Update: Schneider Electric hit by Cactus ransomware
Update 20/02/2024 - The Cactus hackers claim to have stolen 1.5TB of data. As proof, they leaked 25MB of the data on the dark web. They also published snapshots of US citizens' passports and scans of documents with a non-disclosure agreement.
Original - French multinational Schneider Electric ha... Read more
28,500 Microsoft Exchange servers vulnerable
Update 20/02/2024 - 28,500 Microsoft Exchange servers have now been confirmed to be vulnerable to elevation of privilege. This puts affected organisations worldwide at significant risk, as many users are connected to Exchange for their work.
The attack surface may be even larger. Indeed, threat ... Read more
Netherlands extradites suspect behind Raccoon Infostealer to the US
The suspect arrested in the Netherlands behind the Raccoon Infostealer malware was recently extradited to the United States. The court in The Hague already ordered that the request could be granted last year.
The extradition by the Netherlands is important for the U.S. intelligence community to ... Read more
Google brings Magika for file detection with AI to the open source community
Google recently made its Google Magika technology open source. The technology uses AI and helps security specialists accurately identify files.
Google Magika technology works with a self-developed, highly optimized deep learning model, the tech giant indicates. This model is trained using the s... Read more
Google enhances Chrome security for remote workers
Google will soon begin testing adding Private Network Access (PNA) technology on the Google Chrome Enterprise and Education versions of the browser Chrome. The addition will provide enhanced security aimed primarily at remote workers.
According to the tech giant, the new feature in its Chrome b... Read more
Private keys and logins BMW were stored in public Azure server
A misconfiguration of a Microsoft Azure server at BMW leaked sensitive company information. This was discovered by a SOCRadar researcher during a routine Internet scan, reports TechCrunch.
According to TechCrunch, Can Yoleri, a security researcher at SOCRadar, discovered the misconfigured and th... Read more
‘Weakening encryption is undemocratic’: no place for client-side scanning?
The European Court of Human Rights (ECHR) recently ruled against laws and legislative proposals, saying that weakening end-to-end encryption of messaging services is not proportionate. They would also have no place in a democratic society.
In the recent ruling, the ECHR indicates that end-to-end... Read more
State hackers actively misuse AI for debugging and malware creation
State-sponsored hackers from several countries actively use AI and LLMs to support their attack campaigns. Microsoft and OpenAI share how they are leveraging their research results to improve the security of AI tools.
According to Microsoft and OpenAI, state-sponsored hackers increasingly use AI... Read more
Infoblox SOC Insights brings DNS insights to security teams
DNS and network data contain much information about potential emerging and existing cyber threats. With the introduction of SOC Insights, Infoblox is bringing this data to the Security Operations Center.
Infoblox comes originally from the networking world, focusing on the Domain Name System comb... Read more
Hackers exploit Windows Defender zero-day for DarkMe malware
A zero-day vulnerability in Windows Defender SmartScreen was recently exploited to spread the DarkMe malware. Microsoft has since released a patch to fix this exploit.
The zero-day, designated CVE-2024-21412, enabled the Water Hydra and DarkCasino hacker gang to spread the DarkMe remote access t... Read more