Infosec News

InfoSec News 20230116

  • Publicado: Seg, 16/01/2023 - 12:31

Top News

  • NortonLifeLock warns that hackers breached Password Manager accounts

"Gen Digital, formerly Symantec Corporation and NortonLifeLock, is sending data breach notifications to customers, informing them that hackers have successfully breached Norton Password Manager accounts in credential-stuffing attacks.
According to a letter sample shared with the Office of the Vermont Attorney General, the attacks did not result from a breach on the company but from account compromise on other platforms.

InfoSec News 20230113

  • Publicado: Sex, 13/01/2023 - 13:44

Top News

  • Android TV box on Amazon came pre-installed with malware

"Artificial intelligence and machine learning (AI/ML) models have already shown some promise in increasing the sophistication of phishing lures, creating synthetic profiles, and creating rudimentary malware, but even more innovative applications of A Canadian systems security consultant discovered that an Android TV box purchased from Amazon was pre-loaded with persistent, sophisticated malware baked into its firmware.

InfoSec News 20230112

  • Publicado: Qui, 12/01/2023 - 11:42

Top News

  • Twitter claims leaked data of 200M users not stolen from its systems

"Twitter finally addressed reports that a dataset of email addresses linked to hundreds of millions of Twitter users was leaked and put up for sale online, saying that it found no evidence the data was obtained by exploiting a vulnerability in its systems. 

InfoSec News 20230111

  • Publicado: Qua, 11/01/2023 - 12:44

Top News

  • StrongPity hackers target Android users via trojanized Telegram app

"The StrongPity APT hacking group is distributing a fake Shagle chat app that is a trojanized version of the Telegram for Android app with an added backdoor.
Shagle is a legitimate random-video-chat platform allowing strangers to talk via an encrypted communications channel. However, the platform is entirely web-based, not offering a mobile app.

InfoSec News 20230110

  • Publicado: Ter, 10/01/2023 - 14:23

Top News

  • Microsoft to throw $10 billion at ChatGPT - media

"Microsoft is thinking of investing $10 billion into OpenAI, the owner of ChatGPT, AI-based chatbot. The move would boost the value of the San Francisco-based firm to $29 billion.
The funding includes other venture firms and deal documents were sent to prospective investors in recent weeks, with the aim to close the round by the end of 2022, Semafor reported, citing people familiar with the matter.

InfoSec News 20230109

  • Publicado: Seg, 09/01/2023 - 12:20

Top News

  • Microsoft ends Windows 7 extended security updates on Tuesday

"Windows 7 Professional and Enterprise editions will no longer receive extended security updates for critical and important vulnerabilities starting Tuesday, January 10, 2023.
Microsoft launched the legacy operating system in October 2009. It then reached its end of support in January 2015 and its extended end of support in January 2020.

InfoSec News 20230106

  • Publicado: Sex, 06/01/2023 - 12:40

Top News

  • Bitdefender releases free MegaCortex ransomware decryptor

"Antivirus company Bitdefender has released a decryptor for the MegaCortex ransomware family, making it possible for victims of the once notorious gang to restore their data for free.
The creation of the decryptor was the combined work of Bitdefender analysts and experts from Europol, the NoMoreRansom Project, and the Zürich Public Prosecutor's Office and Cantonal Police.

InfoSec News 20230105

  • Publicado: Qui, 05/01/2023 - 14:09

Top News

  • Bluebottle hackers used signed Windows driver in attacks on banks

"A signed Windows driver has been used in attacks on banks in French-speaking countries, likely from a threat actor that stole more than $11 million from various banks.
The activity and targets fit the profile of the OPERA1ER hackers that have been attributed at least 35 successful attacks between 2018 and 2020.

InfoSec News 20230104

  • Publicado: Qua, 04/01/2023 - 15:35

Top News

  • Over 60,000 Exchange servers vulnerable to ProxyNotShell attacks

"More than 60,000 Microsoft Exchange servers exposed online are yet to be patched against the CVE-2022-41082 remote code execution (RCE) vulnerability, one of the two security flaws targeted by ProxyNotShell exploits."

Link

TLP1 : Green

InfoSec News 20230103

  • Publicado: Ter, 03/01/2023 - 15:18

Top News

  • Raspberry Robin Worm Evolves to Attack Financial and Insurance Sectors in Europe

"Financial and insurance sectors in Europe have been targeted by the Raspberry Robin worm, as the malware continues to evolve its post-exploitation capabilities while remaining under the radar."

Link

TLP1 : Green

Páginas