Tag: computer
-
Microsoft took legal action against crooks who developed a tool to abuse its AI-based services
In December, Microsoft sued a group for creating tools to bypass safety measures in its cloud AI products. Microsoft filed a complaint with the Eastern District Court of Virginia against ten individuals for using stolen credentials and custom software to breach computers running Microsoft’s Azure OpenAI services to generate content for harmful purposes. >>Defendants used…
-
DNA sequencer vulnerabilities signal firmware issues across medical device industry
Tags: access, advisory, attack, best-practice, computer, computing, control, credentials, data, exploit, firmware, flaw, Hardware, iot, leak, malicious, malware, mitigation, privacy, rce, remote-code-execution, risk, side-channel, software, supply-chain, update, vulnerability, windowsIn highlighting vulnerabilities in a widely used DNA gene sequencing device, security researchers have brought further attention to the likely poor state of security in the medical device industry, where hardware and firmware development is often outsourced to external equipment manufacturers under questionable support contracts.The device, Illumina’s iSeq 100 compact DNA sequencer, is used by…
-
Casio Discloses Data Leak Following Ransomware Attack
Casio Computer Co., Ltd. has disclosed the results of its investigation into a ransomware attack that compromised its First seen on securityonline.info Jump to article: securityonline.info/casio-discloses-data-leak-following-ransomware-attack/
-
ADFS”Š”, “ŠLiving in the Legacy of DRS
ADFS”Š”, “ŠLiving in the Legacy of DRS It’s no secret that Microsoft have been trying to move customers away from ADFS for a while. Short of slapping a “deprecated” label on it, every bit of documentation I come across eventually explains why Entra ID should now be used in place of ADFS. And yet”¦ we still encounter…
-
Critical Windows LDAP flaw could lead to crashed servers, RCE attacks
Researchers have published a proof-of-concept exploit for a pair of Windows Lightweight Directory Access Protocol (LDAP) flaws that could lead to server crashes or remote code execution (RCE) on Windows servers.”Active Directory Domain Controllers (DCs) are considered to be one of the crown jewels in organizational computer networks,” noted researchers at security firm SafeBreach, who…
-
US government sanctions Chinese cybersecurity company linked to APT group
The US Department of Treasury’s Office of Foreign Assets Control (OFAC) has issued sanctions against a Beijing cybersecurity company for its role in attacks attributed to a Chinese cyberespionage group known as Flax Typhoon.The company, called Integrity Technology Group (Integrity Tech), is accused of providing the computer infrastructure that Flax Typhoon used in its operations…
-
Volkswagen massive data leak caused by a failure to secure AWS credentials
A failure to properly protect access to its AWS environment is one of the root causes of the recent massive Volkswagen data leak, according to a presentation on the incident at the Chaos Computer Club on Dec. 27.But the security analyst who helped expose the leak said the $351 billion car manufacturer violated its own…
-
Volkswagen Breach Exposes Data of 800K EV Customers
Ethical hacking group Chaos Computer Club uncovered exposed data of electrical vehicle owners across the company’s VW, Audi, Seat, and Skoda brands. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/volkswagen-breach-exposes-data-of-800k-customers
-
Boffins ponder paltry brain data rate of 10 bits per second
You may not need that high-bandwidth brain-computer interface First seen on theregister.com Jump to article: www.theregister.com/2025/01/01/boffins_peg_brain_data_rate/
-
38C3: Bitlocker über Schwachstellen ausgehebelt (Dez. 2024)
Noch ein kleiner Nachtrag vom Wochenende auf dem 38C3-Kongress des Chaos Computer Clubs hat Thomas Lambertz, ein Sicherheitsexperte, gezeigt, wie sich Microsofts Bitlocker-Verschlüsselung über ein “Downgrade” einer gepatchten Schwachstelle aushebeln lässt. Der Weg, über den Geheimdienste oder Strafverfolger an … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/12/31/38c3-bitlocker-ueber-schwachstellen-ausgehebelt-dez-2024/
-
Chinese APT Exploits BeyondTrust API Key to Access U.S. Treasury Systems and Documents
The United States Treasury Department said it suffered a “major cybersecurity incident” that allowed suspected Chinese threat actors to remotely access some computers and unclassified documents. “On December 8, 2024, Treasury was notified by a third-party software service provider, BeyondTrust, that a threat actor had gained access to a key used by the vendor to…
-
Elektronische Patientenakte (ePA): Vernichtende Kritik von CCC und Fachleuten
Die elektronische Patientenakte (ePA) steht kurz vor ihrer “Einführung” ab Januar 2025. Der Chaos Computer Club (CCC) fordert auf Grund von Sicherheitslücken ein “Ende der ePA-Experimente am lebenden Bürger”. Fachleute weisen zudem auf die Gefahr einer Stigmatisierung hin, oder bezweifeln … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/12/28/elektronische-patientenakte-epa-vernichtende-kritik-von-ccc-und-fachleuten/
-
DEF CON 32 Using AI Computer Vision In Your OSINT Data Analysis
Authors/Presenters: Mike Raggo Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/def-con-32-using-ai-computer-vision-in-your-osint-data-analysis/
-
Canvas fingerprinting in the wild
Tags: computerEvery day, your computer renders dozens of these without you even noticing. Strange patterns, colorful shapes, and emojis”, what do you think these are? These are canvas fingerprints, a technique used by the vast majority of websites to fingerprint devices and distinguish humans from bots. What you might not First seen on securityboulevard.com Jump to…
-
Cybersecurity Snapshot: What Looms on Cyberland’s Horizon? Here’s What Tenable Experts Predict for 2025
