The Cybernews research team discovered a record-breaking breach of over 16 billion passwords worldwide, including Facebook, Google, and Apple credentials. Cybernews states that this is new data and not merely recycled from older breaches, and the data most likely comes from a wide variety of infostealers.
‘Smishing’ – cybercrime involving sending deceptive SMS text messages – has just been taken to a new and dangerous level by China’s crime syndicates. Cybersecurity company, Resecurity, has discovered a devastating new smishing kit known as “Panda Shop,” which comes complete with interactive manuals on how to use it.
Deepfake videos of TV news presenters are being used to dupe gullible viewers into logging onto illegal gambling sites where malware is then downloaded onto their devices. News anchors on Sky and other channels appear to be quoting Apple CEO Tim Cook recommending an app where users can easily get rich by winning vast sums of money. The news reports have been identified as deepfake videos. It has been further revealed that thousands of similar videos of deepfakes of journalists have been circulated in the US and the UK.
Apple computer users are suffering a growing number of ‘infostealer’ attacks across multiple regions and industries. These are a form of malicious software created to breach computer systems in order to steal sensitive information.
The Palo Alto Networks Unit42 research group has detected a 101 percent increase in macOS infostealers in the last two quarters of 2024. The researchers identified three particularly prevalent macOS infostealers: Poseidon, Atomic, and Cthulhu.
The developers of Atomic Stealer sell it as malware as a service (MaaS) in hacker forums and on Telegram. The Atomic Stealer operators usually distribute their malware via malvertising – the use of online advertising to spread malware. This typically involves injecting malicious or malware-laden advertisements into legitimate online advertising networks and webpages. It is capable of stealing notes and documents, browser data such as passwords, and cookies, cryptocurrency wallets, and instant messaging data. Atomic Stealer, also known as AMOS was first discovered in April 2023.
CERT-UA warns of attackers impersonating the agency via fake AnyDesk requests for “security audits.” Remote access should only occur with prior approval through official channels to mitigate these risks.
Amid ongoing cyberattacks linked to the Russo-Ukrainian war, over 1,042 incidents were detected in 2024, including espionage and malware campaigns by groups like Gamaredon and Sticky Werewolf. Pro-Russian and pro-Ukrainian actors continue targeting each other with phishing and credential theft efforts.
Bereft of fresh ideas or new products, Apple’s main offering at its long-awaited annual Worldwide Developer’s Conference in Cupertino, California, is a cobbled-together artificial intelligence (AI) offering.
While AI may be Silicon Valley’s latest buzzword and marketing tool, “Apple Intelligence,” as Apple AI is branded, is already attracting heavy criticism – even from other tech giants. By pairing Microsoft-backed OpenAI’s ChatGPT with Apple’s voice-activated assistant, Siri, Apple hopes to make AI mainstream. But its critics say that all Apple has done is create a cybersecurity nightmare for corporations while sounding a death knell for the personal privacy of Apple users.
“It’s patently absurd that Apple isn’t smart enough to make their own AI, yet is somehow capable of ensuring that OpenAI will protect your security & privacy!… Apple has no clue what’s actually going on once they hand your data over to OpenAI. They’re selling you down the river,” says Elon Musk, Tesla and SpaceX founder and the owner of X Corp, formerly Twitter.
According to a report from Mailtrack, Meta, the IRS, Apple, and Amazon are among the top impersonated American brands.
Mailtrack’s report also outlined the top impersonated non-American brands, such as Japanese au by KDDI, JR East, Aeon, and JCB. It was based on an analysis of more than 1.14 million phishing scam reports listed on PhishTank.
In conclusion, in its investigations on hacking claims, Zscaler found that only an isolated test environment was compromised.
The investigation arrived after a hacker named ‘IntelBroker’ confirmed that he breached Zscaler, offering to sell their data for $20K. The incident investigation is now also being conducted with Europol.
Boeing made a significant disclosure: The LockBit ransomware group targeted the company, which demanded a staggering $200M extortion payment.
Boeing did not pay LockBit a ransom despite 43 GB of company data leaked on the ransomware group’s website in November 2023. Boeing is now in contact with the FBI to mitigate the breach.
Apple has joined Google and Microsoft in launching its own generative artificial intelligence (AI) offering, OpenELM. Apple claims that OpenELM, “a state-of-the-art open language model,” will offer users more accurate and less misleading results than its widely criticized competitors.
