The FBI announced on Monday that it seized the servers and websites of the Radar/Dispossessor ransomware operation following a joint international investigation. The joint operation was carried out in collaboration with the U.K.'s National Crime Agency, the Bamberg Public Prosecutor's Office, and the Bavarian State Criminal Police Office (BLKA). Law enforcement seized three U.S. servers, three U.K. servers, 18 German servers, eight U.S.-based domains, and one German-based domain. READ MORE...
An Arizona tech school will send letters to 208,717 current and former students, staff, and parents whose data was exposed during a January break-in that allowed an attacker to steal nearly 50 types of personal info. The East Valley Institute of Technology (EVIT) said a "cyber incident that involved unauthorized access to the network," which was on January 9, was the cause of the data theft. READ MORE...
Federal authorities and security researchers warn malicious hackers are targeting legacy Cisco Smart Install features to steal system configuration files and compromise enterprise networks. The Cybersecurity and Infrastructure Security Agency advised organizations to disable the Smart Install feature and said it continues to see enterprises using weak passwords on Cisco network devices, in an advisory released Thursday. READ MORE...
On Aug. 12, Ukraine's Computer Emergency Response Team (CERT-UA) discovered a mass distribution of emails carrying malicious software posing as the country's Security Service (SSU). The emails contain a link to download a file called "Document.zip" that, once clicked on, triggers a download of the MSI-file. This file launches a malware called ANONVNC that, when opened, allows attackers to gain unauthorized access to a victim's device. READ MORE...
Despite worries about criminals using prompt injection to trick large language models (LLMs) into leaking sensitive data or performing other destructive actions, most of these types of AI shenanigans come from job seekers trying to get their resumes past automated HR screeners - and people protesting generative AI for various reasons, according to Russian security biz Kaspersky. READ MORE...
A simple bug in the Common Log File System (CLFS) driver can instantly trigger the infamous blue screen of death across any recent versions of Windows. CLFS is a user- and kernel-mode logging service that helps applications record and manage logs. It's also a popular target for hacking. While experimenting with its driver last year, a Fortra researcher discovered an improper validation of specified quantities in input data which allowed him to trigger system crashes at will. READ MORE...
A widespread campaign featuring a malicious installer that saddles users with difficult-to-remove malicious Chrome and Edge browser extensions has been spotted by researchers. "The trojan malware contains different deliverables ranging from simple adware extensions that hijack searches to more sophisticated malicious scripts that deliver local extensions to steal private data and execute various commands," the Reason Labs research team says. READ MORE...
Cybersecurity research company IOActive has disclosed the details of a new vulnerability impacting AMD processors, but the chip giant pointed out that the weakness is not easy to exploit. The vulnerability, dubbed Sinkclose and tracked as CVE-2023-31315, targets System Management Mode (SMM), a high-privilege operating mode in x86 processors used for low-level system management functions. READ MORE...
Nightfall AI's research revealed that secrets like passwords and API keys were most often found in GitHub, with nearly 350 total secrets exposed per 100 employees every year. What's more concerning is that 35% of all API keys discovered were still active - posing a major risk for privilege escalation attacks, data leaks, data breaches and more. Many of the secrets discovered had already been exposed for several months. READ MORE...
NIST has formally published three post-quantum cryptography standards from the competition it held to develop cryptography able to withstand the anticipated quantum computing decryption of current asymmetric encryption. There are no surprises - but now it is official. The three standards are ML-KEM (formerly better known as Kyber), ML-DSA (formerly better known as Dilithium), and SLH-DSA (better known as Sphincs+). READ MORE...