Microsoft revealed that it’s placing the AI-powered Copilot+ feature for PCs on hold due to critical safety concerns.
“We are adjusting the release model for Recall to leverage the expertise of the Windows Insider community to ensure the experience meets our high standards for quality and security,” Microsoft said in an update.
According to a new Bitdefender survey, 64% of cybersecurity professionals are considering a shift to a new job in the sector within the next 12 months.
The 2024 Cybersecurity Assessment Report also discovered that 57% of respondents experienced a data breach in the last 12 months, mainly in the UK, Germany, and Singapore.
Yesterday, June 11th, Adobe announced that they rolled out security patches for 6 critical vulnerabilities affecting Adobe After Effects, Photoshop, and Illustrator.
According to Adobe, the vulnerabilities could have led to successful arbitrary code execution and/or memory leaks in the current user’s context.
Microsoft announced the launch of its new cybersecurity program to support hospitals in rural America from cyber attacks.
Microsoft’s new security suite and cyber training offering will provide nonprofit pricing and discounts to critical access hospitals and rural emergency hospitals.
The U.S. Government launched a manhunt for the LockBit ransomware mastermind, Dmitry Yuryevich Khoroshev, for a bounty worth $10M.
According to the Justice Department, LockBit is suspected to be behind attacks in almost 120 countries that have extorted nearly $1 billion.
According to a report from Mailtrack, Meta, the IRS, Apple, and Amazon are among the top impersonated American brands.
Mailtrack’s report also outlined the top impersonated non-American brands, such as Japanese au by KDDI, JR East, Aeon, and JCB. It was based on an analysis of more than 1.14 million phishing scam reports listed on PhishTank.
In late April, the Brigadier General of Bandladesh’s NTMC announced that two police officers had been caught selling citizen data on Telegram.
Bangladeshi officials said the data allegedly sold included national identity details of citizens, cell phone call records, and other “classified secret information.”
In a public statement, Alex Haurek, TikTok’s spokesperson, announced the hack on CNN’s TikTok account, among other high-profile accounts.
“We have taken measures to stop this attack and prevent it from happening in the future. We’re working directly with affected account owners to restore access if needed,” he added.
Cox Communications fixed an authorization bypass vulnerability that could have enabled threat actors to abuse backend APIs to reset millions of modems and steal customer data.
Discovered by Sam Curry, the exploit gave a similar set of permissions as the ISP tech support.
The law enforcement agencies behind Operation Endgame are seeking information about Odd, who is allegedly behind the ‘Emotet’ malware.
Initially a banking trojan, the ‘Emotet’ malware evolved into a tool that delivers an array of payloads, including TrickBot, IcedID, QakBot, and others.
The ‘ShinyHunters’ threat actor group posted data from a Ticketmaster data breach, potentially belonging to 560M users, asking for $500K in exchange for the data.
Analysts at Vx-Underground analyzed a sample of the Ticketmaster data and determined that the data was authentic, containing entries dating back to 2011.
A US-led law enforcement sting operation against the global ‘911 S5 botnet’ network was a major success.
The 911 S5 botnet network of millions of compromised Windows computers was used to facilitate cyber-attacks, fraud, and child exploitation, among other illicit activities.
According to a Cado Security report, 34% of organizations lack cloud cybersecurity skills.
The report also discloses that 23% of cloud alerts remain uninvestigated due to various challenges and complexities.
Mandiant revealed that Chinese-linked state-backed hackers rely on operational relay box (ORBs) network proxy meshes to avoid detection for cyber espionage campaigns.
For example, Mandiant pointed out that these advanced persistent threat actors (APTs) used ORBs for the ‘SPACEHOP’ critical vulnerability campaign earlier this year.
SlashNext’s report revealed a 341% increase in malicious phishing links, business email compromise (BEC), Quishing, and attachment-based threats in the past six months.
“The State of Phishing 2024” report also states that malicious email and messaging threats have increased by 856% over the past 12 months, amplified by the emergence of generative AI.
On Monday, May 20th, the Environmental Protection Agency (EPA) issued a warning, urging water utility systems in the US to take action to prevent vulnerabilities.
The EPA says 70% of water systems inspected don’t fully comply with the Safe Drinking Water Act requirements, stating that some have “critical cyber vulnerabilities” such as default passwords that may be easily compromised.
The SonicWall Capture Labs team reported on threat actors developing malicious, fake Android apps to impersonate Google, Instagram, Snapchat, WhatsApp, and X.
When downloaded by victims and once permissions have been granted to use them, illegitimate apps aim to steal sensitive data from Android devices, such as contacts, text messages, call logs, and passwords.
In conclusion, in its investigations on hacking claims, Zscaler found that only an isolated test environment was compromised.
The investigation arrived after a hacker named ‘IntelBroker’ confirmed that he breached Zscaler, offering to sell their data for $20K. The incident investigation is now also being conducted with Europol.
Boeing made a significant disclosure: The LockBit ransomware group targeted the company, which demanded a staggering $200M extortion payment.
Boeing did not pay LockBit a ransom despite 43 GB of company data leaked on the ransomware group’s website in November 2023. Boeing is now in contact with the FBI to mitigate the breach.
Splunk reported that 91% of organizations reported the use of Generative AI for specific cybersecurity usage.
The report “State of Security 2024: The Race to Harness AI” also disclosed that 93% of security leaders said public Gen AI was in use across their respective organizations, among other insightful statistics on Gen AI’s impact on cybersecurity.
LogRhythm announced that 95% of companies reported that they’ve altered their cybersecurity strategies within the last twelve months.
