Clop was responsible for one-third of all ransomware attacks in July, positioning the financially-motivated threat actor to become the most prolific ransomware threat actor this summer, according to multiple threat intelligence reports. Clop's mass exploit of a zero-day vulnerability in the MOVEit file transfer service rapidly catapulted the group to the head of the global ransomware threat actor pack. READ MORE...
The scraped data of 2.6 million DuoLingo users was leaked on a hacking forum, allowing threat actors to conduct targeted phishing attacks using the exposed information. Duolingo is one of the largest language learning sites in the world, with over 74 million monthly users worldwide. In January 2023, someone was selling the scraped data of 2.6 million DuoLingo users on the now-shutdown Breached hacking forum for $1,500. READ MORE...
CloudNordic has told customers to consider all of their data lost following a ransomware infection that encrypted the large Danish cloud provider's servers and "paralyzed CloudNordic completely," according to the IT outfit's online confession. The intrusion happened in the early-morning hours of August 18 during which miscreants shut down all of CloudNordic's systems, wiping both company and customers' websites and email systems. READ MORE...
CISA has added a vulnerability - cataloged as CVE-2023-26359 - to the Known Exploited Vulnerabilities Catalog with a CVSS score of 9.8 due to active exploitation. The vulnerability is a deserialization flaw affecting Adobe ColdFusion 2018 (Update 15 and earlier) and Adobe ColdFusion 2021 (Update 5 and earlier) and has the potential to result in arbitrary code execution. READ MORE...
Google this week announced a Chrome 116 security update that patches five memory safety vulnerabilities reported by external researchers, including four issues rated 'high severity'. Based on the bug bounty reward Google paid out for these flaws, the most severe of them is CVE-2023-4430, a use-after-free bug in Vulkan, the cross-platform, open standard for 3D graphics. READ MORE...
There's mounting evidence that Akira ransomware targets Cisco VPN (virtual private network) products as an attack vector to breach corporate networks, steal, and eventually encrypt data. Akira ransomware is a relatively new ransomware operation launched in March 2023, with the group later adding a Linux encryptor to target VMware ESXi virtual machines. Cisco VPN solutions are widely adopted across many industries to provide secure, encrypted data transmission between users and corporate networks. READ MORE...
Zoom updated its terms and conditions - again - on Friday following persistent criticism related to language that allowed the company to use customer data to train its AI systems. The latest iteration of the terms allows Zoom to access customer content for legal, security and safety purposes, but the company will not use any audio, video, chat or screen-sharing data to train third-party or its internal AI models. READ MORE...
In large metropolitan areas, tourists are often easy to spot because they're far more inclined than locals to gaze upward at the surrounding skyscrapers. Security experts say this same tourist dynamic is a dead giveaway in virtually all computer intrusions that lead to devastating attacks like data theft and ransomware, and that more organizations should set simple virtual tripwires that sound the alarm when authorized users and devices are spotted exhibiting this behavior. READ MORE...
The chief technology officer of a robotics startup told me earlier this year, "We thought we'd have to do a lot of work to build 'ChatGPT for robotics.' Instead, it turns out that, in a lot of cases, ChatGPT is ChatGPT for robotics." Until recently, AI models were specialized tools. Using AI in a particular area, like robotics, meant spending time and money creating AI models specifically and only for that area. READ MORE...