The Google Authenticator 2FA app has featured strongly in cybersecurity news stories lately, with Google adding a feature to let you backup your 2FA data into the cloud and then restore it onto other devices. To explain, a 2FA (two-factor authentication) app is one of those programs that you run on your mobile phone or…
Threat actors armed with artificial intelligence (AI) tools like ChatGPT can pass the bar exam, ace an Advanced Placement biology course, and even create polymorphic malware. It’s up to the cybersecurity community to put AI to work to combat it. RSA CEO Rohit Ghai used the opening keynote of this year’s RSAC in San Francisco,…
We’ll be honest, and admit that we hadn’t heard of the printer management software PaperCut until this week. In fact, the first time we heard the name was in the context of cybercriminality and malware attacks, and we naively assumed that “PaperCut” was what we like to call a BWAIN. A BWAIN is our satirical…
Hackers are actively exploiting PaperCut MF/NG print management software flaws (tracked as CVE-2023-27350 and CVE-2023-27351) in attacks in the wild. The threat actors were observed installing the Atera remote management software to take over vulnerable servers. On April 19th, Print management software provider PaperCut confirmed that it is aware of the active exploitation of the…
If you’re a Google Chrome or Microsoft Edge browser fan, you’re probably getting updates automatically and you’re probably up to date already. However… …just in case you’ve missed any updates recently, we suggest you go and check right now, because the Chromium browser core, on which both Edge and Chrome are based, has patched not…
The American Bar Association (ABA) is a voluntary bar association of lawyers and law students; it is not specific to any jurisdiction in the United States. The ABA has 166,000 members as of 2022. The attackers may have gained access to the members’ credentials for a legacy member system that was decommissioned in 2018. The…
A phishing campaign that launched in March and is actively targeting Microsoft operating system users in Europe and the US is making the rounds, using the EvilExtractor tool as its weapon of choice. Research this week from FortiGuard Labs details the EvilExtractor attack chain, explaining that it usually starts with a legitimate-seeming Adobe PDF or…
Intel is taking a new tack with the latest commercial PC chips announced last month: Instead of touting speed and performance, the company emphasized the chip’s security features. The chip giant has been working with security vendors in recent years to implement hardware-level protections on the chips to protect laptops from ransomware and malware attacks….
The Trigona ransomware threat actors are waging a campaign against Microsoft SQL database servers because many of them have external connections and weak passwords, leaving them open targets for brute force or dictionary attacks. These vulnerable MS-SQL servers were designated as “poorly managed” by AhnLab Security’s new alert about Trigona’s nefarious activities. “If a threat…
Not every data breach needs a hacker; sometimes just a careless employee will do. The U.S. Consumer Financial Protection Bureau said a now-ex-employee sent records containing Americans’ private data to a personal email account. Over the course of 14 emails, the employee sent records including two spreadsheets containing names and transaction-specific account numbers related to…
Google leaking 2FA secrets – researchers advise against new “account sync” feature for now
