Agregátor RSS

Google has released fixes for a high-severity Chromium security flaw ( CVE-2024-5274 ) impacting its widely used Chrome browser and other Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi. CISA has added this Type Confusion bug, exploited in the wild, to its Known Exploited Vulnerability Catalog . CISA has stated, "These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.", underscoring the significance of this flaw for impacted organizations.

Today, all organizations are exposed to the threat of cyber breaches, irrespective of their scale. Historically, larger companies were frequent targets due to their substantial resources, sensitive data, and regulatory responsibilities, whereas smaller entities often underestimated their attractiveness to hackers. However, this assumption is precarious, as cybercriminals frequently exploit

Today, all organizations are exposed to the threat of cyber breaches, irrespective of their scale. Historically, larger companies were frequent targets due to their substantial resources, sensitive data, and regulatory responsibilities, whereas smaller entities often underestimated their attractiveness to hackers. However, this assumption is precarious, as cybercriminals frequently exploit The Hacker Newshttp://www.blogger.com/profile/[email protected]

The Cybersecurity and Infrastructure Security Agency (CISA) recently added a new Linux kernel privilege escalation bug ( CVE-2024-1086 ) to its Known Exploited Vulnerabilities (KEV) catalog . This bug is being actively exploited in the wild, and federal organizations have been given a deadline of June 20th to patch it, suggesting that private organizations follow suit.

Scumbag targeted many victims – and those who tried to help them

A scumbag who used to work as a privacy consultant has been put behind bars for nine years for a "grotesque" cyberstalking campaign against more than a dozen victims.…

Spanish language victims are the target of an email phishing campaign that delivers a new remote access trojan (RAT) called Poco RAT since at least February 2024. The attacks primarily single out mining, manufacturing, hospitality, and utilities sectors, according to cybersecurity company Cofense. "The majority of the custom code in the malware appears to be focused on anti-analysis,

Spanish language victims are the target of an email phishing campaign that delivers a new remote access trojan (RAT) called Poco RAT since at least February 2024. The attacks primarily single out mining, manufacturing, hospitality, and utilities sectors, according to cybersecurity company Cofense. "The majority of the custom code in the malware appears to be focused on anti-analysis, Newsroomhttp://www.blogger.com/profile/[email protected]

Introduction

Bulk phishing email campaigns tend to target large audiences. They use catch-all wordings and simplistic formatting, and typos are not uncommon. Targeted attacks take greater effort, with attackers sending personalized messages that include personal details and might look more like something you’d get from your employer or a customer. Adopting that approach on a larger scale is a pricey endeavor. Yet, certain elements of spear phishing recently started to be used in regular mass phishing campaigns. This story looks at some real-life examples that illustrate the trend.

Spear phishing vs. mass phishing

Spear phishing is a type of attack that targets a specific individual or small group. Phishing emails like that feature information about the victim, and they tend to copy, both textually and visually, the style used by the company that they pretend to be from. They’re not easy to see for what they are: the attackers avoid errors in technical headers and don’t use email tools that could get them blocked, such as open email relays or bulletproof hosting services included in blocklists, such as DNS-based blocklist (DNSBL).

By contrast, mass phishing campaigns are designed for a large number of recipients: the messages are generalized in nature, they are not addressed to a specific user and do not feature the name of the addressee’s company or any other personalized details. Typos, mistakes and poor design are all common. Today’s AI-powered editing tools help attackers write better, but the text and formatting found in bulk email is still occasionally substandard. There is no structure to who gets targeted: attackers run their campaigns across entire databases of email addresses available to them. It’s a one-size-fits-all message inside: corporate discounts, security alerts from popular services, issues with signing in and the like.

Attacks evolving: real-life examples

Unlike other types of email phishing, spear phishing was never a tool for mass attacks. However, as we researched user requests in late 2023, we spotted an anomaly in how detections were distributed statistically. A lot of the emails that we found were impossible to pigeonhole as either targeted or mass-oriented. They boasted a quality design, personalized details of the targeted company and styling that imitated HR notifications. Still the campaigns were too aggressive and sent on too mass a scale to qualify as spear phishing.

An HR phishing email message: the body references the company, the recipient is addressed by their name, and the content is specialized enough so as to feel normal to a vigilant user

Besides, the message linked to a typical fake Outlook sign-in form. The form was not customized to reflect the target company’s style – a sure sign of bulk phishing.

The phishing sign-in form that opened when the user clicked the link in the email

Another similar campaign uses so-called ghost spoofing, a type of spoofing that adds a real corporate email address to the sender’s name, but does not hide or modify the actual domain. The technique sees increasing use in targeted attacks, but it’s overkill for mass phishing.