“OpenELM uses a layer-wise scaling strategy to efficiently allocate parameters within each layer of the transformer model, leading to enhanced accuracy,” says Apple.
Apple claims that OpenELM exhibits a 2.36 percent improvement in accuracy compared to its initial predecessor OLMo, while requiring half as many pre-training tokens. So far, Apple has delayed offering modern AI capabilities on its devices, but it is expected that the next version of its operating systems will need to include some unique AI features. The launch of iOS 18 is scheduled for June 10.
AT&T sent out a mass announcement to its customers, informing them that a dataset containing sensitive data from 7.6M current users and 65.4M former users is for sale on the dark web.
To mitigate the breach, AT&T reset the passcodes of all its current users and will constantly communicate with customers to further protect accounts.
Following the US-led sanctions on Chinese individuals behind the Chinese APT31 group, the Police of Finland formally accused the group of hacking Finland’s parliament in 2020.
The country’s law enforcement confirmed the connections between the breach and the Chinese group, claiming to have identified one specific suspect.
These are troubled times for Silicon Valley tech giant, Apple. Hard on the heels of the US Justice Department suing Apple for monopolizing the smartphone market comes news of a major security flaw in Apple M-series chips (M1, M2, and M3).
The US Justice Department appears determined to call time on Apple’s long-standing domination of the smartphone market. It holds that “Apple’s broad-based, exclusionary conduct” makes it harder for Americans to switch smartphones. Apple also stands accused of undermining innovation for apps, products, and services, and imposing extraordinary costs on developers, businesses, as well as on consumers.
The United Nations has drafted a resolution aimed at bringing the rest of the world in line with existing US artificial intelligence (AI) security guidelines. These follow those already developed by the US Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC).
Both emphasize the importance of “secure-by-design” and “secure-by-default” principles for AI systems. The UN Assembly called on all Member States and stakeholders “to refrain from or cease the use of artificial intelligence systems that are impossible to operate in compliance with international human rights law.” The Assembly added that the same rights that people have offline must also be protected online throughout the life cycle of artificial intelligence systems.
Silicon Valley has a new problem – a generation that is turning off its digital lifestyle and ditching its smartphones. Gen Z, young people born between 1997 and 2012, have given Silicon Valley’s meticulously planned digital future for humanity a firm thumbs down.
Fifty percent of Gen Z’ers are interested in taking a break from their smartphones, while only 20 percent of Boomers, people born from 1946 to 1964, want a break, according to a survey from web-hosting company Squarespace. Last year, smartphone sales shipments dipped by around 70 million units, hitting the lowest shipment level in a decade, driven by falling sales in North America and China. At the same time, the new generation is buying old-school flip phones, nicknamed ‘dumbphones’, in preference to the latest Apple smartphones.
According to market researcher Counterpoint Research: “Feature phones in the US market have made a resurgence as Gen Z and millennials are advocating for digital detoxes due to the mental health concerns brought on by smartphones and social media…Given the relatively cheap price point of feature phones ($20-$50 with a prepaid carrier and $50-$100 unlocked), more people are trying out these devices and sharing their experiences on social media.”.
On an analysis published by Trellix security researcher Gurumoorthi Ramanathan, the “NS-STEALER” malware distributed via a hidden ZIP file could lead to captured data automatically displayed on the Discord bot channel “EventListener”.
The hidden malware “NS-STEALER” when deployed onto a user’s system, can automatically collect screenshots, cookies, credentials, autofill data, and system information from web browsers.
The Securities and Exchange Commission (SEC) confirmed through a spokesperson and social media announcements that the agency’s X (formerly Twitter) account was compromised to promote Bitcoin ETFs.
Bitcoin’s value spiked to nearly $48k as a result of the false Tweet, despite being taken down just 30 minutes after being published.
A joint advisory by the Federal Bureau of Investigation (FBI), the Environmental Protection Agency, and the Cybersecurity Infrastructure and Security Agency (CISA) announced the Iranian-based threat actor group “Cyber Av3ngers” compromised over 200 internet-connected devices in the US.
Suspected to be anti-Israeli by motive, the “Cyber Av3ngers” group was behind the Pennsylvania Water Authority hacks, disrupting an industrial control device that was made in Israel.
Editorial Team
