A
New Kind of AI Copy Can Fully Replicate Famous People. The Law Is
Powerless.AI-generated replicas of real experts pose a policy gray
area as regulators struggle to address the issue. The use of this technology
raises privacy concerns and potential risks, especially in China where
government surveillance is pervasive. Policymakers in the US are under pressure
to establish regulations as AI replicas enter mainstream markets. The case of
psychologist Martin Seligman highlights both the benefits and risks of this
technology. (
POLITICO.COM)
Cybersecurity
Guru Mikko Hyppönen's 5 Most Fearsome AI Threats for 2024Mikko
Hyppönen, a renowned cybersecurity expert, has identified the top five AI
threats for 2024. These include deepfakes, deep scams, LLM-enabled malware,
discovery of zero-days, and automated malware. Hyppönen warns that these threats
could have significant implications for privacy, security, and society as a
whole. Additionally, he expresses concerns about the path to achieving
artificial general intelligence (AGI) and emphasizes the need for strong
alignment with human values. (
THENEXTWEB.COM)
Startups
Scramble to Build Immediate AI SecuritySeveral startups are working
on machine learning security operations (MLSecOps) to mitigate AI threats and
enhance data privacy. With the inherent insecurity of AI, these startups focus
on securing foundational models, addressing vulnerabilities, and exploring the
potential of fully homomorphic encryption. While challenges remain, these
innovative approaches offer hope for enhancing AI security. (
DARKREADING.COM)
Hackers
Could Get Help From The New AI ChatbotA new AI-enabled chatbot
called ChatGPT that has impressed the tech community could also be manipulated
by cybercriminals to help perfect their attack strategies. Security researchers
have gotten ChatGPT to write phishing emails and malicious code, speeding up
hackers' process. While OpenAI has some content warnings, researchers easily
avoid penalties. Users still need basic hacking knowledge to tweak ChatGPT's
imperfect responses. But the tool could exacerbate struggles organizations
already face fending off basic attacks using leaked passwords. Network defenders
need to redouble efforts to detect phishing attempts to stop these schemes. (
AXIOS.COM)
Business
Cybersecurity
in the Year Ahead: Think 2023 on SteroidsCompanies can expect
escalating cyberattacks and tighter security regulations in 2024. Ransomware and
supply chain vulnerabilities remain significant threats. Collaboration between
executives is crucial, as cyber adversaries continue their attacks.
Cybersecurity budgets are expected to increase, but sectors like retail and
healthcare allocate smaller portions to cybersecurity. Recovery costs are
highest in healthcare, finance, and pharmaceutical industries. Cyber insurance
costs are stabilizing. Notable nation-state attackers include China, Iran, North
Korea, and Russia. (
WSJ.COM)
Israeli
Startup Funding Plummets 60%, Yet M&A Landscape Thrives With Cybersecurity
FocusDespite a 60% drop in VC fundraising, the Israeli tech market
remains resilient with a strong focus on cybersecurity consolidation. The
'Trends and Forecasts' conference highlighted the flourishing cybersecurity
sector, which commands a 70% share of M&A activities. While startup and VC
fundraising have been significantly impacted, there is cautious optimism for the
upcoming year. (
JPOST.COM)
CIOs
Sharpen Cloud Cost Strategies - Just as Gen AI Spikes LoomCloud
costs remain a top concern for CIOs as they strive to balance expenditures for
core workloads and innovation. While tools and platforms are helping to lower
costs, emerging technologies like generative AI pose new challenges. (
CIO.COM)
Cybersecurity
in the Digital Age: Protecting Our Virtual BordersDiscover
essential strategies for cybersecurity in the digital age. This guide provides
insights into the latest threats, prevention techniques, and recovery methods,
empowering readers with the knowledge to protect their digital assets in an
increasingly connected world. Topics covered include the evolution of cyber
threats, vulnerabilities in modern technology, key cybersecurity strategies, the
role of AI and machine learning, building a culture of cybersecurity, protecting
personal data, recovering from cyber attacks, and staying ahead of threats. (
JPOST.COM)
