SANS Reveals Top 5 Most Dangerous Cyberattacks for 2023
Expert instructors from the SANS Institute here yesterday detailed what they cite as the most dangerous forms of cyberattacks for 2023. Some of the key themes bubbling to the surface included the intersection of AI with attack patterns and the ways that attackers are taking advantage of highly flexible development environments. “This is my favorite…
Iranian ‘Educated Manticore’ Hackers Target Israel
Iranian hackers are deploying an updated backdoor apparently targeting Israeli academic researchers with an interest in Iraq. Researchers at Check Point Security said a group they have dubbed “Educated Manticore” is sending the Iraq-themed bait in order to coax users into initiating a new and improved infection chain that ends with deployment of an implant…
Google leaking 2FA secrets – researchers advise against new “account sync” feature for now
The Google Authenticator 2FA app has featured strongly in cybersecurity news stories lately, with Google adding a feature to let you backup your 2FA data into the cloud and then restore it onto other devices. To explain, a 2FA (two-factor authentication) app is one of those programs that you run on your mobile phone or…
‘Good’ AI Is the Only Path to True Zero-Trust Architecture
Threat actors armed with artificial intelligence (AI) tools like ChatGPT can pass the bar exam, ace an Advanced Placement biology course, and even create polymorphic malware. It’s up to the cybersecurity community to put AI to work to combat it. RSA CEO Rohit Ghai used the opening keynote of this year’s RSAC in San Francisco,…
PaperCut security vulnerabilities under active attack – vendor urges customers to patch
We’ll be honest, and admit that we hadn’t heard of the printer management software PaperCut until this week. In fact, the first time we heard the name was in the context of cybercriminality and malware attacks, and we naively assumed that “PaperCut” was what we like to call a BWAIN. A BWAIN is our satirical…
Experts released PoC Exploit code for actively exploited PaperCut flaw
Hackers are actively exploiting PaperCut MF/NG print management software flaws (tracked as CVE-2023-27350 and CVE-2023-27351) in attacks in the wild. The threat actors were observed installing the Atera remote management software to take over vulnerable servers. On April 19th, Print management software provider PaperCut confirmed that it is aware of the active exploitation of the…
Double zero-day in Chrome and Edge – check your versions now!
If you’re a Google Chrome or Microsoft Edge browser fan, you’re probably getting updates automatically and you’re probably up to date already. However… …just in case you’ve missed any updates recently, we suggest you go and check right now, because the Chromium browser core, on which both Edge and Chrome are based, has patched not…
American Bar Association (ABA) suffered a data breach,1.4 million members impacted
The American Bar Association (ABA) is a voluntary bar association of lawyers and law students; it is not specific to any jurisdiction in the United States. The ABA has 166,000 members as of 2022. The attackers may have gained access to the members’ credentials for a legacy member system that was decommissioned in 2018. The…
‘EvilExtractor’ All-in-One Stealer Campaign Targets Windows User Data
A phishing campaign that launched in March and is actively targeting Microsoft operating system users in Europe and the US is making the rounds, using the EvilExtractor tool as its weapon of choice. Research this week from FortiGuard Labs details the EvilExtractor attack chain, explaining that it usually starts with a legitimate-seeming Adobe PDF or…
Intel Prioritizes Security in Latest vPro Chips
Intel is taking a new tack with the latest commercial PC chips announced last month: Instead of touting speed and performance, the company emphasized the chip’s security features. The chip giant has been working with security vendors in recent years to implement hardware-level protections on the chips to protect laptops from ransomware and malware attacks….
