The DIB Vulnerability Disclosure Program (DIB-VDP), a joint venture between the DoD Cyber Crime Center (DC3), the Defense Counterintelligence and Security Agency (DCSA), and HackerOne, will bring better vulnerability disclosure practices to the DIB. This article has been indexed from…
Category: Cyware News – Latest Cyber News
Study: GPT-4 Agent can Exploit Unpatched Vulnerabilities
Academics at a U.S. university found that if you feed a GPT-4 artificial intelligence agent public security advisories, it can exploit unpatched “real-world” vulnerabilities without precise technical information. This article has been indexed from Cyware News – Latest Cyber News…
GuptiMiner: Hijacking Antivirus Updates for Distributing Backdoors and Casual Mining
The GuptiMiner malware campaign, discovered by Avast, involved hijacking an eScan antivirus update mechanism to distribute backdoors and coinminers. The campaign was orchestrated by a threat actor with possible ties to Kimsuky. This article has been indexed from Cyware News…
CISA to Issue List of Software Products Critical to Agency Security by End of September
The Cybersecurity and Infrastructure Security Agency is targeting a September 30 deadline to give federal agencies a list of example software products deemed critical for the federal government’s cyber posture. This article has been indexed from Cyware News – Latest…
Microsoft Warns of North Korean Hackers Turning to AI-Fueled Cyber Espionage
Microsoft specifically highlighted a group named Emerald Sleet (aka Kimusky or TA427), which has been observed using LLMs to bolster spear-phishing efforts aimed at Korean Peninsula experts. This article has been indexed from Cyware News – Latest Cyber News Read…
Nespresso Domain Serves Up Steamy Cup of Phish, No Cream or Sugar
A phishing campaign exploiting a bug in Nespresso’s website has been able to evade detection by taking advantage of security tools that fail to look for malicious nested or hidden links. This article has been indexed from Cyware News –…
HHS Beefs Up Privacy Protection for Reproductive Health Info
Doctors, clinics and other providers are prohibited from disclosing protected health information related to lawful reproductive healthcare, according to a final rule released Monday by federal regulators to “strengthen” HIPAA privacy. This article has been indexed from Cyware News –…
Russian Sandworm Hackers Targeted 20 Critical Organizations in Ukraine
CERT-UA reports that in March 2024, APT44 conducted operations to disrupt information and communication systems at energy, water, and heating suppliers in 10 regions of Ukraine. This article has been indexed from Cyware News – Latest Cyber News Read the…
Behavioral Patterns of Ransomware Groups are Changing
The ransomware landscape has undergone significant changes in Q1 2024, with major shifts in the behavior of Ransomware-as-a-Service (RaaS) groups, according to GuidePoint Security’s GRIT Q1 2024 Ransomware Report. This article has been indexed from Cyware News – Latest Cyber…
GitLab Affected by GitHub-Style CDN Flaw Allowing Malware Hosting
Similar to a recently reported issue in GitHub, users can abuse the “comments” feature in GitLab to upload malware to any repository without the repository owner’s knowledge. This article has been indexed from Cyware News – Latest Cyber News Read…