<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 3/14/2024

SHARE

Breaches

Leak of Acer Philippines employee database appears on hacking forum

The Philippines division of Taiwanese tech firm Acer has confirmed that information related to its employees has been leaked after a third-party vendor suffered a security breach. An attacker called "ph1ns" posted a link on a hacking forum to a stolen database containing employee attendance data from Acer Philippines. The database reportedly included workers' names, usernames, passwords, roles, departments, employer's name, birthdates, mobile numbers, and email addresses. READ MORE...


Nissan Data Breach Affects 100,000 Individuals

Nissan Oceania is notifying roughly 100,000 individuals of a data breach resulting from a ransomware attack conducted by a known cybercrime group in late 2023. The carmaker said it detected an intrusion on December 5, 2023, and informed customers about a disruptive cyber incident the same day. The attack impacted Nissan Motor Corporation and Nissan Financial Services in Australia and New Zealand. READ MORE...


French unemployment agency data breach impacts 43 million people

France Travail, formerly known as Pôle Emploi, is warning that hackers breached its systems and may leak or exploit personal details of an estimated 43 million individuals. France Travail is the French governmental agency responsible for registering unemployed individuals, providing financial aid, and assisting them in finding jobs. Yesterday, the agency disclosed that hackers stole details belonging to job seekers registered with the agency in a cyberattack between February 6 and March 5. READ MORE...

Malware

Hackers exploit Windows SmartScreen flaw to drop DarkGate malware

A new wave of attacks by the DarkGate malware operation exploits a now-fixed Windows Defender SmartScreen vulnerability to bypass security checks and automatically install fake software installers. SmartScreen is a Windows security feature that displays a warning when users attempt to run unrecognized or suspicious files downloaded from the internet. The flaw is a Windows Defender SmartScreen flaw that allows specially crafted downloaded files to bypass these security warnings. READ MORE...

Information Security

What happens when ChatGPT tries to solve 50,000 trolley problems?

There's a puppy on the road. The car is going too fast to stop in time, but swerving means the car will hit an old man on the sidewalk instead. What choice would you make? Perhaps more importantly, what choice would ChatGPT make? Autonomous driving startups are now experimenting with AI chatbot assistants, including one self-driving system that will use one to explain its driving decisions. Beyond announcing red lights and turn signals, these chatbots may ultimately need to make moral decisions. READ MORE...

Exploits/Vulnerabilities

Hackers can read private AI assistant chats even though they're encrypted

AI assistants have been widely available for a little more than a year, and they already have access to our most private thoughts and business secrets. People ask them about becoming pregnant or terminating or preventing pregnancy, consult them when considering a divorce, seek information about drug addiction, or ask for edits in emails containing proprietary trade secrets. READ MORE...


Patch Now: Kubernetes RCE Flaw Allows Full Takeover of Windows Nodes

A security bug in the widely used Kubernetes container-management system allows attackers to remotely execute code with System privileges on Windows endpoints, potentially leading to full takeover of all Windows nodes within a Kubernetes cluster. Akamai security researcher Tomer Peled discovered the flaw. Exploitation lies in manipulating Kubernetes volumes, a feature aimed at supporting the sharing of data between pods on a cluster, or storing it persistently outside of a pod's lifecycle. READ MORE...

On This Date

  • ...in 1879, theoretical physicist Albert Einstein, responsible for the Theory of Relativity, is born in Ulm, Germany.
  • ...in 1923, American photographer Diane Arbus, known for her images of ordinary people and outsiders, is born in New York City.
  • ...in 1994, version 1.0.0 of the Linux kernel is released by Linus Torvalds and other various contributors.
  • ...in 2009, the first officially-recognized National Pi Day was celebrated in honor of the indispensable mathematical constant.