Researchers have detailed a Virtual Private Network (VPN) bypass technique dubbed TunnelVision that allows threat actors to snoop on victim’s network traffic by just being on the same local network.
The “decloaking” method has been assigned the CVE identifier CVE-2024-3661 (CVSS score: 7.6). It impacts all operating systems that implement a DHCP client and has
The Hacker News – Read More
China-based cybercriminal group “BogusBazaar” created tens of thousands of fraudulent online stores based on expired domains to steal payment credentials.
darkreading – Read More
Tech giant notifies millions of customers that full names and physical mailing addresses were stolen during a security incident.
The post Dell Says Customer Names, Addresses Stolen in Database Breach appeared first on SecurityWeek.
SecurityWeek – Read More
Polish government institutions have been targeted as part of a large-scale malware campaign orchestrated by a Russia-linked nation-state actor called APT28.
“The campaign sent emails with content intended to arouse the recipient’s interest and persuade him to click on the link,” the computer emergency response team, CERT Polska, said in a Wednesday bulletin.
Clicking on the link
The Hacker News – Read More
Boeing confirmed to CyberScoop that it is the unnamed multinational aeronautical and defense corporation referenced in an indictment unsealed Tuesday by the U.S. Department of Justice.
Cyware News – Latest Cyber News – Read More
The Cobalt State of Pentesting Report highlights the challenges faced by the cybersecurity industry in balancing the use of AI and protecting against it, amidst significant workforce reductions and resource constraints.
Cyware News – Latest Cyber News – Read More
Poland’s CERT-PL said on Wednesday that it had observed a large-scale malware campaign, likely carried out by the hacker group APT28, also known as Fancy Bear, associated with Russia’s military intelligence agency, the GRU.
Cyware News – Latest Cyber News – Read More
Researchers have not identified any AI-engineered cyberattack campaigns, yet, but they say it’s only a matter of time before an AI system is dominant enough in the market to draw attention.
Cyware News – Latest Cyber News – Read More
The CISA announced the first round of commitments at the RSA Conference on Wednesday, with Director Jen Easterly warning that it was necessary because of widespread hacking campaigns by nation-states like China.
Cyware News – Latest Cyber News – Read More
When not scamming other criminals, criminals are concentrating on the use of mainstream AI products rather than developing their own AI systems.
The post Criminal Use of AI Growing, But Lags Behind Defenders appeared first on SecurityWeek.
SecurityWeek – Read More