NY Business Council discloses data breach affecting 47,000 people
The Business Council of New York State (BCNYS) has revealed that attackers who breached its network in February stole the personal, financial, and health information of over 47,000 individuals. As the state's largest statewide employer association, BCNYS represents over 3,000 member organizations, including chambers of commerce, professional and trade associations, and other local and regional business organizations. READ MORE...
Gambling Tech Firm Bragg Discloses Cyberattack
Gaming content and technology giant Bragg Gaming Group over the weekend fell victim to a cyberattack impacting its internal systems. The incident, the gambling solutions provider announced on Monday, occurred early Sunday morning, but did not impact its operations. "Based on preliminary investigations, the company believes that the data breach was limited to Bragg's internal computer environment," Bragg said. READ MORE...
'DripDropper' Hackers Patch Their Own Exploit
An attacker is exploiting a nearly 2-year-old vulnerability in Apache ActiveMQ to compromise Linux servers and install malicious software on them. The attacker then discreetly fixes the same security flaw they used for initial access. The tactic is both an attempt to mask how they are breaking into the systems in the first place and also to prevent other threat actors from using the same flaw to get in. READ MORE...
Noodlophile Stealer Hides Behind Bogus Copyright Complaints
A new threat campaign uses corporate social media accounts as a pretense to target enterprises with sophisticated spear-phishing lures. Research released by Morphisec today detailed the latest happenings surrounding Noodlophile, a sophisticated infostealing campaign. In May, Morphisec researchers shared how threat actors spread the malware through fake landing pages for AI tools, but it seems Noodlophile has switched up its game to some extent. READ MORE...
Investors beware: AI-powered financial scams swamp social media
As economic uncertainty and persistent inflation are eroding our pay checks and imperilling our pensions, it's not surprising that many of us are looking to make our money go a bit further. Unfortunately, scammers are preying on this need with increasingly sophisticated schemes on social media. Could you tell the difference between a real and a fake investment ad? It's getting increasingly difficult to do so. READ MORE...
New NIST guide explains how to detect morphed images
Face morphing software can blend two people's photos into one image, making it possible for someone to fool identity checks at buildings, airports, borders, and other secure places. These morphed images can trick face recognition systems into linking the photo to both people, allowing one person to pass as the other. This kind of software is easy to get. A morph can be made with phone apps, desktop graphics programs, or AI tools. READ MORE...
The humble printer highlights overlooked security flaws
The humble printer, once a buzzing hive of enterprise activity, was largely eclipsed by electronic document management years ago. Yet the oft-overlooked office workhorse retains a foothold in the modern IT estate, posing potential security risks for lax organizations. "Printers are no longer just harmless office fixtures - they're smart, connected devices storing sensitive data," Steve Inch, global senior print security strategist at HP Inc., said in a press release. READ MORE...
Novel 5G Attack Bypasses Need for Malicious Base Station
A team of researchers from the Singapore University of Technology and Design has disclosed the details of a new 5G attack that does not require the use of a malicious base station. As part of the project, the researchers have released a framework named Sni5Gect that can be used to sniff messages and perform message injection in 5G communications. The attack targets the 5G New Radio (NR) radio access technology that powers 5G networks. READ MORE...
How to spot the latest fake Gmail security alerts
Security alerts from tech companies are supposed to warn us when something might be amiss-but what if the alerts themselves are the risk? Scammers have long impersonated tech companies' security and support staff as a way to sniff out users' login credentials, and reports suggest that they're doing it again, at scale. The attack goes like this: Victims get an email or phone call allegedly from Google support that warns someone has tried to hack their account. READ MORE...
- ...in 1871, engineer and aviation pioneer Orville Wright, co-inventor of the first successful motorized airplane, is born in Dayton, OH.
- ...in 1906, early TV pioneer Philo Farnsworth, inventor of the first electronic television system, is born in Beaver, UT.
- ...in 1960, Chubby Checker performs "The Twist" on Dick Clark's weekly variety show, inspiring a worldwide dance craze.
- ...in 2004, Google Inc. holds its initial public offering of stock on NASDAQ at $85 per share.
