Users looking for ChatGPT apps get malware instead
The massive popularity of OpenAI’s chatbot ChatGPT has not gone unnoticed by cyber criminals: they are exploiting the public’s eagerness to experiment with it to …
Most vulnerabilities associated with ransomware are old
Researchers identified 56 new vulnerabilities associated with ransomware threats among a total of 344 threats identified in 2022 – marking a 19% increase year-over-year. …
Malware that can do anything and everything is on the rise
“Swiss Army knife” malware – multi-purpose malware that can perform malicious actions across the cyber-kill chain and evade detection by security controls – is on …
Novel face swaps emerge as a major threat to biometric security
Digital identities are rapidly becoming more widely used as organizations’ and governments’ digital transformation projects mature and users demand more remote accessibility …
A glut of wiper malware hits Ukrainian targets
ESET researchers have discovered yet another wiper malware used to target Ukrainian organizations. Dubbed SwiftSlicer, it is thought to be wielded by the Sandworm APT. …
What makes small and medium-sized businesses vulnerable to BEC attacks
According to the FBI’s 2021 Internet Crime Report, business email compromise (BEC) accounted for almost a third of the country’s $6.9 billion in cyber losses that year – …
A closer look at malicious packages targeting Python developers
In this Help Net Security video, Carlos Fernandez, Security Researcher at Sonatype, talks about how their AI system caught packages that attack Python developers with a unique …
Google ads increasingly pointing to malware
The FBI has recently warned the public about search engine ads pushing malware diguised as legitimate software – an old tactic that has lately resulted in too many …
CircleCI breach post-mortem: Attackers got in by stealing engineer’s session cookie
The attackers who pulled off the recent breach of continuous integration and continuous delivery (CI/CD) platform maker CircleCI got in by compromising an engineer’s …
Attackers abuse business-critical cloud apps to deliver malware
Over 400 distinct cloud applications delivered malware in 2022, nearly triple the amount seen in the prior year, and 30% of all cloud malware downloads in 2022 originated from …
Attackers evolve strategies to outmaneuver security teams
Attackers are expected to broaden their targeting strategy beyond regulated verticals such as financial services and healthcare. Large corporations (41%) will be the top …
Threat predictions for 2023: From hacktivism to cyberwar
When it comes to 2023 threat predictions, Trellix anticipates spikes in geopolitically motivated attacks across Asia and Europe, hacktivism fueled by tensions from opposing …
Featured news
Resources
Don't miss
- AI voice hijacking: How well can you trust your ears?
- CTM360 maps out real-time phishing infrastructure targeting corporate banking worldwide
- Malicious RVTools installer found on official site, researcher warns
- AI hallucinations and their risk to cybersecurity operations
- Why EU encryption policy needs technical and civil society input