An HR phishing email message that uses ghost spoofing: the sender’s name contains the HR team’s email address, lending an air of authenticity to the email

As in the previous example, the phishing link in the email doesn’t have any unique features that a spear phishing link would. The sign-in form that opens contains no personalized details, while the design looks exactly like many other forms of this kind. It is hosted on an IPFS service like those often used in mass attacks.

The IPFS phishing sign-in form

Statistics

The number of mixed phishing emails, March-May, 2024 (download)

We detected a substantial increase in the number of those mixed attacks in March through May 2024. First and foremost, this is a sign that tools used by attackers are growing in complexity and sophistication. Today’s technology lowers the cost of launching personalized attacks at scale. AI-powered tools can style the email body as an official HR request, fix typos and create a clean design. We have also observed a proliferation of third-party spear phishing services. This calls for increased vigilance on the part of users and more robust corporate security infrastructure.

Takeaways

Attackers are increasingly adopting spear phishing methods and technology in their bulk phishing campaigns: emails they send are growing more personalized, and the range of their spoofing technologies and tactics is expanding. These are still mass email campaigns and as such present a potential threat. This calls for safeguards that keep up with the pace of advances in technology while combining sets of methods and services to combat each type of phishing.

To fend off email attacks that combine spear and mass phishing elements:

• Pay attention to the sender’s address and the actual email domain: in an official corporate email, these must match.
• If something smells phishy, ask the sender to clarify, but don’t just reply to the email: use a different communication channel.
• Hold regular awareness sessions for your team to educate them about email phishing.
• Use advanced security solutions that incorporate anti-spam filtering and protection.

It’s been 10 years since Slack launched its popular chat application and ushered in an era of fast-paced and more casual business communications. While the email inbox hasn’t yet been consigned to the past, the effect Slack has had on office work is clear, making it easier (at times, too easy) to share information and interact with colleagues, regardless of where they are. 

For the company’s new CEO, Denise Dresser, the introduction of AI-based tools is an opportunity for the company to continue to shape the way work gets done. “I could not be more optimistic about what the future of AI is going to bring to the future of how we all work,” Dresser said. “We celebrated our 10th anniversary in February and I feel like Slack was made for this moment of generative AI…, for Slack to again lead the next decade of this AI-powered future of work.”

The launch of Slack AI earlier this year is one of bigger changes to Slack’s application in recent years. A revamped user interface rolled out in 2023 sought to retain ease of use even as new functions were added. The changes ranged from canvas documents to lightweight video and voice calls and a task management tool, with automation continuing as a major focus via Workflow Builder. 

There have been some major changes in personnel, too. Co-founder and Stewart Butterfield announced his departure in 2022, a year after Slack’s $27.7 billion acquisition by Salesforce, and other senior leaders have since moved on. Butterfield’s successor, Lidiane Jones, was CEO for just a year before taking over at dating app company Bumble. That makes Dresser, who joined in November 2023, the third boss in a little over a year. 

Among her priorities are plans to bring Slack’s new native capabilities — such as the recently launched lists tool — to customers in a “broader way,” while continuing to build AI into the platform after the general availability launch of Slack AI in February. 

Another focus has been to more deeply integrate Slack into the Salesforce ecosystem in terms of both product and customer sales strategy. Dresser’s background at Salesforce — where she has held several senior executive roles since 2011 — should help align the two businesses, said Will McKeon-White, senior analyst at Forrester. Her appointment will help in “creating better joint go-to-market motions, in all the rationalization and operationalization that needs to happen with any of these motions — I’m quite a fan of that,” he said. 

Slack’s headwinds

Dresser takes over at a time of slowing growth for the business. Quarterly revenue growth during FY2024 and into FY2025 has reached between 16% and 20% year over year, roughly half as high as quarterly growth shown in Slack and Salesforce earnings reports between 2020 and 2023. 

“Slack has been facing more headwinds recently,” said McKeon-White, pointing to internal challenges such as integration efforts after the Salesforce acquisition, a fast-changing competitive environment (with a wider range of rivals such as Zoom competing more directly), and a shift in customer purchasing post-pandemic.

After businesses scrambled to roll out communication software during the COVID-19 outbreak to facilitate remote work at scale, many later sought to reduce the number of applications they use. The global market for collaboration software continued to see double digit growth, according to IDC data for 2022, when the market was valued at $33.9 billion, though the rate of increase slowed as the pandemic eased. 