I
Securely Resolve: CISOs, IT Security Leaders Share 2024
ResolutionsCybersecurity leaders share their New Year's resolutions
for 2024, which include assessing business continuity and incident response
plans, building a strong security culture, preparing for AI-driven attacks, and
ensuring minimal disruption in the event of a security breach. The focus is on
proactive measures, risk management, user-friendly security protocols, and
anticipating emerging threats. (
DARKREADING.COM)
CrowdStrike
Has Multiple Cybersecurity Growth Drivers In Place For
2024CrowdStrike, a leading cybersecurity company, is primed to gain
market share and drive expansion in the coming year. With a strong platform
powered by AI, the company aims to achieve a 28.9% revenue growth in fiscal
2025. CrowdStrike is excelling in its endpoint security market, while also
experiencing significant growth in its cloud security, identity protection, and
next-gen SIEM businesses. The company's partner network is expected to
contribute to its future success. (
FORBES.COM)
Criminal
Justice
Hacker Who Attacked Colombian Government Websites Sentenced
to More Than 3 Years in PrisonAndres Felipe Cardoso Alvarez, alias
Orgon of Anonymous Colombia, has been sentenced to over 3 years in prison for
computer crimes. He illegally accessed multiple websites, including the
Colombian president's office, and must pay a $28,000 fine. Anonymous Colombia
operates without a defined hierarchy. (
FINANCECOLOMBIA.COM)
Law
Enforcement Operations Targeting Cybercrime in 2023Law enforcement
agencies conducted multiple operations targeting cybercrime in 2023, including
infiltrating ransomware gangs, dismantling encrypted communications platforms,
seizing malware infrastructure, and disrupting dark web marketplaces. These
operations resulted in the arrest of thousands of suspects, the seizure of
millions of dollars in illicit funds, and the recovery of stolen cryptocurrency.
The efforts also aimed to dismantle botnets, disrupt ransomware operations, and
combat various cybercrimes such as phishing, fraud, and identity theft. (
BLEEPINGCOMPUTER.COM)
Critical
Infrastructure
States and Congress Grapple with Cybersecurity in the
Wake of Iran's Attacks on Pittsburgh-Area Water
AuthorityPennsylvania senators and Congressman Chris Deluzio call
for a full investigation into the cyberattack on the Municipal Water Authority
of Aliquippa, highlighting the need for improved cybersecurity in water
utilities. Some states have passed legislation to address this issue, while the
U.S. Environmental Protection Agency proposed a rule to audit water systems'
cybersecurity. However, without congressional action, progress remains minimal.
Dragos offers free support and software to detect vulnerabilities and threats
for smaller utilities. (
SHAHANEWS.COM)
Tiny
Water Authority in Pennsylvania Hit by Iranian
CyberattackPennsylvania water authority, Aliquippa, falls victim to
an Iranian cyberattack, highlighting the vulnerability of water utilities. Calls
for increased cybersecurity measures face challenges due to lack of funding and
expertise. Proposed legislation and funding initiatives aim to address the
issue. (
FORTUNE.COM)
Crypto
& Blockchain
Orbit Chain's Bridge Hacked for $81.5 Million in a
Major Security BreachOrbit Bridge, a cross-chain bridge protocol,
experienced a significant hack resulting in the outflow of $81.5 million across
various cryptocurrencies. The breach involved five transactions directed to
distinct wallets, including stablecoins, wrapped Bitcoin, and Ethereum. The
attacker likely compromised multi-signature signers and initiated the attack
with funds from TornadoCash. Investigations are underway, and Orbit Bridge has
initiated a compensation distribution process for affected users. The incident
raises concerns about the security of cross-chain protocols and their
interconnected ecosystems. (
CRYPTO-NEWS-FLASH.COM)
Orbit
Chain Loses $81M in Cross-Chain Bridge HackOrbit Chain, a
blockchain platform, has suffered an $81 million hack through its cross-chain
bridge. The hacker used the privacy protocol Tornado Cash to fund a wallet
before attacking Orbit Chain's ETH vault. The stolen funds, currently totaling
around $82 million, remain untouched. The incident caused a drop in the
platform's total value locked and a decline in the value of its native token.
