Microsoft Alerts More Customers to Email Theft in Expanding Midnight Blizzard Hack

/in

Shockwaves from the Russian government’s hack of Microsoft’s corporate infrastructure continue to spread as the victim pool widens.

The post Microsoft Alerts More Customers to Email Theft in Expanding Midnight Blizzard Hack appeared first on SecurityWeek.

SecurityWeek – ​Read More

New Unfurling Hemlock Threat Actor Floods Systems with Malware

/in

Unfurling Hemlock is using a new method, referred to as a “malware cluster bomb,” which allows the threat actor to use one malware sample to spread additional malware on compromised machines.

Cyware News – Latest Cyber News – ​Read More

Kimsuky Using TRANSLATEXT Chrome Extension to Steal Sensitive Data

/in

The North Korea-linked threat actor known as Kimsuky has been linked to the use of a new malicious Google Chrome extension that’s designed to steal sensitive information as part of an ongoing intelligence collection effort.
Zscaler ThreatLabz, which observed the activity in early March 2024, has codenamed the extension TRANSLATEXT, highlighting its ability to gather email addresses, usernames,

The Hacker News – ​Read More

Hundreds of Thousands Impacted in Children’s Hospital Cyberattack

/in

Though the Chicago-area hospital did not pay a ransom, a host of sensitive medical information is now at risk.

darkreading – ​Read More

LMSYS launches ‘Multimodal Arena’: GPT-4 tops leaderboard, but AI still can’t out-see humans

/in

LMSYS’s new Multimodal Arena reveals GPT-4 leads in AI vision tasks, but benchmark results show even top models lag behind human visual understanding and reasoning capabilities.Read More

Security News | VentureBeat – ​Read More

LockBit Attack Targets Evolve Bank, Not Federal Reserve

/in

The ransomware group claimed it had breached the Federal Reserve, but the target now appears to have been an Arkansas-based bank, Evolve.

darkreading – ​Read More

Remote Access Giant TeamViewer Says Russian Spies Hacked Its Corporate Network

/in

TeamViewer, a leading provider of remote access tools, has confirmed that its corporate network is currently under a cyberattack. The company has identified the attackers as a government-backed Russian intelligence group known as APT29.

Cyware News – Latest Cyber News – ​Read More

Chrome to Distrust Entrust Certificates by November 2024

/in

From Entrust to Distrust!

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others

/in

GitLab has released security updates to address 14 security flaws, including one critical vulnerability that could be exploited to run continuous integration and continuous deployment (CI/CD) pipelines as any user.
The weaknesses, which affect GitLab Community Edition (CE) and Enterprise Edition (EE), have been addressed in versions 17.1.1, 17.0.3, and 16.11.5.
The most severe of the

The Hacker News – ​Read More

Malware Peddlers Experimenting with BPL Sideloading and Masking Malicious Payloads as PGP Keys

/in

The campaign involves a Bollywood pirate movie download site leading to a Bunny content delivery platform, which then points to a ZIP file. Inside the ZIP file, there is another password-protected ZIP file with a text file containing the password.

Cyware News – Latest Cyber News – ​Read More