Breaking (Cyber) News
Keep abreast of breaking cyber security news and evolution in the cyber threat landscape
The Hacker News
- This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android AppsA Spanish-speaking cybercrime group named GXC Team has been observed bundling phishing kits with malicious Android applications, taking malware-as-a-service (MaaS) offerings to the next level. Singaporean cybersecurity company Group-IB, which has been tracking the e-crime actor since January 2023, described the crimeware solution as a "sophisticated AI-powered phishing-as-a-service platform"
- Offensive AI: The Sine Qua Non of Cybersecurity"Peace is the virtue of civilization. War is its crime. Yet it is often in the furnace of war that the sharpest tools of peace are forged." - Victor Hugo. In 1971, an unsettling message started appearing on several computers that comprised ARPANET, the precursor to what we now know as the Internet. The message, […]
- U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on HospitalsThe U.S. Department of Justice (DoJ) on Thursday unsealed an indictment against a North Korean military intelligence operative for allegedly carrying out ransomware attacks against healthcare facilities in the country and funneling the payments to orchestrate additional intrusions into defense, technology, and government entities across the world. "Rim Jong Hyok and his co-conspirators deployed
Secure Boot no more? Leaked key, faulty practices put 900 PC/server models in jeopardy | CSO Online
- Secure Boot no more? Leaked key, faulty practices put 900 PC/server models in jeopardySecurity researchers warn that some PC and server manufacturers are using insecure cryptographic keys as the root of trust for Secure Boot, an important security feature in modern computers that prevents malware from injecting itself early into the boot process. One of those keys has been leaked accidentally, potentially breaking Secure Boot guarantees for hundreds […]
- Counting the cost of CrowdStrike: the bug that bit billionsAs eye-popping estimates emerge for the cost to enterprises of dealing with aftermath of last week’s CrowdStrike-induced outages, it’s crucial to break down the sources of these expenses and understand how much of the financial burden will be absorbed by cyber insurance. Parametrix, known for its cloud monitoring and insurance solutions, has pegged the total […]
- Download the unified endpoint management (UEM) platform enterprise buyer’s guideFrom the editors of our sister publication Computerworld, this enterprise buyer’s guide helps IT staff understand what the various unified endpoint management (UEM) platforms can do for their organizations and how to choose the right solution.
darkreading
- China-Backed Phishing Attack Targets India Postal System UsersA large text-message phishing attack campaign attributed to the China-based Smishing Triad employs malicious iMessages.
- Millions of Devices Vulnerable to 'PKFail' Secure Boot Bypass IssueSeveral vendors for consumer and enterprise PCs share a compromised crypto key that should never have been on the devices in the first place.
- CrowdStrike Outage Losses Estimated at a Staggering $5.4BResearchers track the healthcare sector as experiencing the biggest financial losses, with banking and transportation following close behind.
Sophos News
- Sophos MDR for Microsoft Defender: Gaining momentum with Microsoft-specific service enhancementsSophos Managed Detection and Response (MDR) delivers robust defenses and maximizes your Microsoft technology investments.
- Unlocking cyber insurance savings to fund MDRRedirecting risk reduction spend from cyber insurance to MDR services is a win-win, resulting in better protection and lower cost coverage.
- Sophos Firewall v20 MR2 is now availableSophos Firewall OS v20 MR2 is a free upgrade for all licensed Sophos Firewall customers.
GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
- OpenAI Launches SearchGPT PrototypeSan Francisco, CA – OpenAI has announced the launch of SearchGPT, a groundbreaking prototype designed to revolutionize how users search for information online. This innovative tool combines the advanced capabilities of OpenAI’s AI models with real-time web data to provide users with fast, accurate, and timely answers. Initially, SearchGPT will be available to a select […]
- Play & LockBit Ransomware Join Hands to Launch Cyber AttacksPlay Ransomware and LockBit Ransomware have reportedly allied to enhance their capabilities in launching cyber attacks. This collaboration, which involves a significant financial transaction and training exchange, has raised alarms among cybersecurity experts and organizations worldwide. Financial Transaction and Training Exchange According to a tweet from Daily Dark Web, Play Ransomware has agreed to pay […]
- Threat Actors Claiming Leak of IOC list with 250M Data, CrowdStrike RespondedA hacktivist entity known as USDoD has asserted that it has leaked CrowdStrike’s “entire threat actor list” and claims to possess the company’s “entire IOC [indicators of compromise] list,” which purportedly contains over 250 million data points. Details of the Alleged Leak On July 24, 2024, the USDoD group announced an English-language cybercrime forum, stating […]