Kategorie

Google has revealed a new multilingual text vectorizer called RETVec (short for Resilient and Efficient Text Vectorizer) to help detect potentially harmful content such as spam and malicious emails in Gmail. "RETVec is trained to be resilient against character-level manipulations including insertion, deletion, typos, homoglyphs, LEET substitution, and more," according to the project's Newsroomhttp://www.blogger.com/profile/09767675513435997467noreply@blogger.comMachine Learning / Email Security37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641

Wing Security recently announced that basic third-party risk assessment is now available as a free product. But it raises the questions of how SaaS is connected to third-party risk management (TPRM) and what companies should do to ensure a proper SaaS-TPRM process is in place. In this article we will share 5 tips to manage the third-party risks associated with SaaS, but first...  What exactly isThe Hacker Newshttp://www.blogger.com/profile/16801458706306167627noreply@blogger.comSaaS Security / Risk Management37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641

Threat actors from the Democratic People's Republic of Korea (DPRK) are increasingly targeting the cryptocurrency sector as a major revenue generation mechanism since at least 2017 to get around sanctions imposed against the country. "Even though movement in and out of and within the country is heavily restricted, and its general population is isolated from the rest of the world, the regime's Newsroomhttp://www.blogger.com/profile/09767675513435997467noreply@blogger.comCryptocurrency / Cyberattacks37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641

Welcome to a world where Generative AI revolutionizes the field of cybersecurity. Generative AI refers to the use of artificial intelligence (AI) techniques to generate or create new data, such as images, text, or sounds. It has gained significant attention in recent years due to its ability to generate realistic and diverse outputs. When it comes to security operations, Generative AI can play The Hacker Newshttp://www.blogger.com/profile/16801458706306167627noreply@blogger.comGenerative AI / Threat Intelligence37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641

A CACTUS ransomware campaign has been observed exploiting recently disclosed security flaws in a cloud analytics and business intelligence platform called Qlik Sense to obtain a foothold into targeted environments. "This campaign marks the first documented instance [...] where threat actors deploying CACTUS ransomware have exploited vulnerabilities in Qlik Sense for initial access," Arctic Wolf Newsroomhttp://www.blogger.com/profile/09767675513435997467noreply@blogger.comRansomware / Vulnerability37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641

The U.S. Treasury Department on Wednesday imposed sanctions against Sinbad, a virtual currency mixer that has been put to use by the North Korea-linked Lazarus Group to launder ill-gotten proceeds. "Sinbad has processed millions of dollars' worth of virtual currency from Lazarus Group heists, including the Horizon Bridge and Axie Infinity heists," the department said. "Sinbad is also used by Newsroomhttp://www.blogger.com/profile/09767675513435997467noreply@blogger.comHacking / Cryptocurrency37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed that it's responding to a cyber attack that involved the active exploitation of Unitronics programmable logic controllers (PLCs) to target the Municipal Water Authority of Aliquippa in western Pennsylvania. The attack has been attributed to an Iranian-backed hacktivist collective known as Cyber Av3ngers. "Cyber threat Newsroomhttp://www.blogger.com/profile/09767675513435997467noreply@blogger.comCyber Attack / Hacking37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641

An Android malware campaign targeting Iranian banks has expanded its capabilities and incorporated additional evasion tactics to fly under the radar. That's according to a new report from Zimperium, which discovered more than 200 malicious apps associated with the malicious operation, with the threat actor also observed carrying out phishing attacks against the targeted financial institutions. Newsroomhttp://www.blogger.com/profile/09767675513435997467noreply@blogger.comMobile Security / Malware37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641

In a rapidly evolving digital landscape, it's crucial to reevaluate how we secure web environments. Traditional antivirus-approach solutions have their merits, but they're reactive. A new report delves into the reasons for embracing proactive web security solutions, ensuring you stay ahead of emerging threats.  To learn more, download the full report here. The New Paradigm If you’ve been relyingThe Hacker Newshttp://www.blogger.com/profile/16801458706306167627noreply@blogger.comProactive vs. Antivirus37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641

Identity services provider Okta has disclosed that it detected "additional threat actor activity" in connection with the October 2023 breach of its support case management system. "The threat actor downloaded the names and email addresses of all Okta customer support system users," the company said in a statement shared with The Hacker News. "All Okta Workforce Identity Cloud (WIC) and Customer Newsroomhttp://www.blogger.com/profile/09767675513435997467noreply@blogger.comCyber Attack / Data Breach37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641