This hack is reminiscent of previous attacks carried out by the Lazarus Group, a
North Korean hacking group. (
COINDESK.COM)
Cyber
Hygiene
16 Ways to Secure Your Apple ID on Your
iPhoneApple IDs serve as the gateway to Apple services and devices,
so it's vital to protect them. Steps you can take include using strong
passwords, keeping information updated, avoiding sharing passwords or
verification codes, enabling two-factor authentication, setting a recovery key,
adding security keys, using Family Sharing instead of account sharing,
designating recovery contacts, and carefully selling old devices. You should
also watch for phishing attempts, report suspicious activity to Apple, and
leverage reputable password managers. Taking multiple precautions makes it much
harder for scammers to gain access. (
TECHPP.COM)
Cyberattacks
Sensitive
Court Recordings Hacked: Victoria’s Judicial System Under Cyber
ThreatAustralia's Court Services Victoria (CSV) warns of a
ransomware attack by Qilin that exposed video recordings of court hearings. The
breach, discovered on December 21, 2023, compromised audio-visual archives from
November 1 to December 21. CSV is restructuring the system, while court
operations remain unaffected. Qilin ransomware gang suspected. (
WORDPRESS.COM)
Cyber-Hackers
Target UK Nuclear Waste Company RWMHackers attempted to breach
Radioactive Waste Management (RWM), the company behind the £50bn Geological
Disposal Facility project in the UK, using LinkedIn. RWM reported instances of
potential exploitation but stated that the cyber incidents had no material
effect. Social media sites are commonly used for social engineering and
gathering sensitive information. (
THEGUARDIAN.COM)
Cross-chain
Orbit Bridge Reportedly Suffers $82M ExploitHackers appear to have
exploited vulnerabilities in Orbit Chain's Orbit Bridge, a cross-chain bridging
service, stealing $81.7 million worth of cryptocurrency. The stolen funds
include $30 million in USDT, $10 million in USDC, $21.7 million in ETH, $9.8
million in WBTC, and $10 million in DAI. The method of exploit is still unknown.
Orbit Chain links the Klaytn blockchain network and focuses on asset transfers
between Klaytn and EVM-compatible networks. The breach shows the risks
associated with bridges and wrapped assets. (
COINTELEGRAPH.COM)
Hackers
Access Victorian Court Recordings DatabaseCourt Services Victoria
reports its audio-visual network was compromised on November 1st, allowing
hackers to access several weeks of court hearing recordings. The breach impacts
the supreme, county, magistrates, coroner's, and children's courts. Witnesses
and participants are being notified. CSV has isolated the network, but the
incident raises concerns over strengthening court technology protections. (
THEGUARDIAN.COM)
Hackers
Hit Australian State's Court Recording DatabaseHackers targeted the
court recordings database in Australia's Victoria state, causing disruptions to
the audio-visual technology network used in court. The breach may have resulted
in the theft of recordings from court hearings between November 1 and December
21, 2023. The affected network has been isolated and disabled, and court
officials are working with cyber security experts. This incident follows a
series of cyber attacks on critical infrastructure and businesses in Australia.
(
REUTERS.COM)
FCC
Proposes $200M Cyber Program for Schools, LibrariesThe Federal
Communications Commission is considering a pilot program to provide
cybersecurity services for K-12 schools and libraries, aiming to protect them
from cyberattacks. The program would allocate up to $200 million and gather
information on its effectiveness. (
STATESCOOP.COM)
CyberWarfare
Israel
Battles Spike in Wartime Hacktivist, OT CyberattacksDuring the 2023
war in Gaza, Israel experienced a surge in cyberattacks, with hacktivists on
both sides launching attacks. The mobilization of reservists from the
cybersecurity industry impacted businesses. Israel's operational technology and
critical infrastructure were targeted, highlighting the need for improved OT
security. Collaboration with the UAE and acquisitions bolstered Israel's
cybersecurity industry. (
DARKREADING.COM)
Mysterious
Hacker Strikes Iran with Major CyberattacksA hacker named "irleaks"
targets Iranian insurance companies, selling over 160 million records. They also
claim to have hacked SnappFood, stealing 3 terabytes of data, including user
information and credit card details. The attacks raise suspicions of
state-sponsored involvement. Hudson Rock researchers are investigating the
breaches. (
INFOSTEALERS.COM)
Cyber
Toufan Goes Oprah Mode, With Free Linux System Wipes of Over 100
OrganisationsSince October 2022, hacktivist group Cyber Toufan has
breached over 100 Israeli organizations, wiping systems and dumping data.
