Lifeboat Foundation

Chinese hackers could also attack the networks of companies that provide services to the military or to critical infrastructure operators, holding their systems hostage for ransom payments.

“If you get the right supply chain, it can have a lot of effects against a lot of targets,” said John Hultquist, head of Mandiant Intelligence Analysis at Google Cloud.

Continue reading “What it will look like if China launches cyberattacks in the U.S.” »

Trained across security and networking disciplines and armed with trillions of data signals, Security Copilot dramatically increases the reach, speed and effectiveness of any security team

REDMOND, Wash. — March 28, 2023 — Microsoft Corp. on Tuesday announced it is bringing the next generation of AI to cybersecurity with the launch of Microsoft Security Copilot, giving defenders a much-needed tool to quickly detect and respond to threats and better understand the threat landscape overall. Security Copilot will combine Microsoft’s vast threat intelligence footprint with industry-leading expertise to augment the work of security professionals through an easy-to-use AI assistant.

“Today the odds remain stacked against cybersecurity professionals. Too often, they fight an asymmetric battle against relentless and sophisticated attackers,” said Vasu Jakkal, corporate vice president, Microsoft Security. “With Security Copilot, we are shifting the balance of power into our favor. Security Copilot is the first and only generative AI security product enabling defenders to move at the speed and scale of AI.”

A new Android malware named ‘Goldoson’ has infiltrated the platform’s official app store, Google Play, through 60 apps that collectively have 100 million downloads.

Researchers in the United States have developed a new ultrasonic acoustic attack that can covertly give hackers remote access to many smart devices by turning the device’s microphone and voice assistant against them.

The attack works by using ultrasonic acoustic signals that are inaudible to humans but can be picked up by voice assistants on smart devices, a type of cyberattack commonly referred to as a “SurfingAttack” or “ DolphinAttack.”

With a SurfingAttack, a hacker can modulate voice commands into silent, near-ultrasonic signals, allowing them to issue commands to a smart device, all while a user is blissfully unaware their device has been hijacked.

In this weeks episode of Minutes With we sat down with Mustafa Al-Bassam, a former member of Anonymous and one of the founders of LulzSec.

Mustafa tells us how he got in to hacking and how he ended up getting involved in attacks on The Sun, The Westboro Baptist Church and even the US Government.

Continue reading “How I Hacked The US Government Aged 16 | Minutes With | @LADbible” »

The travel and tourism sector has become a prime focus for cyberattacks in recent times, resulting in ransomware incidents arising from data breaches. Against this backdrop, cybersecurity concerns within the industry have escalated with a 4 pc year-on-year (YoY) rise in 2022, reflecting the prevailing sentiment, says GlobalData, a leading data and analytics company.

In its report, Company Filing Analytics Database, GlobalData says that sentiment for airlines, travel services, and lodging rose by 6 pc, 4 pc, and 1 pc, respectively, in 2022 over 2021.

“Companies are consistently working on information and network security projects to set up a reliable technical protection and security management mechanism to ensure customer security and prevent data leakage. A severe data security incident can lead to operational disturbances and cause significant financial damage to the business,” says Misa Singh, Business Fundamentals Analyst at GlobalData.

Online romance fraud is an increasingly common phenomenon, which can affect people of all ages worldwide. This type of fraud occurs when a malicious individual or members of a criminal organization engage with users online pretending to be romantically interested in them, while trying to trick them into sending money or sharing confidential information with them.

Online romance scams can have a detrimental effect on a victim’s life, causing them to spend all their savings, become indebted, and even be subjected to blackmail or identity theft. A team of researchers at Abertay University in the U.K. recently reviewed existing literature focusing on romance fraud and then summarized some of the most recurring findings in a paper pre-published on arXiv.

“Romance fraud has been growing over the last decade or so and was exacerbated by the COVID-19 pandemic which saw a surge in cybercrime and cyberattacks,” Dr. Lynsay Shepherd, one of the researchers who carried out the study, told Tech Xplore. “Our paper provides a comprehensive overview of romance fraud research, which could serve as a starting point for future research in the field.”

The company is offering rewards ‘for exceptional discoveries’.

OpenAI, the creator of conversational chatbot ChatGPT, has announced a Bug Bounty program where users can report “vulnerabilities, bugs, or security flaws” and be financially rewarded for finding them. The company has announced rewards ranging from $200 to $20,000 depending on the severity of the flaw and teamed up with a popular bug-finding platform to streamline the process.

OpenAI’s ChatGPT has ushered in a race for artificial intelligence (AI) models that provide comprehensive solutions to user queries and can even simulate intriguing imagery with the help of a few text prompts.

Continue reading “OpenAI launches $20k Bug Bounty Program to make its products safer” »

Malicious loader programs capable of trojanizing Android applications are being traded on the criminal underground for up to $20,000 as a way to evade Google Play Store defenses.

“The most popular application categories to hide malware and unwanted software include cryptocurrency trackers, financial apps, QR-code scanners, and even dating apps,” Kaspersky said in a new report based on messages posted on online forums between 2019 and 2023.

Dropper apps are the primary means for threat actors looking to sneak malware via the Google Play Store. Such apps often masquerade as seemingly innocuous apps, with malicious updates introduced upon clearing the review process and the applications have amassed a significant user base.