Meta’s Mega-Move Against Covert Influence Ops Main Points Meta breaks up two behemoth covert influence operations originating from China and Russia. More than 50 apps targeted, including Facebook, Instagram, TikTok, Reddit, and many more. Thousands of accounts and pages blocked across Meta’s platform. Masterstroke by Meta Meta played a game of whack-a-mole and bashed two
Read More
# Main Points: – An unknown threat actor is exploiting high-severity security flaws in the MinIO high-performance object storage system. – Cybersecurity firm Security Joes noticed the intrusion, which employed a publicly available exploit chain to backdoor the MinIO instance. – The weakness comprised CVE-2023-28432 (CVSS score: 7.5) and another unspecified vulnerability. ## Don’t MinIO
Read More
X’s New Privacy Policy: Biometric Data to Improve Safety – The popular social media platform X, once known as Twitter, has made major updates to its privacy policy. – The company has announced plans to start collecting biometric data from users in order to counter fraud and fake accounts. – The new policy is intended
Read More
Smishing Scam Targets US, iMessages are the Medium of Mischief Overview: Large-scale smishing campaign is reaching into the U.S., utilizing compromised Apple iCloud accounts to send iMessages. This campaign aims to commit identity theft and financial fraud. The threat operators, mainly Chinese-speaking, are running a package-tracking text scam on iMessage. The intention is to collect
Read More
AI Hype Isn’t Matching Reality – Robots aren’t Here to Grab Your Job Yet Main points: Fears and fantasies about Artificial Intelligence (AI) replacing humans are largely exaggerated. AI’s real impact is in augmenting human decision-making, not replacing it. Businesses should leverage AI tools to improve workflows and productivity, rather than replace employees. AI can
Read More
Advertising as Malware: A Cybercrime Trend From Vietnam Main Points: Vietnamese cyber attackers are exploiting Ad channels on social media platforms like Facebook to spread malware. Fraudulent ads have been traditionally again used to target victims with scams, malvertising, and more. The large amount of businesses now advertising on social media has made it an
Read More
Malware Sneaks In Via Stacked PDFs: Embedding Word Docs Hacks New Path MalDoc in PDF Technique The cybersecurity world never sleeps, and the boogie-man that goes bump in the byte is stirring once again. Researchers have spotlighted a novel antivirus evasion method that involves posing malicious Microsoft Word files as harmless PDF files. That’s right,
Read More
Unraveling A Recently Patched Flaw in VMware Aria Operations for Networks Availability of Proof-of-concept (PoC) exploit code for a recently disclosed flaw in VMware Aria Operations for Networks, previously known as vRealize Network Insight. The vulnerability, CVE-2023-34039, is rated 9.8/10 in terms of severity. The flaw has been identified as an issue of authentication bypass
Read More
Identity Service Provider Okta Raises Alarm Over Social Engineering Attacks Okta, an identity services provider, has announced a surge in social engineering attacks targeted at gaining administrative permissions. In the past few weeks, several US-based Okta customers have spotted a consistent pattern in these attacks, which majorly involve ‘conning’ IT service desk personnel. The attackers’
Read More
A New Ransomware Strain Attacks: Poorly Secured MS SQL Servers Under Siege Main Points Threat actors exploit insecure Microsoft SQL (MS SQL) servers using Cobalt Strike and ransomware named FreeWorld. Cybersecurity firm Securonix has named the campaign DB#JAMMER, highlighting the unique application of its toolset and infrastructure. This toolkit comprises of enumeration software, RAT payloads,
Read MoreNo products in the cart.