closeup of hands on laptop keyboard

4 ways that ChatGPT is a clear and present threat to cybersecurity

Organizations that have not yet factored generative AI technologies into their cyber risk matrix might want to do so quickly. Security concerns related to the use of ChatGPT have exploded since Microsoft-backed OpenAI released the AI chatbot in November 2022. ChatGPT  set a record of sorts for the fastest adoption of a new technology soon […]

Read More
Enterprise Malware

Chinese APT actor targeting unpatched SonicWall devices in credential stealing campaign

New attacks are similar to those that other China-backed actors have carried out in recent years as part of cyber espionage and data theft campaigns against US companies. A likely China-based threat actor is targeting unpatched SonicWall Secure Mobile Access 100 Series (SMA100) devices with highly persistent malware for stealing user credentials and providing the […]

Read More
Breaches Vulnerabilities

APT37 using South Korea stampede themed lure to exploit new IE zero-day flaw

Microsoft patched flaw after Google TAG researchers reported it to the company in October. Microsoft has patched a zero-day vulnerability in Internet Explorer’s Jscript engine after researchers from Google’s Threat Analysis Group (TAG) informed the company about seeing North Korea’s APT37 group using it in attacks against South Korean targets. The zero-day flaw (CVE-2022-41128) stems […]

Read More

Destructive “CryWiper” disk-wiping malware is on the loose

Tool masquerades as ransomware but overwrites and destroys data making it unrecoverable, Kaspersky warns Security researchers at Kaspersky have spotted a new disk wiping malware tool dubbed CryWiper landing on target systems, disguised as ransomware. So far, researchers at the security vendor have only observed the operator of the malware deploy CryWiper in “pinpoint attacks” […]

Read More
Breaches Supply Chain

August intrusion into LastPass development environment results in 2nd breach

Password management company says a threat actor used information from previous breach to access customer information. When a threat actor manages to gain access to an organization’s software development environment, bad things can happen. The latest to learn that lesson the hard way is password management vendor LastPass which in August 2022 experienced an incident […]

Read More
Breaches Supply Chain Vulnerabilities

Magecart actors ramp up exploit attempts against Magento/Adobe Commerce vulnerability

Sansec says it has observed more probes in November against the now-patched zero-day flaw (CVE-2022-24086) than the rest of the year combined. Seven threat groups affiliated with the Magecart cybercrime syndicate have begun heavily targeting a critical, arbitrary code execution vulnerability in the Magento 2 and Adobe Commerce platform that powers tens of thousands of […]

Read More
Breaches Enterprise Vulnerabilities

7 vulnerabilities that federal agencies MUST address by Nov 29

Four of the vulnerabilities are Windows zero-day bugs that Microsoft disclosed in its November security update; three affect Samsung mobile devices. The US Cybersecurity and Infrastructure Security Agency’s (CISA) Binding Operational Directive 22-01 issued in Nov. 2021 requires all federal civilian executive branch agencies to address software bugs that are listed in CISA’s Known Exploited […]

Read More
Breaches Emerging Threats Malware

Australian Federal Police say Russian threat actor behind Medibank breach

“We will be holding talks with Russian law enforcement about these individuals,” AFP Commissioner says [300 words]. What: The Australian Federal Police (AFP) has identified the threat actor behind the catastrophic attack on health-insurer Medibank as being a Russia-based group. In a statement Friday, AFP Commissioner Reece Kershaw said that investigators had managed to trace […]

Read More
Breaches Enterprise Malware

Russia’s Iridium group deploying new ransomware payload

Prestige ransomware marks dangerous shift in strategy for threat actor Microsoft says [299 words]. What: Security researchers at Microsoft have spotted Russia-based threat group Iridium dropping a new ransomware payload dubbed “Prestige” on systems belonging to organizations in Ukraine and Poland. The Prestige campaign marks a broadening of focus for Iridium from its usual destructive […]

Read More
Enterprise Vulnerabilities

NSA recommends organizations make strategic shift to memory-safe languages

Programming languages such as C and C++ rely too heavily on the programmer not making memory-related mistakes, agency says [300 words]. What: NSA says organizations should consider making a strategic shift from programming languages such as C/C++ to “memory-safe” languages such as C#, Go, Java, Ruby and Swift. With these languages, memory management does not […]

Read More