The “2024 State of the Security Team: Navigating Constant Change” report also disclosed that 98% of respondents state that keeping pace with the shifting regulatory landscape is the leading factor in driving changes in security strategy.
As a testament to the UK’s £2.6 billion National Cyber Strategy, the UK Government has proactively launched regulations to safeguard UK consumers and businesses from cyber-attacks.
The updated regulations now mandate that manufacturers of consumer electronics adhere to minimum security standards. Additionally, consumers are prohibited from using easily guessable default passwords, a measure aimed at bolstering their personal cyber security.
Kaspersky reported on their discovery of the cyber campaign labeled “DuneQuixote,” which targets Middle Eastern government agencies through a sophisticated backdoor to spread malware.
The backdoor, “CR4T,” is a C/C++-based memory-only implant that enables threat actors to access consoles for command-line execution. This can lead to uploading and downloading illicit files onto affected systems.
Cisco Talos revealed its findings, showing that select Ukranian government agencies have been infected with the ‘OfflRouter’ malware since 2015.
Cisco Talos researcher, Vanja Svajcer said. “The virus is still active in Ukraine and is causing potentially confidential documents to be uploaded to publicly accessible document repositories.”
According to a survey from Coro, 73% of SME cybersecurity professionals admittedly say that they’ve missed, ignored, or failed to act accordingly on a high-priority security alert.
The survey also found respondents to spend an average of 4 hours and 43 minutes managing their cyber security tools daily, with an average of 11.55 tools in their security stack.
The U.S. Department of Justice (DoJ) announced the arrest of two individuals in Australia for their ties to the “Hive RAT” remote access trojan (RAT).
The two arrested individuals are suspected of being behind the distribution of the RAT, as found on the ‘Hack Forums’ cybercrime forum.
The National Security Agency (NSA) released a Cybersecurity Information Sheet (CSI) focused on the secure deployment of AI systems.
The CSI, entitled “Deploying AI Systems Securely: Best Practices for Deploying Secure and Resilient AI Systems,” covers the guidelines set to avoid the exploitation of malicious activity targeting software of still-developing AI technology.
Stemming from a breach earlier this year only affecting 15k Roku accounts, a second breach sees heavier implications, affecting over half a million of the company’s subscribers.
Roku claims that the hackers did not gain access to any financially sensitive customer information and assures that refunds would be made for unauthorized account purchases. For further security measures, Roku also enables a two-factor authentication for all accounts.
The US Department of Health and Human Services (HHS) reported that they fell victim to a social engineering scam over the phone, imitating HHS’ financial department, convincing them to hand over ID verification details.
The threat actors, aside from imitating HHS’ financial department, pulled the attack off by using local area codes and AI voice-changing technology to disguise themselves. The surrendered information could lead to threat actors bypassing multifactor authentication (MFA) security.
Cyberint released a report that discloses the 22% drop in ransomware cases from Q4 2023 to Q1 2024, or from 1,309 down to 1,048 cases.
The ‘Q1 Ransomware Report’ credits the decrease in ransomware attacks to a major uptick in law enforcement crackdowns on cyber criminal gangs, with notable major actions against LockBit and ALPHV.
Arriving just a month after a paid ransom was demanded following the massive data breach in February 2024, Change Healthcare reported on another potential cyberattack: extortion from the “ransomhub” group.
Initiated by the new “ransomhub” group, with suspected connections to BlackCat, the double-extortion claim has yet to be confirmed by cybersecurity experts.
Highlighting the severity of the University of Winnipeg data breach, Cybersecurity consultant Kathy Knight asserts that the education sector is one of the most vulnerable to cyber attacks, potentially leading to significant data loss and privacy breaches.
“The thing about universities is they’re very big, complex institutions … and they collect a lot of information and data that is very attractive to cyber criminals. So that puts them really, at the top of the list, in terms of attack targets,” she said.
Visa released an alert on the ‘JsOutProx’ remote access trojan (RAT) malware phishing campaign which targets financial institutions and customers.
The JSOutProx malware linked to the ‘Solar Spider’ threat actor delivers a RAT that could steal sensitive data, establish a C2 connection, and extract Outlook information, among others.
According to a report released by the Cloud Security Alliance and Google Cloud, 55% of all organizations plan to use AI to boost security by 2025.
The “State of AI and Security Survey Report,” also found that 67% of organizations already tested and are pleased with AI-backed security capabilities.
Corsica Technologies released a study that revealed mid-market companies invest 285% more in cybersecurity-managed services and sales growth.
The study also revealed that 74% identified legacy software, and 52% found data integration to be a couple of the main challenges faced by midmarket companies.
Google agreed to remove billions of personal records amid the previously announced lawsuit, accusing the tech giant of illegal surveillance.
The personal records belong to approximately 136 million Google Chrome users. To add to the settlement, Google will add more disclosures of the terms for their ‘incognito mode’ feature.
AT&T sent out a mass announcement to its customers, informing them that a dataset containing sensitive data from 7.6M current users and 65.4M former users is for sale on the dark web.
To mitigate the breach, AT&T reset the passcodes of all its current users and will constantly communicate with customers to further protect accounts.
Following the US-led sanctions on Chinese individuals behind the Chinese APT31 group, the Police of Finland formally accused the group of hacking Finland’s parliament in 2020.
The country’s law enforcement confirmed the connections between the breach and the Chinese group, claiming to have identified one specific suspect.
The ‘INC Ransom’ ransomware group publicly threatened to release three terabytes of NHS Scotland sensitive patient and staff data, after publishing a smaller sample size proving the viability of the threat.
NHS Dumfries and Galloway’s efforts to prevent the attack from being repeated are underway in collaboration with Police Scotland and the National Cyber Security Centre (NCSC).
admin