Targets include private companies, government entities, and security firms. Over
a third of victims remain offline weeks later, unable to recover. (
DOUBLEPULSAR.COM)
Air
Travel Is Not Ready for Electronic WarfareMilitaries spoofing GPS
signals could inadvertently endanger civilian planes. Airliners in the Middle
East already face system failures. Legacy avionics vulnerabilities raise
concerns hackers could tamper with navigation undetected. Addressing complex
aviation cybersecurity issues is difficult but urgent as electronic warfare
proliferates. (
NYMAG.COM)
Massive
Missile Strike Disrupts Kyiv's Internet and Power SupplyRussian
missiles hit Kyiv, causing significant disruption to internet and power. The
attack damaged buildings and infrastructure, leaving thousands without
electricity. This is not the first time Russia has targeted Ukraine's critical
infrastructure, highlighting the challenges the country faces in defending
against such attacks. (
THERECORD.MEDIA)
Elections
'Perilous
and Chaotic': Why Officials Are Nervy Before a Likely UK Election in
2024The next UK general election has the potential to be one of the
most perilous and chaotic in the country's history. Factors contributing to this
include the requirement for voters to show photo ID, concerns about a shortage
of electoral officials, and worries about cyber threats and disinformation. (
THEGUARDIAN.COM)
Arizona
Creates Own Deep-Fake Election Hoaxes to Prepare for 2024Arizona is
conducting tests using AI to prepare for potential scams and conspiracy theories
in the upcoming presidential election. The state's exercise highlights concerns
about the rise of generative artificial intelligence, which criminals and
adversaries can use for scams. The use of AI in deep fakes makes it harder to
verify information, posing risks for election officials. There is a push in
Congress to establish safeguards for AI technology before the 2024 election. (
POLITICO.COM)
Entertainment
GTA
6 Leaks Hacked Using Hotel TV and Amazon Fire StickA British
teenager, Arion Kurtaj, hacked into Rockstar Games' systems using a hotel TV and
an Amazon Fire Stick, obtaining 90 unreleased clips of Grand Theft Auto 6.
Kurtaj, a member of the online gang Lapsus$, was sentenced to indefinite
detention for his involvement in the hacking and subsequent blackmail. He had a
history of cybercrimes, including attacks on BT, EE, and Nvidia. The case
highlights the dangers of online crime and the need for increased cybersecurity
measures. In response to the breach, Rockstar Games released the GTA 6 trailer
ahead of schedule, which quickly gained over 100 million views on YouTube. (
READWRITE.COM)
Financial
First
American Financial: Data Stolen and Encrypted in CyberattackFirst
American Financial confirms that threat actors accessed and stole non-production
data in a recent cyberattack, encrypting it in the process. The incident is
contained, but the company is still assessing the potential impact on its
financial condition. This raises concerns about risk mitigation and security in
the title insurance industry, following a $1 million settlement over a 2019 data
breach. Fidelity National Financial, the largest title insurance firm, was also
recently hit by a suspected ransomware attack. (
CYBERSECURITYDIVE.COM)
Geopolitical
Beijing
Is on a Wartime FootingChina's defense industrial growth,
particularly in its navy, poses a significant threat to U.S. national security.
