August 2024

Digital wallets can allow purchases with stolen credit cards

Researchers find it's possible to downgrade authentication checks, and shabby token refresh policies Digital wallets like Apple Pay, Google Pay, and PayPal can be used to conduct transactions using stolen and cancelled payment cards, according to academic security researchers.…

OpenAI kills Iranian accounts using ChatGPT to write US election disinfo

12 on X and one on Instagram caught in the crackdown OpenAI has banned ChatGPT accounts linked to an Iranian crew suspected of spreading fake news on social media sites about the upcoming US presidential campaign.…

Multiple flaws in Microsoft macOS apps unpatched despite potential risks

Windows giant tells Cisco Talos it isn't fixing them Cisco Talos says eight vulnerabilities in Microsoft's macOS apps could be abused by nefarious types to record video and sound from a user's device, access sensitive data, log user input, and escalate privileges.…

National Public Data tells officials ‘only’ 1.3M people affected by intrusion

Investigators previously said the number was much, much higher The data broker at the center of what may become one of the more significant breaches of the year is telling officials that just 1.3 million people were affected.…

RansomHub-linked EDR-killing malware spotted in the wild

Also: Your external-facing NetSuite sites need a review; five popular malware varieties for Q2, and more Infosec in brief  Malware that kills endpoint detection and response (EDR) software has been spotted on the scene and, given it's deploying RansomHub, it could soon be prolific.…

After nearly 3B personal records leak online, Florida data broker confirms it was ransacked by cyber-thieves

Names, addresses, Social Security numbers, more all out there A Florida firm has all but confirmed that millions of people's sensitive personal info was stolen from it by cybercriminals and publicly leaked.…

Unicoin hints at potential data meddling after G-Suite compromise

Attacker locked out all staff for four days The cryptocurrency offshoot of reality TV and entrepreneurship show Unicorn Hunters has confirmed that an unknown attacker compromised its G-Suite, locking all staff out of their accounts.…

Navigating the future of cybersecurity

Take a deep dive into the world of emerging cyber threats and defense strategies with Cloudflare Webinar  In a world where cyber threats are continually evolving, staying informed is critical for IT and security professionals.…

DARPA, ARPA-H award $14m to 7 AIxCC semifinalists, with a catch

Teams wanting the cash have to commit to handing their models to OpenSSF after next year's final One year after it began, the DARPA AI Cyber Challenge (AIxCC) has whittled its pool of contestants down to seven semifinalists.…

Google raps Iran’s APT42 for raining down spear-phishing attacks

US politicians and Israeli officials among the top targets for the IRGC’s cyber unit Google has joined Microsoft in publishing intel on Iranian cyber influence activity following a recent uptick in attacks that led to data being leaked from the Trump re-election campaign.…

Copyright © 2024 Lugapel