Menu

Blog

Archive for the ‘cybercrime/malcode’ category: Page 10

Oct 16, 2024

23andMe agrees to $30m settlement over data breach targeting Jewish and Chinese users

Posted by in categories: biotech/medical, cybercrime/malcode, genetics

Genetic testing company settles with plaintiffs over breach that was revealed when hacker published link to database labeled ‘ashkenazi DNA Data of Celebrities’

The breach, which occurred last October, affected more than 6.9 million customers and included users’ personal details such as their location, name and birthdate, as well as some information about their family trees. That data was shared on BreachForums, an online forum used by cybercriminals.

According to court documents, the data breach was revealed October 6 after a hacker going by the pseudonym Golem, a reference to the Jewish mythical defender made of clay, published a link to a database labeled ashkenazi DNA Data of Celebrities. According to the lawsuit, the hacker referred to the list as the most valuable data you’ll ever see, though most of the names were not famous.

Oct 15, 2024

Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems

Posted by in category: cybercrime/malcode

Cybersecurity experts uncover entry-point vulnerabilities in popular developer tools, enabling stealthy supply chain attacks.

Oct 14, 2024

Critical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware

Posted by in category: cybercrime/malcode

Cybercriminals exploit CVE-2024–40711 in Veeam to deploy ransomware, targeting unpatched systems and compromised VPNs.

Oct 14, 2024

GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks

Posted by in categories: cybercrime/malcode, law enforcement, robotics/AI

“This makes the scam much harder to spot, as the information provided is personally relevant to the victims, arrives via the expected communication channel, and the linked, fake websites look as expected.”

What’s more, the diversification of the victimology footprint has been complemented by improvements to the toolkit that allow the scammer groups to speed up the scam process using automated phishing page generation, improve communication with targets via interactive chatbots, protecting phishing websites against disruption by competitors, and other goals.

Telekopye’s operations have not been without their fair share of hiccups. In December 2023, law enforcement officials from Czechia and Ukraine announced the arrest of several cybercriminals who are alleged to have used the malicious Telegram bot.

Oct 12, 2024

OpenAI confirms threat actors use ChatGPT to write malware

Posted by in categories: cybercrime/malcode, robotics/AI

O.o!!!!


OpenAI has disrupted over 20 malicious cyber operations abusing its AI-powered chatbot, ChatGPT, for debugging and developing malware, spreading misinformation, evading detection, and conducting spear-phishing attacks.

The report, which focuses on operations since the beginning of the year, constitutes the first official confirmation that generative mainstream AI tools are used to enhance offensive cyber operations.

Continue reading “OpenAI confirms threat actors use ChatGPT to write malware” »

Oct 12, 2024

Thousands of Linux systems infected by stealthy malware since 2021

Posted by in category: cybercrime/malcode

The ability to remain installed and undetected makes Perfctl hard to fight.

Oct 11, 2024

New Gmail Security Alert For Billions As 7-Day AI Hack Confirmed

Posted by in categories: cybercrime/malcode, robotics/AI

Google has implemented increasingly sophisticated protections against those who would compromise your Gmail account —but hackers using AI-driven attacks are also evolving. Here’s what you need to know.

Sam Mitrovic, a Microsoft solutions consultant, has issued a warning after almost falling victim to what is described as a “super realistic AI scam call” capable of tricking even the most experienced of users.

It all started a week before Mitrovic realized the sophistication of the attack that was targeting him. “I received a notification to approve a Gmail account recovery attempt,” Mitrovic recounts in a blog post warning other Gmail users of the threat in question. The need to confirm an account recovery, or a password reset, is a notorious phishing attack methodology intended to drive the user to a fake login portal where they need to enter their credentials to report the request as not initiated by them.

Oct 11, 2024

Internet Archive data breach exposes more than 31 million user accounts: reports

Posted by in categories: cybercrime/malcode, encryption, internet

(NEXSTAR) — The Internet Archive, a popular digital library known for its Wayback Machine, was hacked and suffered a data breach that reportedly exposed 31 million user accounts.

Founder Brewster Kahle confirmed in a post on the social media platform X that a cyberattack on Tuesday knocked the website offline. He also said that usernames, emails, and encrypted passwords had been compromised.

“Services are currently stopped to upgrade internal systems,” Kahle wrote in a Thursday update. “We are working to restore services as quickly and safely as possible. Sorry for this disruption.”

Oct 9, 2024

Internet Archive Breach Exposes 31 Million Users

Posted by in categories: cybercrime/malcode, internet, law

The hack exposed the data of 31 million users as the embattled Wayback Machine maker scrambles to stay online and contain the fallout of digital—and legal—attacks.

Oct 9, 2024

Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited

Posted by in category: cybercrime/malcode

Ivanti warns of active exploitation of three new CSA vulnerabilities, enabling hackers to bypass security measures.

Page 10 of 224First7891011121314Last