The U.S. defense industrial base is ill-prepared to meet the military's needs,
leading to a shortfall in munitions and supply chain challenges. Rebuilding the
defense industry and establishing a national-level body for strategic guidance
is crucial. Increased funding, incentives, and long-term contracts are needed to
modernize and expand production capacity. (
WSJ.COM)
Iran
Sends Warship to Red Sea After US Sinks Houthi BoatsIran has
dispatched a warship to the Red Sea following the US Navy's destruction of three
Houthi boats, further escalating tensions in the region. This move poses a
challenge to the US-led maritime task force established to counter Houthi
attacks on ships. Iran's show of force aligns with its agenda of projecting
power and driving the US out of the region. (
BLOOMBERG.COM)
Government
Hackers
Breach Australian Court Hearing DatabaseThe court system in
Victoria, Australia, experienced a ransomware attack, potentially exposing
sensitive recordings of court hearings. The attack disrupted the audio-visual
technology network, impacting video recordings, audio recordings, and
transcription services. The hackers may have accessed recordings between
November 1 and December 21, but no other court records were compromised. The
attack was likely carried out by the Qilin ransomware group, known for targeting
critical sector companies. This incident adds to a series of major cyberattacks
in Australia in recent months. (
THERECORD.MEDIA)
The
State of State Technology Policy: 2023 ReportStates shape US
technology policy in 2023, passing laws on online child safety, AI, privacy, and
antitrust. Predictions for 2024 include more AI laws, comprehensive privacy
legislation, pending content moderation laws, limited antitrust changes,
continued child safety focus, and ongoing litigation impact. (
UNC.EDU)
Kansas
Court Systems Slowly Reaching Finish Line for Complete Restoration after
CyberattackKansas courts are nearing the end of their recovery
process following a cyberattack in October. The Kansas District Court Public
Access Portal, which allows online case searches, is now fully operational,
although there may be some delays in updating information filed on paper. Other
restored features include online payment of fines and fees. The restoration
marks a significant milestone in the state's recovery plan. (
KSN.COM)
Meet
Joe Biden's Favorite HackerJeff Moss serves as a bridge between the
government and the hacker community, a link that has never been more important.
Moss has become one of the government's most trusted cybersecurity advisers,
with the ear of President Biden's top cyber aides. He tries to help the
government harness hackers' talents to better defend against attacks, overcoming
decades of distrust. As threats have grown, both sides realized they should talk
more. Moss sees hackers' policy engagement as an unalloyed good, though he warns
they should tread carefully. (
THEMESSENGER.COM)
International
Cyber
Attack on Victoria's Court System May Have Exposed Recordings of Sensitive
CasesVictoria's court system in Australia has suffered a ransomware
attack, possibly orchestrated by Russian hackers. Recordings of sensitive court
cases, including witness testimony, may have been accessed or stolen. Court
Services Victoria is working to notify affected individuals. The attack
primarily targeted the County Court and the Supreme Court. (
NET.AU)
Swedish
Supermarket Chain Coop Responds to CyberattackCoop, one of Sweden's
largest supermarket chains, is dealing with a cyberattack affecting stores in
Värmland County. The ransomware gang Cactus claimed responsibility for the
attack, and Coop Värmland was the specific target. This is not Coop's first
encounter with ransomware, as it was also affected by the Kaseya attack in 2021.
The Cactus gang is known for exploiting vulnerabilities in VPN appliances and
has been targeting industrial organizations. The extent of the stolen data and
ransom amount is currently unknown. (
THERECORD.MEDIA)
Cyber
Hackers Break into Victorian Court RecordingsHackers have breached
Victoria's court system, gaining access to weeks of recorded hearings. The cyber
attack on the audiovisual technology network was discovered on December 21, but
it is believed to have occurred on November 1. Video and audio recordings from
Supreme, County, Magistrates, and Coroners courts were compromised, along with a
recording from the Children's Court. However, no data other than the recordings
was accessed. The affected network has been isolated, and efforts are underway
to strengthen security across the court and tribunal-wide technology system. (
COM.AU)
Expert
Opinion: Bringing Down Putin’s House of CardsIn this expert opinion
piece, Suzanne Kelly highlights the disruptive and aggressive actions of Russian
President Vladimir Putin and his regime. From military aggression and threats to
the use of cyber capabilities for economic disruption and election interference,
Putin's regime is seen as a major source of disharmony in the world. The author
also mentions Putin's support for corrupt regimes, supply of weapons used in
civilian aircraft shootings, and allegations of war crimes. The Cipher Brief is
recognized as a popular outlet for former intelligence officers. (
THECIPHERBRIEF.COM)
Finnish
Intelligence Reorganizes to Boost Information GatheringThe Finnish
Security Intelligence Service (Supo) has undergone a reorganization to
strengthen its information gathering capabilities. This comes after Supo warned
that Finland was being treated as a "hostile country" by Russia and amidst an
ongoing investigation into a suspected act of maritime sabotage. The
reorganization involves reducing the number of departments and appointing new
heads for each department. The previous chief of Supo has departed, and the
agency's deputy director is currently serving as the acting director. Supo is
responsible for both foreign and domestic intelligence. (
THERECORD.MEDIA)
Privacy
Theft
of Vancouver Rape Crisis Centre Server Containing Sensitive Data Raises Privacy
ConcernsA server containing sensitive personal information and
banking details was stolen from the Salal Sexual Violence Support Centre.