Slack appears to have felt the change more acutely, said McKeon-White, due to a formidable competitor: Microsoft’s Teams, which launched in 2016 as a response to Slack’s runaway workplace success. 

For customers invested in the Microsoft 365 suite, it made sense to use what they were already paying for. “Our research shows — and I think the market shows — that a fair amount of companies have gone in that direction and said Teams is ‘good enough,’” said Irwin Lazar, president and principal analyst at Metrigy.

Microsoft has now unbundled Teams from M365 for new subscribers (following an antitrust battle with European regulators), but that’s unlikely to benefit Slack in a significant way, analysts have said.  And yet, many organizations support both apps, said McKeon-White, as businesses seek to deploy multiple communication tools to meet employee needs. 

“So, while there has been that gradual attrition and centralization, there’s now an emerging counter movement to that,” he said.

“There is competition between Slack and Teams, but when they’re used together, when they’re integrated, there’s also a synergy,” said Wayne Kurtzman, IDC’s vice president of social, community and collaboration. “So additional growth may actually come from the synergy of having both in the enterprise.”

In a crowded field, still room to grow

Despite the challenges, Slack remains in a strong position to grow, say analysts. Efforts to add functionality to the platform have paid off, making the application even more useful to customers. “The enhancements to the platform are leaning into their strengths, which is as a center of collaboration and automation in an organization…,” said McKeon-White.  

Dresser argued that the value of Slack is clear and cited the company’s own customer survey data; it indicatea a 47% productivity increase, a 36% increase in win rate for sales users, 32% faster case resolution time in customer service, and a 37% acceleration for decision making in marketing.

Said Dresser: “I find it’s not hard to make the case [to customers]; it’s focusing on the business outcome of the platform itself. Slack is where work gets done and our results and outcomes really speak to that.”

The clearest opportunity for growth lies in selling Slack to Salesforce customer organizations, said McKeon-White, though this remains a work in progress. “That is a ready-made pipeline for them, effectively, but will require some joint go-to-market efforts and additional contract value…. That might be something like platform discounts and other similar motions,” he said.

Slack hasn’t moved as aggressively to integrate with Salesforce as it might have, though the launch last year of Sales Elevate, which makes Salesforce data more easily accessible in the collaboration app, is a sign of an improvement. “I think that’s where there’s a huge opportunity to make Slack the front-end of Salesforce,” said Lazar.  If I’m a salesperson or sales manager, or if I’m using Salesforce marketing campaigns, then I can manage all the different Salesforce features within Slack, and I have the ability to collaborate,” he said.

McKeon-White also sees potential for Slack to further tailor its app to specific job roles and industries. Features like lists and Workflow Builder enable Slack to be tailored to internal use cases, such as procurement, for example, or IT, and there are  opportunities to cater to specific verticals such as a healthcare or retail organization more intently.

Slack can also increase revenues from existing customers, said Lazar, as it continues to evolve. “Most of their growth is going to happen within their existing customer base by adding new feature functionality and adding higher-level licenses, or converting people over to the Enterprise Grid product,” he said. 

Slack’s AI future

A major focus for the company, as with all vendors in the collaboration and productivity software space, is the addition of generative AI (genAI) tools. 

Slack AI launched earlier this year, with three features:

• AI powered search. This provides personalized answers to questions based on an organization’s knowledge base. Slack AI helps users locate subject matter experts, or find information on anything from work projects to understanding unfamiliar acronyms.
• Channel recaps. This highlights key discussion points for a Slack user after a period away from the app, or for those who have recently joined a channel.
• Thread summaries. This feature recaps faster-moving discussions, provides thread summaries, and offers an overview of long conversations, with links to sources in each summary that enable users to check information where necessary.

Slack AI’s advantage lies in its ease of use, with little or no training required, Dresser said.

Slack AI search allows users to more quickly find information that could be buried in channels and chats.

Slack

“One of our product principles is ‘don’t make me think’ and that’s a key part of how we’re thinking about AI,” she said. That means ensuring Slack is embedded in “the most logical places that drive immediate productivity, and maybe a little bit of joy and delight in the process.” She points to the AI recap feature. “I love starting my day out with ‘recap,’ so that when there are channels that I don’t necessarily read all day long, I get a quick recap of what happened and I’m on with my day.”

Slack, like all tech companies, is still working to overcome some of genAI’s limitations. Hallucinations are an inherent problem for large language models(LLMs), particularly in a workplace context where accuracy is vital. Dresser said Slack attempts to mitigate the impact of hallucinations with citations that link back to the original source of information. “It allows people to feel that it is less of a black box,” she said. “They can actually see the specific conversation that led to the summarization of that result. It’s little things like that that provide the transparency that helps you build trust.”

