Archive for the ‘cybercrime/malcode’ category: Page 6

Nov 1, 2023

It’s Cheap to Exploit Software — and That’s a Major Security Problem

Posted by in categories: cybercrime/malcode, mobile phones

How much would it cost to hack your phone? The best guess for an iPhone is between $0 and $65,000 — and that price mainly depends on you. If you skipped a really important security update, the cost is closer to $0.

Say you were up to date. That $65,000 figure is an upper cost of exploiting the median individual — switch to an Android, a Mac, or a PC and it could get a lot lower. Apple has invested enormous resources in hardening the iPhone. The asking price for an individual exploit, rather than as a service, can go as high as $8 million. Compare that to the cost of an exploit of a PDF reader like Adobe Acrobat — notoriously riddled with security vulnerabilities — which according to this TrendMicro research report (PDF) is $250 and up.

Switch from targeting a specific person to targeting any of the thousands of people at a large company and there are myriad ways in. An attacker only needs to find the cheapest one.

Oct 31, 2023

Google Chrome now auto-upgrades to secure connections for all users

Posted by in categories: cybercrime/malcode, encryption, internet

Google has taken a significant step towards enhancing Chrome internet security by automatically upgrading insecure HTTP requests to HTTPS requests for 100% of users.

This feature is called HTTPS-Upgrades and will secure old links that utilize the http:// by automatically attempting to first connect to the URL over the encrypted https:// protocol.

A limited rollout of this feature in Google Chrome began in July, but as of October 16th, Google has now rolled it out to all users on the Stable channel.

Oct 31, 2023

Boeing Breached by Ransomware, LockBit Gang Claims

Posted by in category: cybercrime/malcode

https://informatech.co/3QEBncW by.

In a post on its leak site, prolific ransomware threat group LockBit claims that it breached Boeing, and said that it will start releasing sensitive data it purportedly stole from the company’s systems if ransom demands aren’t met by Nov. 2.

“A tremendous amount of sensitive data was exfiltrated and ready to be published if Boeing do (sic) not contact within deadline!” the LockBit post shared by cybersecurity analyst Dominic Alvieri read. “For now we will not send lists or samples to protect the company BUT we will not keep it like that until the deadline.”

Continue reading “Boeing Breached by Ransomware, LockBit Gang Claims” »

Oct 30, 2023

ExelaStealer: A New Low-Cost Cybercrime Weapon Emerges

Posted by in category: cybercrime/malcode

🚨 ExelaStealer, a dangerous info-stealing malware, has hit the scene, offering hackers a low-cost entry point for malicious attacks.

Learn more in this article:

Researchers warn of ExelaStealer, a new information stealer targeting Windows systems. It steals sensitive data like passwords, credit card numbers.

Oct 30, 2023

Hackers Using MSIX App Packages to Infect Windows PCs with GHOSTPULSE Maware

Posted by in category: cybercrime/malcode

🔒 Beware! A new cyber threat is using bogus MSIX Windows app packages for popular software like Google Chrome, Microsoft Edge, Brave, Grammarly, and Cisco Webex to spread a dangerous malware called GHOSTPULSE.

Learn more ➜.

Cyber criminals are using fake MSIX Windows app packages of popular software to deliver GHOSTPULSE malware loader.

Oct 29, 2023

OpenAI forms new team to assess “catastrophic risks” of AI

Posted by in categories: biological, chemistry, cybercrime/malcode, robotics/AI

OpenAI’s new preparedness team will address the potential dangers associated with AI, including nuclear threats.

OpenAI is forming a new team to mitigate the “catastrophic risks” associated with AI. In an update on Thursday.

The team will also work to mitigate “chemical, biological, and radiological threats,” as well as “autonomous replication,” or the act of an AI replicating itself. Some other risks that the preparedness team will address include AI’s ability to trick humans, as well as cybersecurity threats.

Continue reading “OpenAI forms new team to assess ‘catastrophic risks’ of AI” »

Oct 27, 2023

China’s BlackTech Hacking Group Exploited Routers to Target U.S. and Japanese Companies

Posted by in categories: cybercrime/malcode, government

How safe are our routers? Japan & U.S. cybersecurity agencies have flagged a major threat in the form of China’s BlackTech group.

Learn more about the threat:

BlackTech, a notorious state-backed hackers from China, are using router backdoors to quietly to breach government, tech, and media sectors in the U.S.

Oct 27, 2023

ChatGPT-like AI can be tricked to produce malicious code, cyber attacks

Posted by in categories: cybercrime/malcode, robotics/AI

Researchers demonstrate how Text-to-SQL systems can lead to cyber attacks.

A team of researchers from the University of Sheffield has demonstrated that popular artificial intelligence applications like OpenAI’s ChatGPT, among five others, can be manipulated to produce potentially harmful Structured Query Language (SQL) commands and can be exploited to attack computer systems in the real world.

The applications they used in their study included BAIDU-UNIT, ChatGPT, AI2SQL, AIHELPERBOT, Text2SQL, and ToolSKE.

Oct 26, 2023

Microsoft Warns as Scattered Spider Expands from SIM Swaps to Ransomware

Posted by in categories: cybercrime/malcode, finance

Microsoft warns of Scattered Spider, a financially motivated hacking crew that infiltrates firms worldwide using SMS phishing, SIM swapping, and by posing as new employees, leading to data breaches and takeovers.

Find out more:

The prolific threat actor known as Scattered Spider has been observed impersonating newly hired employees in targeted firms as a ploy to blend into normal on-hire processes and takeover accounts and breach organizations across the world.

Continue reading “Microsoft Warns as Scattered Spider Expands from SIM Swaps to Ransomware” »

Oct 26, 2023

FBI, CISA Warn of Rising AvosLocker Ransomware Attacks Against Critical Infrastructure

Posted by in category: cybercrime/malcode

⚠️ ALERT: AvosLocker #ransomware targets US critical infrastructure. Recent joint advisory from CISA and FBI exposes their tactics — using open-source tools and stealthy techniques to compromise networks.

Read more 👉 https://thehackernews.com/2023/10/fbi-cisa-warn-of-rising-avoslocker.htm

The FBI and CISA issue advisory on AvosLocker ransomware gang. They use open-source tools, leave minimal traces.

Page 6 of 194First345678910Last