Collaborate Disseminate
Small and medium businesses (SMBs) are not exempt from being targeted by advanced persistent threat (APT) actors, according to Proofpoint researchers. By analyzing a year’s worth of APT campaign data they collected from the 200,000+ SMBs that have thei… Continue reading How APTs target SMBs
Phishers are using encrypted restricted-permission messages (.rpmsg) attached in phishing emails to steal Microsoft 365 account credentials. “[The campaigns] are low volume, targeted, and use trusted cloud services to send emails and host content… Continue reading Phishers use encrypted file attachments steal Microsoft 365 account credentials
A newly identified ransomware operation has refashioned leaked LockBit and Babuk payloads into Buhti ransomware, to launch attacks on both Windows and Linux systems. Use of public exploits One notable aspect of the attackers leveraging the Buhti ransom… Continue reading New Buhti ransomware uses leaked payloads and public exploits
A clever phishing campaign aimed at stealing users’ business email account credentials by impersonating OpenAI, the company behind the ChatGPT chatbot, has been spotted by Inky researchers. The attack ChatGPT has quickly gained popularity and is … Continue reading Phishing campaign targets ChatGPT users
A 28-year-old former IT employee of an Oxford-based company has been convicted of blackmailing his employer and unauthorized access to a computer with intent to commit other offences, after pleading guilty during a hearing at Reading Crown Court, Engla… Continue reading IT employee piggybacked on cyberattack for personal gain
Error messages that ChatGPT and other AI language models generate can be used to uncover disinformation campaigns, hate speech and fake reviews via OSINT collection and analysis, says Nico Dekens, director of intelligence at ShadowDragon. AI-generated … Continue reading Simple OSINT techniques to spot AI-fueled disinformation, fake reviews
Researchers have developed DarkBERT, a language model pretrained on dark web data, to help cybersecurity pros extract cyber threat intelligence (CTI) from the Internet’s virtual underbelly. DarkBERT pretraining process and evaluated use case scen… Continue reading DarkBERT could help automate dark web mining for cyber threat intelligence
Nine vulnerabilities – 4 of them critical – have been found in a variety of Cisco Small Business Series Switches. PoC exploit code is available (but not public), and there is no indication that they are being exploited in the wild. About th… Continue reading Cisco fixes critical flaws in Small Business Series Switches
A Chinese state-sponsored APT group implanted malicious firmware into TP-Link routers as part of attack campaigns aimed at European foreign affairs entities, say Check Point researchers. Custom malicious firmware for TP-Link routers The malicious firmw… Continue reading TP-Link routers implanted with malicious firmware in state-sponsored attacks
A week after Twitter announced it will be removing idle accounts after 30 days of inaction, Google has updated its account inactivity policy. Updates to the Google account inactivity policy Google says that the updated policy is effective immediately, … Continue reading Inactive Google accounts will be deleted