Slack CEO: Trust matters

Trust around the use of customer data is a hot topic, too. Slack users recently vented frustrations at terms of service that some interpreted as the company seeking to use customer data to train its AI models. While Slack explained that the terms related to the use of “traditional” machine learning algorithms for relatively benign purposes (channel and emoji recommendations, for instance) rather than using messages to train LLMs as some had feared, the situation underlined the tensions around access to customer data. 

“We did hear from customers that we needed to be more clear, so we immediately updated our language on the website, so customers know exactly where we stand,” Dresser said. “Trust is our top priority. When we built generative AI natively into Slack, it was a huge area of our focus. 

“We do not develop LLMs or other generative AI models using customer data, full stop.”

Slack is not alone in tackling genAI’s various difficulties. “This is like the pre-game show for AI,” said Kurtzman. “It is the very beginning. Things are not where we imagine they should be. Slack is doing well with AI that’s tuned to identify content within a conversation and identify value within the conversation. But everyone’s AI is continually improving.”

Despite widespread interest in the technology, there’s still a long way to go in terms of broad adoption. A recent Slack survey showed that only 32% of respondents have accessed AI in their jobs, with half doing so on a weekly basis. 

Part of that is because of cost, part of it is uncertainty about whether generative AI can deliver value, given the additional cost to users. Slack AI costs an additional $10 per user each month — that’s less expensive than others, but still a significant outlay as AI assistants become widely available.

“For organizations who have used it [Slack AI], they seem to be very happy with it,” said McKeon-White. “But getting the budget together in order to justify another internal AI experiment is fairly difficult today: It turns out AI is expensive, especially if you try to do it for all of your organization.” 

“On the whole, we believe that pricing will eventually be baked into everything as AI becomes ubiquitous,” said Kurtzman. “But for today, the [additional] pricing generally returns value fairly quickly.” 

The initial Slack AI feature such as conversation summarization are useful, but can make it hard to justify the cost. “I think initially it’s a tough sell,” said Lazar, at least until Slack AI can integrate a wider range of data sources from third-party apps, which could significantly increase its capabilities.

Still, early Slack AI customers have already noted its utility, said Dresser; an internal analysis of pilot customers indicated it saves users an average 97 minutes a week, for instance. “We’re still in the very early days…, but the results are really positive. Starting in the right places, in a trusted manner, right in the flow of work, will be the way that I think the world begins to adopt…AI,” she said.

Genetické vylepšování lidského organismu stojí mimo zákon, ale to neznamená, že se o něj někteří vědci nepokoušejí • Není pochyb o tom, že o vylepšení cílenými zásahy do DNA bude už v blízké budoucnosti mezi lidmi zájem • Do sortimentu potenciálních vylepšení může přibýt supersluch.

Trh NFT funguje podivně. Kvantový simulátor na superpočítači Karolina. Částici stop v CERNu nenašli, supersymetrii opět nepotvrdili. Čím lze na exoplanetách nahradit vodu?

AMD oznámila podepsání dohody o akvizici společnosti Silo AI v hodnotě $665 milionů. Formální dokončení transakce se očekává do konce letošního roku…

Druhá nejoblíbenější IP kamera na trhu TP-Link Tapo C320WS nebyla nikdy levnější než teď. V Alze je k dostání za 1039 Kč při zadání slevového kódu ALZADNY20. Jinde stojí obvykle o 1200 Kč a pod 1140 Kč cena zatím nikdy nespadla. Tapo C320WS je venkovní s odolností IP66 proti prachu i dešti. ...

LockBit variant targets backup software - which you may remember is supposed to help you recover from ransomware

Yet another new ransomware gang, this one dubbed EstateRansomware, is now exploiting a Veeam vulnerability that was patched more than a year ago to deploy file-encrypting malware, a LockBit variant, and extort payments from victims.…

Potřebujete pro každodenní práci na stole čtečky SD karet a hodně USB konektorů? Kingston má šikovné řešení, které si můžete přizpůsobit na míru.

Spolu s nastupujícími letními vedry začínají v mnoha domácnostech a kancelářích boje o optimální nastavení klimatizace. Zatímco jedněm vyhovuje teplota 20 °C, druzí ji mohou vnímat jako příliš nízkou. Vědci se snažili přijít na kloub tomu, co stojí za těmito rozdíly. Podrobnosti přináší magazín ...