The U.S. Federal Bureau of Investigation (FBI) is warning of a new trend of dual ransomware attacks targeting the same victims, at least since July 2023. "During these attacks, cyber threat actors deployed two different ransomware variants against victim companies from the following variants: AvosLocker, Diamond, Hive, Karakurt, LockBit, Quantum, and [...]

Sophisticated cyber actors backed by Iran known as OilRig have been linked to a spear-phishing campaign that infects victims with a new strain of malware called Menorah. "The malware was designed for cyberespionage, capable of identifying the machine, reading and uploading files from the machine, and downloading another file or malware," Trend Micro [...]

Multiple security vulnerabilities have been disclosed in the Exim mail transfer agent that, if successfully exploited, could result in information disclosure and remote code execution. The list of flaws, which were reported anonymously way back in June 2022, is as follows - CVE-2023-42114 (CVSS score: 3.7) - Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability [...]

Over the last eighteen months or so, a motley group of teenagers under the banner of Lapsus$ managed to hack into “unbreachable” fortresses at tech giants such as Okta, T-Mobile, Nvidia, Microsoft, and Globant using unsophisticated but creative and persistent techniques. While the group’s goals were unclear and differing – fluctuating [...]

Heads-up, Apple-in-the-enterprise admins. One of the biggest annual events for Apple IT professionals, Jamf Nation User Conference, rolled around this week in Austin, TX. Led by new CEO John Strosahl, the company offered up a range of announcements, improvements, and insights from third-party presenters, including Cisco CIO Fletcher Previn. Michael Covington, Jamf [...]

Meta focused on bringing mixed reality to the masses at its Connect developer conference this week, rolling out its Meta Quest 3 headset with an emphasis on entertainment and gaming. But the company sees potential uses in the workplace, too. In particular, the Quest 3 headset’s “pass-through” feature is designed [...]

Threat actors are selling a new crypter and loader called ASMCrypt, which has been described as an "evolved version" of another loader malware known as DoubleFinger. "The idea behind this type of malware is to load the final payload without the loading process or the payload itself being detected by AV/EDR, etc.," [...]

As I work with financial services and banking organizations around the world, one thing is clear: AI and generative AI are hot topics of conversation. These conversations are so weighty, they are happening at the boardroom level.  I get it. Financial organizations want to capture generative AI’s tremendous potential while mitigating [...]

Generative AI (GenAI) is not just the topic of the hour – it may well be the topic of the decade and beyond. Until a year ago, when people suggested that AI was already mainstream and asked what the next big thing would be, I replied that we had not [...]

Facebook parent Meta this week rolled out plans for various chatbots for US consumers that are embedded into specific applications, including WhatsApp, Messenger, and Instagram.The new Meta AI bot, currently in beta, is powered by various iterations of Meta’s Llama 2 large language model (LLM). The difference between Meta’s LLM [...]

If any technology has captured the collective imagination in 2023, it’s generative AI — and businesses are beginning to ramp up hiring for what in some cases are very nascent gen AI skills, turning at times to contract workers to fill gaps, pursue pilots, and round out in-house AI project teams. Analyzing [...]

While France’s competition watchdog did not confirm the identity of the entity being investigated, it said that the raids were conducted in the graphics cards sector. [...]

We observed and tracked the advanced persistent threat (APT) APT34 group with a new malware variant accompanying a phishing attack comparatively similar to the SideTwist backdoor malware. Following the campaign, the group abused a fake license registration form of an African government agency to target a victim in Saudi Arabia. [...]

We examine the campaigns of the cyberespionage group known as Turla over the years, with a special focus on the key MITRE techniques and the corresponding IDs associated with the threat actor group. [...]

This blog entry details a scheme that exploits the recent Morocco earthquake by impersonating the domain name of a well-known humanitarian organization for financial fraud. [...]