreds of small office/home office routers used for malicious cyber activity. The botnet used Moobot malware installed on hundreds of vulnerable Ubiquiti Edge OS routers to conduct spear phishing and credential harvesting attacks in the U.S. READ MORE...
The notorious ransomware group known as BlackCat and Alphv has taken credit for the recently disclosed cyberattacks impacting financial giants LoanDepot and Prudential Financial. The two companies were named on the BlackCat leak website on Friday, February 16, and, based on the messages published by the hackers, both companies have refused to pay a ransom. In a post published on its leak website on Friday, the BlackCat ransomware gang claimed it still had access to Prudential systems. READ MORE...
The Russia-aligned threat group known as Winter Vivern was discovered exploiting cross-site scripting (XSS) vulnerabilities in Roundcube webmail servers across Europe in October - and now its victims are coming to light. The group mainly targeted government, military, and national infrastructure in Georgia, Poland, and Ukraine, according to Recorded Future's Insikt Group report on the campaign released today. READ MORE...
SolarWinds has released updates for Access Rights Manager (ARM) and (Orion) Platform that fix vulnerabilities that could allow attackers to execute code on vulnerable installations. SolarWinds, the company whose Orion IT administration platform has been infamously compromised in 2020 to deploy backdoors on select agencies' and companies' systems, has patched five vulnerabilities affecting its Access Rights Manager (ARM) solution. READ MORE...
Researchers at cybersecurity firm Group-IB have come across a new iOS trojan that is designed to help a Chinese cybercrime group obtain information needed to steal money from victims' bank accounts. The threat actor, tracked as GoldFactory, was first spotted last year and it appears to target the APAC region, with attacks likely carried out to date in Thailand and possibly Vietnam. READ MORE...
A coalition of major technology companies committed on Friday to limit the malicious use of deepfakes and other forms of artificial intelligence to manipulate or deceive voters in democratic elections. The AI elections accord, announced at the Munich Security Conference, outlines a series of commitments to make it harder for bad actors to use generative AI, large language models and other AI tools to deceive voters ahead of a busy election year across the globe in the coming year. READ MORE...
AI models, the subject of ongoing safety concerns about harmful and biased output, pose a risk beyond content emission. When wedded with tools that enable automated interaction with other systems, they can act on their own as malicious agents. Computer scientists affiliated with the University of Illinois Urbana-Champaign (UIUC) have demonstrated this by weaponizing several large language models (LLMs) to compromise vulnerable websites without human guidance. READ MORE...