Executives, researchers and engineers at big tech companies and startups alike working on artificial intelligence face a growing threat from criminal and nation-state hackers looking to pilfer intellectual property or data that underlies powerful chatbots, the FBI warned on Friday. The growing risk coincides with increasing availability of AI tools and services to the general public in the form of products such as OpenAI's ChatGPT, or Google's Bard. READ MORE...
Website of Israel's largest oil refinery operator, BAZAN Group is inaccessible from most parts of the world as threat actors claim to have hacked the Group's cyber systems. The Haifa Bay-based BAZAN Group, formerly Oil Refineries Ltd., generates over $13.5 billion in annual revenue and employs more than 1,800 people. The company boasts to have a total oil refining capacity of about 9.8 million tons of crude oil per year. READ MORE...
A Korean-language malware campaign known as Stark#Mule is targeting victims using US military recruiting documents as lures, then running malware staged from legitimate but compromised Korean e-commerce websites. Security firm Securonix discovered the Stark#Mule attack campaign, which it said allows threat actors to disguise themselves amid normal website traffic. The campaign seems to target Korean-speaking victims in South Korea, indicating a possible attack origin from neighboring North Korea. READ MORE...
Google has published its annual 0-day vulnerability report, presenting in-the-wild exploitation stats from 2022 and highlighting a long-standing problem in the Android platform that elevates the value and use of disclosed flaws for extended periods. More specifically, Google's report highlights the problem of n-days in Android functioning as 0-days for threat actors. The problem stems from the complexity of the Android ecosystem, involving several steps between Google and the phone manufacturers. READ MORE...
Security researchers have unearthed a rare malware find: malicious Android apps that use optical character recognition to steal credentials displayed on phone screens. The malware, dubbed CherryBlos by researchers from security firm Trend Micro, has been embedded into at least four Android apps available outside of Google Play, specifically on sites promoting money-making scams. One of the apps was available for close to a month on Google Play but didn't contain the malicious CherryBlos payload. READ MORE...
Valid account credentials are at the root of most successful threat actor intrusions of critical infrastructure networks and state and local agencies, according to the Cybersecurity and Infrastructure Security Agency. Valid credential compromise combined with spear-phishing attacks accounts for nearly 90% of infiltrations last year. Valid accounts, including former employee accounts not removed from the Active Directory and default administrator credentials. READ MORE...
Ivanti has warned customers about a second zero-day vulnerability in its Endpoint Manager Mobile (EPMM) product that has been exploited in targeted attacks. Norwegian authorities announced on July 24 that a dozen government ministries had been targeted in a cyberattack involving exploitation of CVE-2023-35078, an Ivanti EPMM zero-day that allows an unauthenticated attacker to obtain sensitive information and make changes to impacted servers. READ MORE...
Personal, financial, and health information belonging to millions of folks has been stolen via a particular class of website vulnerability, say cybersecurity agencies in the US and Australia. They're urging developers to review their code and squish these bugs for good. The flaws are known as insecure direct object references, or IDORs. They essentially occur when a web app or a web API backend doesn't properly check that a user is actually allowed to access some info. READ MORE...