Russian national Vladimir Dunaev found guilty for developing TrickBot malware, facing up to 35 years in prison.
Europe’s commercial ports are top entry points for cocaine flooding in at record rates. The work of a Dutch hacker, who was hired by drug traffickers to penetrate port IT networks, reveals how this...
It’s been one year since the launch of ChatGPT, and since that time, the market has seen astonishing advancement of large language models (LLMs). Despite the pace of development continuing to outpace model security, enterprises are beginning to deploy LLM-powered applications. Many rely on guardrails implemented by model developers to prevent LLMs from responding to sensitive prompts. However, even with the considerable time and effort spent by the likes of OpenAI, Google, and Meta, these guardrails are not resilient enough to protect enterprises and their users today. Concerns surrounding model risk, biases, and potential adversarial exploits have come to the forefront.
In this blog, we explore the modus operandi of threat actors utilizing QR code attacks, by examining recent and widespread quishing campaigns detected by Trellix.
Qualcomm has disclosed details about three high-severity security vulnerabilities that were exploited in limited, targeted attacks in October 2023.
In this vulnerability disclosure report, we discuss details of 5Ghoul – a family of implementation-level 5G vulnerabilities. Such a family of vulnerabilities are present in the firmware implementation of 5G mobile network modems from major chipset vendors i.e., Qualcomm and MediaTek. Consequently, many 5G-capable commercial products such as smartphones, Customer-premises Equipment (CPE) routers and USB modems are potentially impacted due to the employment of vulnerable 5G modems in such products. In total, we have found 12 new vulnerabilities (14 total), out of which 10 affect 5G modems from Qualcomm and MediaTek. More importantly, three of these ten vulnerabilities are confirmed to have high severity. We also wrote a scraper to send crafted queries to https://www.kimovil.com/en/ and to have an estimate on the number of smartphone models affected due to these vulnerabilities. We found over 710 smartphone models that are currently in the market to be affected. We emphasize that the actual number of affected models might be more, as firmware code is often shared across different modem versions. In this disclosure report, we also demonstrate the exploitation of 5Ghoul vulnerabilities to drop and freeze 5G connection on smartphones and CPE routers. We also show downgrade attacks across multiple smartphones that result in downgrading the 5G connection to 4G.
In three campaigns over the past 20 months, Russian APT Fighting Ursa has targeted over 30 organizations of likely strategic intelligence value using CVE-2023-23397.
Microsoft Threat Intelligence continues to track and disrupt malicious activity attributed to a Russian state-sponsored actor we track as Star Blizzard, who has improved their detection evasion capabilities since 2022 while remaining focused on email credential theft against targets.
The Russia-based actor Star Blizzard (formerly known as SEABORGIUM, also known as Callisto Group/TA446/COLDRIVER/TAG-53/BlueCharlie) continues to successfully use spear-phishing attacks against targeted organizations and individuals in the UK, and other geographical areas of interest, for information-gathering activity.
The UK National Cyber Security Centre (NCSC), the US Cybersecurity and Infrastructure Security Agency (CISA), the US Federal Bureau of Investigation (FBI), the US National Security Agency (NSA), the US Cyber National Mission Force (CNMF), the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), the Canadian Centre for Cyber Security (CCCS), and the New Zealand National Cyber Security Centre (NCSC-NZ) assess that Star Blizzard is almost certainly subordinate to the Russian Federal Security Service (FSB) Centre 18.
The British government accused a unit of Russia’s Federal Security Service (FSB) on Thursday of using cyberattacks in a “sustained but unsuccessful” campaign to undermine democratic institutions in the country.
The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation.
Wasn't certain where to drop this but... woke up to a coworker texting me the attached photo. Luckily they renamed the PLC to "GAZA" and didn't actually do too much damage.
The company’s AirLink cellular routers are often used in critical infrastructure sectors, such as government and emergency services.
JTL security researchers discover how Lockdown Mode on iOS can be manipulated by a threat actor on compromised or jailbroken iPhones to trick users into believing that their device is protected by Lockdown Mode when in reality when in fact, it's not.
A new macOS Trojan-Proxy is riding on cracked versions of legitimate software; it relies on DNS-over-HTTPS to obtain a C&C (command and control) address.
Illegally distributed software historically has served as a way to sneak malware onto victims’ devices. Oftentimes, users are not willing to pay for software tools they need, so they go searching the Web for a “free lunch”. They are an excellent target for cybercriminals who realize that an individual looking for a cracked app will be willing to download an installer from a questionable website and disable security on their machine, and so they will be fairly easy to trick into installing malware as well.
Unidentified governments are surveilling smartphone users by tracking push notifications that move through Google's and Apple's servers, a US...
In a letter to the Department of Justice, Senator Ron Wyden said foreign officials were demanding the data from the tech giants to track smartphones. The traffic flowing from apps that send push notifications put the companies "in a unique position to facilitate government surveillance of how users are using particular apps," Wyden said. He asked the Department of Justice to "repeal or modify any policies" that hindered public discussions of push notification spying.
Unidentified governments are surveilling smartphone users via their apps' push notifications, a U.S. senator warned on Wednesday.
Windows 10's end-of-support date is October 14, 2025. That's the day that most Windows 10 PCs will receive their last security update and the date when most people should find a way to move to Windows 11 to ensure that they stay secure.
As it has done for other stubbornly popular versions of Windows, though, Microsoft is offering a reprieve for those who want or need to stay on Windows 10: three additional years of security updates, provided to those who can pay for the Extended Security Updates (ESU) program.
Atlassian has released software fixes to address four critical flaws in its software that could lead to remote code execution.
A Moscow legal battle strongly indicates that phone forensics tools used by both the FBI and FSB are exploiting security loopholes in Apple’s operating system.