Cybersecurity experts warn of significant risks and emphasize the need for
stronger data security measures. Victims are advised to change passwords,
monitor accounts, and file complaints with the privacy commissioner. (
CBC.CA)
Ransomware
How
Ransomware Could Cripple Countries, Not Just CompaniesExperts
predict 2023 will be the worst year ever for ransomware attacks. These attacks
are sapping prosperity and pose a national security threat as they spread to
critical infrastructure globally. The ransomware business is shifting to smaller
groups that buy services rather than develop their own tools, making attacks
cheaper and faster. Though Western countries are striking back, the overall
impact has been limited even as AI makes attacks more sophisticated. (
ECONOMIST.COM)
Man
Says Fraudulent Accounts Opened, Home Purchased in His Name After City
Ransomware HackA victim of the Oakland ransomware attack reveals
that multiple accounts were opened in his name, including the fraudulent
purchase of a house. The city failed to notify victims of the leaked personal
information, causing financial and identity theft issues. Concerns about the
city's cyber insurance and overall management arise. (
ABC7.COM)
After
Ransomware Claims, Xerox Says Subsidiary Hit with CyberattackXerox
confirms that its subsidiary, XBS, suffered a cyberattack, possibly involving
personal data theft. The ransomware gang INC claimed responsibility. Xerox is
investigating the incident and working to secure the affected IT environment.
Limited personal information may have been compromised. (
THERECORD.MEDIA)
Xerox
Says Subsidiary XBS U.S. Breached After Ransomware Gang Leaks
DataXerox Business Solutions (XBS) in the U.S. has been compromised
by hackers, with a limited amount of personal information potentially exposed.
The INC Ransom ransomware gang claims to have stolen sensitive data and
confidential documents. Xerox is working with cybersecurity experts to
investigate the incident and secure its IT environment. Limited personal
information, including email communications, payment details, and invoices, was
exposed. The extent of the breach and the number of affected individuals are
currently unknown. Xerox had previously suffered a ransomware attack in 2020.
(
BLEEPINGCOMPUTER.COM)
Regulatory
DOJ,
FBI, and SEC Provide Guidance for Delay Requests Relating to Disclosure of
Cybersecurity Incidents Under Form 8-KThe DOJ, FBI, and SEC have
issued guidelines for companies seeking delays in disclosing cybersecurity
incidents under Form 8-K. Companies must assess if public disclosure poses risks
to national security or public safety and contact the FBI for evaluation. The
SEC has also provided interpretations on disclosure delays. (
NATLAWREVIEW.COM)
Supply
Chain
Nvidia’s China Customers to Get Hobbled Version of Gaming
ChipNvidia is selling a less-capable version of its GTX 4090 D
graphics chip in China due to tightened US government restrictions. The China
model has 10% fewer processing cores and will comply with US export controls.
The move follows the US government's aim to limit China's access to specialized
chips to slow down its AI capabilities. Nvidia has engaged with the US
government while developing the product and plans to release it in January. (
BLOOMBERG.COM)
US
Pressured Netherlands to Block China-Bound Chip MachineryASML, a
Dutch manufacturer of high-end chipmaking equipment, canceled shipments of its
machines to China at the request of the Biden administration. The US is cracking
down on Beijing's semiconductor industry, and the move is part of an effort to
restrict China's access to imported technology. ASML had licenses to ship the
machines to Chinese firms until new Dutch restrictions take effect. The US
pressure on ASML started in 2019, and the Dutch government tightened export
controls on China last year. (
BLOOMBERG.COM)
Technology
& Defense
Operation Triangulation: The Last (Hardware)
MysteryLarin summarizes the results of research into Operation
Triangulation, an attack targeting iPhones. The key finding is the discovery of
an undisclosed hardware feature that allows bypassing memory protections.