A variant of a ransomware strain known as DJVU has been observed to be distributed in the form of cracked software. "While this attack pattern is not new, incidents involving a DJVU variant that appends the .xaro extension to affected files and demanding ransom for a decryptor have been observed infecting systems alongside a host of various commodity loaders and infostealers," Cybereason Newsroomhttp://www.blogger.com/profile/09767675513435997467noreply@blogger.comRansomware / Cyber Threat37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641

The recently disclosed critical security flaw impacting Apache ActiveMQ is being actively exploited by threat actors to distribute a new Go-based botnet called GoTitan as well as a .NET program known as PrCtrl Rat that's capable of remotely commandeering the infected hosts. The attacks involve the exploitation of a remote code execution bug (CVE-2023-46604, CVSS score: 10.0) that has been Newsroomhttp://www.blogger.com/profile/09767675513435997467noreply@blogger.comMalware / Threat Intelligence37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641

Google has rolled out security updates to fix seven security issues in its Chrome browser, including a zero-day that has come under active exploitation in the wild. Tracked as CVE-2023-6345, the high-severity vulnerability has been described as an integer overflow bug in Skia, an open source 2D graphics library. Benoît Sevens and Clément Lecigne of Google's Threat Analysis Group (TAG) have been Newsroomhttp://www.blogger.com/profile/09767675513435997467noreply@blogger.comZero-Day / Web Browser37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641

As cloud technology evolves, so does the challenge of securing sensitive data. In a world where data duplication and sprawl are common, organizations face increased risks of non-compliance and unauthorized data breaches. Sentra's DSPM (Data Security Posture Management) emerges as a comprehensive solution, offering continuous discovery and accurate classification of sensitive data in the cloud. The Hacker Newshttp://www.blogger.com/profile/16801458706306167627noreply@blogger.comData Security / Posture Management37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641

Cybersecurity researchers have detailed a "severe design flaw" in Google Workspace's domain-wide delegation (DWD) feature that could be exploited by threat actors to facilitate privilege escalation and obtain unauthorized access to Workspace APIs without super admin privileges. "Such exploitation could result in theft of emails from Gmail, data exfiltration from Google Drive, or other Newsroomhttp://www.blogger.com/profile/09767675513435997467noreply@blogger.comData Security / Data Breach37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641

Account credentials, a popular initial access vector, have become a valuable commodity in cybercrime. As a result, a single set of stolen credentials can put your organization’s entire network at risk. According to the 2023 Verizon Data Breach Investigation Report, external parties were responsible for 83 percent of breaches that occurred between November 2021 and October 2022. Forty-nine The Hacker Newshttp://www.blogger.com/profile/16801458706306167627noreply@blogger.comCybercrime / Breach Prevention37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641

A coordinated law enforcement operation has led to the arrest of key individuals in Ukraine who are alleged to be a part of several ransomware schemes. "On 21 November, 30 properties were searched in the regions of Kyiv, Cherkasy, Rivne, and Vinnytsia, resulting in the arrest of the 32-year-old ringleader," Europol said in a statement today. "Four of the ringleader's most active accomplices wereNewsroomhttp://www.blogger.com/profile/09767675513435997467noreply@blogger.comRansomware / Cybercrime37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641

Identity and Access Management (IAM) systems are a staple to ensure only authorized individuals or entities have access to specific resources in order to protect sensitive information and secure business assets. But did you know that today over 80% of attacks now involve identity, compromised credentials or bypassing the authentication mechanism? Recent breaches at MGM and Caesars have The Hacker Newshttp://www.blogger.com/profile/16801458706306167627noreply@blogger.comThreat Detection / Insider Threat37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641

Cybersecurity researchers have discovered a case of "forced authentication" that could be exploited to leak a Windows user's NT LAN Manager (NTLM) tokens by tricking a victim into opening a specially crafted Microsoft Access file. The attack takes advantage of a legitimate feature in the database management system solution that allows users to link to external data sources, such as a remote SQL Newsroomhttp://www.blogger.com/profile/09767675513435997467noreply@blogger.comCyber Attack / Vulnerability37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641

The North Korean threat actors behind macOS malware strains such as RustBucket and KANDYKORN have been observed "mixing and matching" different elements of the two disparate attack chains, leveraging RustBucket droppers to deliver KANDYKORN. The findings come from cybersecurity firm SentinelOne, which also tied a third macOS-specific malware called ObjCShellz to the RustBucket campaign. Newsroomhttp://www.blogger.com/profile/09767675513435997467noreply@blogger.comMalware / Cyber Espionage37.09024 -95.7128918.780006163821156 -130.869141 65.400473836178847 -60.556641