Ethical hacker Alexander Hagenah has created TotalRecall, a tool that demonstrates how malicious individuals could abuse Windows' newly announced Recall feature to steal sensitive information. On May 20, Microsoft announced a new line of Windows 11-powered PCs called Copilot+. Among its previewed features was Recall, which was immediately viewed with suspicion by security professionals and privacy-minded users. READ MORE...
Several London hospitals said Tuesday that they had to cancel operations and send patients away because of a cyberattack on a company that supplies pathology laboratory services. The firm, Synnovis, said it had been hit with a ransomware attack. Chief Executive Mark Dollar said the attack "has affected all Synnovis IT systems, resulting in interruptions to many of our pathology services." READ MORE...
A massive data breach at Ticketmaster and another one at Santander Bank last month may have both resulted from a fundamental failure by the companies to properly secure access to the data on a third-party cloud storage service. The incidents are the latest reminder of why organizations storing sensitive data in the cloud need to implement multifactor authentication (MFA), IP restrictions, and other mechanisms to protect access to it. READ MORE...
A threat actor is attempting to deploy the Cobalt Strike post-exploit toolkit on Windows systems belonging to users in Ukraine. The focus of the campaign appears to be to gain complete remote control of targeted systems for future payload deployment and potentially other malicious purposes, researchers at Fortinet said in a blog post this week. The security vendor described the threat actor as using a Ukrainian-themed Excel file with an embedded macro as an initial lure. READ MORE...
Over the past week, attackers have hijacked high-profile TikTok accounts belonging to multiple companies and celebrities, exploiting a zero-day vulnerability in the social media's direct messages feature. Zero-day vulnerabilities are security flaws with no official patch or public information detailing the underlying weakness. After being compromised, user accounts belonging to Sony, CNN, and Paris Hilton had to be taken down to prevent abuse. READ MORE...
Security researchers analyzing the relatively new RansomHub ransomware-as-a-service believe that it has evoloved from the currently defunct Knight ransomware project. RansomHub has a short history and operated mainly as a data theft and extortion group that sells stolen files to the highest bidder. The gang grabbed attention in mid-April when it leaked stolen data from United Health subsidiary Change Healthcare following a BlackCat/ALPHV attack, suggesting some form of collaboration. READ MORE...
Last month, we looked into some of the most incorrect, dangerous, and downright weird answers generated by Google's new AI Overviews feature. Since then, Google has offered a partial apology/explanation for generating those kinds of results and has reportedly rolled back the feature's rollout for at least some types of queries. But the more I've thought about that rollout, the more I've begun to question the wisdom of Google's AI-powered search results in the first place. READ MORE...
Taiwan-based networking device manufacturer Zyxel on Tuesday warned of three critical-severity vulnerabilities in two discontinued NAS products that could lead to command injection and arbitrary code execution. Tracked as CVE-2024-29972 and CVE-2024-29973, the first two flaws are command injection bugs that can be exploited without authentication, via crafted HTTP POST requests. READ MORE...