Through reverse engineering, Larin determined the feature likely belongs to the
GPU coprocessor and seems intended for debugging/testing. It is unknown how
attackers learned of this obscure feature not used by Apple firmware. Larin
concludes that while impressive, hardware security relying on obscurity rather
than fundamental protections remains vulnerable. (
SECURELIST.COM)
Apple’s
Highly Secure iPhone Lockdown Mode Is Surprisingly UsableApple's
Lockdown Mode, designed to offer extreme protection to users facing targeted
cyberattacks, has been found to be "surprisingly tolerable" during testing.
Enabling Lockdown Mode requires a PIN or biometric authentication, followed by a
reboot. While it restricts certain features like sharing links and using
HomeKit, it allows users to continue functioning normally with some minor
inconveniences. Lockdown Mode aims to make it harder for spyware vendors to
exploit vulnerabilities in iOS and macOS. (
MACDAILYNEWS.COM)
New
Malware Techniques Detected and Shared as Timely Threat
IntelligenceUnit 42 summarizes new malware and cybercrime groups
observed from October to December 2023, shared via social media for timely
threat intelligence. Highlights include innovative exploitation methods for
DarkGate, IcedID delivery by TA577, and first public reporting on JinxLoader. By
quickly disseminating IOCs, TTPs and screenshots, defenders can customize
protections against emerging threats. Trends spotted across multiple posts help
inform more holistic security strategies. (
PALOALTONETWORKS.COM)
Hide
and Seek in Windows' Closet: Unmasking the WinSxS Hijacking
HideoutInvestigation uncovers an innovative DLL search order
hijacking technique that exploits executables in Windows’ trusted WinSxS folder
to run malicious code with minimal detection risk. The method works on Windows
10 and 11, needs no privileges or extra files, and enhances stealth by operating
within legitimate applications. Defenders should analyze processes and binary
behaviors for customized detection. (
SECURITYJOES.COM)
US-China
Chip War Leads to Restrictions on ASML ExportsThe Dutch government
has ordered ASML, the world's leading chipmaking equipment manufacturer, to
limit shipments of two lithography systems to China. This comes as part of the
ongoing chip war between the US and China, with the US implementing export
measures to hinder China's high-end chip production ambitions. The Netherlands'
restrictions may impact relations with China and further escalate the chip war,
although experts argue that no country has a chance for semiconductor
independence. (
THENEXTWEB.COM)
macOS
Malware 2023 | A Deep Dive into Emerging Trends and Evolving
TechniquesThis article explores the evolving landscape of macOS
malware in 2023, highlighting trends such as infostealers prioritizing one-time
execution over persistence, targeted social engineering techniques, the use of
public offensive security tools, abuse of built-in tools, and multi-stage,
modular malware campaigns. It emphasizes the need for organizations to enhance
their security measures beyond Apple's built-in protections. (
SENTINELONE.COM)
Vulnerabilities
& Exploits
Google Password Resets Not Enough to Stop
Info-Stealing Malware StrainsSecurity researchers have discovered
that info-stealing malware can still access compromised Google accounts even
after the passwords have been changed. This is due to a zero-day exploit in
Google's account security that allows cybercriminals to log back into a victim's
account and generate new session tokens. The exploit revolves around stealing
session tokens and can be used by malware to hijack accounts, even if the
password has been reset. The exploit has been implemented by several malware
families, and the root of the vulnerability lies in the undocumented Google
OAuth endpoint "MultiLogin." (
THEREGISTER.COM)
Dangerous
New Malware Uses Cookies to Break into Google AccountsA cookie
vulnerability has been discovered that puts Google accounts at risk, even if
passwords are changed. Hackers can exploit session cookies used for user
authentication, bypassing passwords and gaining unauthorized access to accounts.
