2024
Iran named as source of Trump campaign phish, leaks
Political stirrer Roger Stone may have been a weak link after personal emails cracked US authorities have named Iran as the likely source of a recent attack on the campaign of the US Republican Party's presidential nominee, Donald Trump.…
Digital wallets can allow purchases with stolen credit cards
Researchers find it's possible to downgrade authentication checks, and shabby token refresh policies Digital wallets like Apple Pay, Google Pay, and PayPal can be used to conduct transactions using stolen and cancelled payment cards, according to academic security researchers.…
OpenAI kills Iranian accounts using ChatGPT to write US election disinfo
12 on X and one on Instagram caught in the crackdown OpenAI has banned ChatGPT accounts linked to an Iranian crew suspected of spreading fake news on social media sites about the upcoming US presidential campaign.…
Multiple flaws in Microsoft macOS apps unpatched despite potential risks
Windows giant tells Cisco Talos it isn't fixing them Cisco Talos says eight vulnerabilities in Microsoft's macOS apps could be abused by nefarious types to record video and sound from a user's device, access sensitive data, log user input, and escalate privileges.…
National Public Data tells officials ‘only’ 1.3M people affected by intrusion
Investigators previously said the number was much, much higher The data broker at the center of what may become one of the more significant breaches of the year is telling officials that just 1.3 million people were affected.…
RansomHub-linked EDR-killing malware spotted in the wild
Also: Your external-facing NetSuite sites need a review; five popular malware varieties for Q2, and more Infosec in brief Malware that kills endpoint detection and response (EDR) software has been spotted on the scene and, given it's deploying RansomHub, it could soon be prolific.…
After nearly 3B personal records leak online, Florida data broker confirms it was ransacked by cyber-thieves
Names, addresses, Social Security numbers, more all out there A Florida firm has all but confirmed that millions of people's sensitive personal info was stolen from it by cybercriminals and publicly leaked.…
Unicoin hints at potential data meddling after G-Suite compromise
Attacker locked out all staff for four days The cryptocurrency offshoot of reality TV and entrepreneurship show Unicorn Hunters has confirmed that an unknown attacker compromised its G-Suite, locking all staff out of their accounts.…
Navigating the future of cybersecurity
Take a deep dive into the world of emerging cyber threats and defense strategies with Cloudflare Webinar In a world where cyber threats are continually evolving, staying informed is critical for IT and security professionals.…
DARPA, ARPA-H award $14m to 7 AIxCC semifinalists, with a catch
Teams wanting the cash have to commit to handing their models to OpenSSF after next year's final One year after it began, the DARPA AI Cyber Challenge (AIxCC) has whittled its pool of contestants down to seven semifinalists.…