Chinese black market operators are openly recruiting government agency insiders, paying them for access to surveillance data and then reselling it online—no questions asked.
Security Latest – Read More
Exploitation attempts seen for two recently patched Citrix Session Recording vulnerabilities tracked as CVE-2024-8068 and CVE-2024-8069.
The post Exploitation Attempts Target Citrix Session Recording Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
Five alleged members of the infamous Scattered Spider cybercrime crew have been indicted in the U.S. for targeting employees of companies across the country using social engineering techniques to harvest credentials and using them to gain unauthorized access to sensitive data and break into crypto accounts to steal digital assets worth millions of dollars.
All of the accused parties have been
The Hacker News – Read More
Google has revealed that its AI-powered fuzzing tool, OSS-Fuzz, has been used to help identify 26 vulnerabilities in various open-source code repositories, including a medium-severity flaw in the OpenSSL cryptographic library.
“These particular vulnerabilities represent a milestone for automated vulnerability finding: each was found with AI, using AI-generated and enhanced fuzz targets,”
The Hacker News – Read More
Threat hunters are warning about an updated version of the Python-based NodeStealer that’s now equipped to extract more information from victims’ Facebook Ads Manager accounts and harvest credit card data stored in web browsers.
“They collect budget details of Facebook Ads Manager accounts of their victims, which might be a gateway for Facebook malvertisement,” Netskope Threat Labs researcher
The Hacker News – Read More
Trump promised in his presidential campaign platform to “repeal Joe Biden’s dangerous Executive Order that hinders AI Innovation, and imposes Radical Leftwing ideas on the development of this technology.”
The post US Gathers Allies to Talk AI Safety as Trump’s Vow to Undo Biden’s AI Policy Overshadows Their Work appeared first on SecurityWeek.
SecurityWeek – Read More
The ransomware group has drawn scrutiny for attacks on charities like Save The Children as well as healthcare firms like Boston Children’s Health Physicians. On Tuesday, it took credit for an attack on a Canadian healthcare company.
The Record from Recorded Future News – Read More
The document sheds light on a durable cybercrime operation that has drawn serious attention from security researchers and law enforcement agencies, even though it has kept a lower profile than other ransomware gangs.
The Record from Recorded Future News – Read More
Efficiency is the name of the game for the security operations center — and 91% of cybersecurity pros say AI and ML are winning that game.
darkreading – Read More
In US Senate testimony, a CrowdStrike exec explained how this advanced persistent threat penetrated telcos in Asia and Africa, gathering SMS messages, unique identifiers, and other metadata along the way.
darkreading – Read More