At least six malware groups are actively selling this exploit, making it
imperative for users to be cautious and consider changing their passwords if
they notice any abnormal activity on their accounts. Google is working on fixing
the issue, but there is no immediate way to know if one has been compromised in
such an attack. (
ANDROIDPOLICE.COM)
'Operation
Triangulation' Spyware Attackers Bypass iPhone Memory
ProtectionsThe "Operation Triangulation" APT campaign exploits
undocumented functions in Apple chips to evade hardware-based memory
protections, targeting iPhones through the iMessage app with zero-click attacks.
The sophisticated campaign leverages multiple vulnerabilities and poses a
persistent risk to user privacy and security. Experts recommend regular OS
updates, patching vulnerabilities, and implementing endpoint detection and
response solutions for protection. (
DARKREADING.COM)
Orbit
Chain Loses $86 Million in the Last Fintech Hack of 2023Orbit
Chain, a blockchain platform, suffered a security breach resulting in the loss
of $86 million in cryptocurrency. The unauthorized transactions occurred on
December 31, 2023, and the attackers remain unidentified but show signs of being
sophisticated state-sponsored hackers possibly from North Korea. Orbit Chain is
collaborating with Korean authorities to investigate the incident. Scammers are
also using verified accounts on X to promote phishing sites for wallet draining
scams. (
BLEEPINGCOMPUTER.COM)
"Triangulation"
iPhone Spyware Used Apple Hardware Exploits Unknown to Almost
EveryoneKaspersky's report reveals details of the sophisticated
"Triangulation" spyware, exploiting undisclosed Apple hardware features. It uses
zero-click attacks, leaking microphone recordings and location data. The mystery
surrounding its development raises questions of collaboration between Apple, the
NSA, and spyware planting. Apple denies the allegations, suggesting skilled
hackers discovered the hidden functions independently. (
TECHSPOT.COM)
Missing
Chinese Student Was Victim of 'Cyber Kidnapping' Scam, Utah Police
SayA 17-year-old Chinese exchange student who went missing in Utah
was found unharmed, but appeared to be a victim of a "cyber kidnapping" scheme.
The scammers put the student under duress and convinced his family that he was
being held for ransom, prompting them to transfer $80,000 in ransom to bank
accounts in China. The crime involved tricking the family into believing that
the student had been abducted and coercing them into paying a ransom, even
though he had not actually been taken. (
WASHINGTONPOST.COM)
Compromising
Google Accounts: Malwares Exploiting Undocumented OAuth2 Functionality for
Session HijackingA critical exploit has been uncovered that allows
the generation of persistent Google cookies through token manipulation,
providing continuous access to Google services even after a password reset. The
exploit has rapidly spread among various malware groups, posing significant
cybersecurity implications. (
CLOUDSEK.COM)
Workforce
Orbit
Chain Loses $81M in Cross-Chain Bridge HackCryptocurrency platform
Orbit Chain was exploited for $81 million after a hacker used privacy protocol
Tornado Cash to attack the project's Ethereum vault. Over 26,700 ETH and $18
million in stablecoins were drained but remain unmoved. The hack caused Orbit
Chain's total value locked to drop from $152 million to $71 million. Crypto
scams and hacks persisted in 2023 though at lower levels, highlighting lingering
security issues. (
TEAMRORA.COM)
This
Is Why 2024 Will Be a Good Year for Social WorkersSocial workers
and cyber security managers will be among the most in-demand and highest paid
roles in 2024, predicts recruitment firm Hays. With nearly 1 million job
vacancies despite economic woes, Hays CEO Simon Winfield says ample
opportunities exist for career changers to highlight transferable skills. (
CO.UK)
Essential
Skills for Today’s Threat AnalystsThreat analysts in 2024 need
technical skills like programming and AI, as well as soft skills like attention
to detail and teamwork. The role is expanding to include cloud security and ML
tools, but human oversight is still crucial. Continuous learning, ethics, and
diverse hiring are important for success in threat hunting. (
CSOONLINE.COM)
No comments:
Post a Comment