Tags: access, ai, attack, best-practice, breach, business, cisa, ciso, cloud, computer, cyber, cyberattack, cybercrime, cybersecurity, dark-web, data, data-breach, exploit, flaw, guide, hacker, ibm, incident response, intelligence, lessons-learned, monitoring, office, resilience, risk, service, software, strategy, threat, tool, training, update, vulnerability, vulnerability-management, zero-trustWondering what cybersecurity trends will have the most impact in 2025? Check out six predictions from Tenable experts about cyber issues that should be on your radar screen in the new year, including AI security, data protection, cloud security… and much more! 1 – Data protection will become even more critical as AI usage surges…
-
Quantum Computing Advances in 2024 Put Security In Spotlight
The work on quantum computing hit some major milestones in 2024, making the path to a workable quantum computer seem closer than ever. Google, Microsoft, and other research efforts hit significant milestones this year, but is the cybersecurity world ready? First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/quantum-computing-advances-2024-security-spotlight
-
Top 10 police technology stories of 2024
Here are Computer Weekly’s top 10 police technology stories of 2024 First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366617312/Top-10-police-technology-stories-of-2024
-
Japan Airlines resumes operations after cyberattack delays flights
The company claimed that no customer information was leaked and that it suffered no damage from computer viruses. There was also no impact on flight safety, according to JAL.]]> First seen on therecord.media Jump to article: therecord.media/japan-airlines-resumes-operations-after-cyberattack
-
Brazilian Hacker Charged for Extorting $3.2M in Bitcoin After Breaching 300,000 Accounts
A Brazilian citizen has been charged in the United States for allegedly threatening to release data stolen by hacking into a company’s network in March 2020.Junior Barros De Oliveira, 29, of Curitiba, Brazil has been charged with four counts of extortionate threats involving information obtained from protected computers and four counts of threatening communications, the…
-
Brazilian Hacker Arrested Hacking Computers Selling Data
A Brazilian man, Junior Barros De Oliveira, has been charged with multiple counts of cybercrime and extortion for hacking into the computer systems of a Brazilian subsidiary of a New Jersey-based company and attempting to extort millions in Bitcoin. The indictment, unsealed in Newark federal court on December 23, 2024, accuses De Oliveira of accessing…
-
How are you securing your communications in the wake of the Volt Typhoon revelations?
Tags: access, advisory, android, apple, apt, attack, authentication, business, china, cisa, cisco, cloud, communications, computer, control, cyber, cybersecurity, detection, email, endpoint, espionage, exploit, firewall, firmware, government, group, Hardware, infrastructure, Internet, Intruder, microsoft, network, phishing, ransomware, risk, service, software, technology, threat, tool, update, vpn, vulnerability, windows, zero-dayThe FBI recently released information that text messages between Apple and Android texting systems were insecure and that attackers could listen in and access those communications, more fallout from the revelation that a Chinese-affiliated threat actor had breached telecommunications companies.The announcement that the group known as Salt Typhoon had compromised networks of major global telecommunications…
-
Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks
Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks, pleading guilty to fraud charges in June. Romanian national Daniel Christian Hulea, 30, was sentenced to 20 years in prison for his role in NetWalker ransomware attacks. Hulea pleaded guilty to computer fraud conspiracy and wire fraud conspiracy on…
-
Cybersecurity Snapshot: CISA Hands Down Cloud Security Directive, While Threat from North Korean IT Workers Gets the Spotlight
Tags: access, ai, authentication, best-practice, business, china, cisa, cisco, cloud, computer, control, cyber, cybersecurity, data, data-breach, email, extortion, finance, framework, fraud, google, government, guide, hacker, identity, incident, incident response, infrastructure, intelligence, international, Internet, jobs, korea, kubernetes, law, lessons-learned, linux, login, malicious, microsoft, mobile, monitoring, network, north-korea, office, password, regulation, risk, risk-management, russia, service, software, tactics, technology, threat, tool, updateCheck out the new cloud security requirements for federal agencies. Plus, beware of North Korean government operatives posing as remote IT pros. Also, learn how water plants can protect their HMIs against cyberattacks. And get the latest on the U.S. cyber incident response framework; the CIS Benchmarks; and local and state governments’ cyber challenges. Dive…
-
Top 10 data and ethics stories of 2024
Here are Computer Weekly’s top 10 data and ethics stories of 2024 First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366617246/Top-10-data-and-ethics-stories-of-2024
-
Romanian Netwalker ransomware affiliate sentenced to 20 years in prison
Daniel Christian Hulea, a Romanian man charged for his involvement in NetWalker ransomware attacks, was sentenced to 20 years in prison after pleading guilty to computer fraud conspiracy and wire fraud conspiracy in June. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/romanian-netwalker-ransomware-affiliate-sentenced-to-20-years-in-prison/
-
Latest attempt to override UK’s outdated hacking law stalls
Amendments to the Data Bill that would have given the UK cyber industry a boost by updating restrictive elements of the Computer Misuse Act have failed to progress beyond a Lords committee First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366617109/Latest-attempt-to-override-UKs-outdated-hacking-law-stalls
-
Ukrainian sentenced to five years in jail for work on Raccoon Stealer
Ukrainian national Mark Sokolovsky was sentenced Wednesday to five years in federal prison for his role in operating Raccoon Infostealer malware, which infiltrated millions of computers worldwide to steal personal data. According to court documents, Sokolovsky, 28, was integral to operations that allowed the leasing of Raccoon Infostealer for $200 per month, payable via cryptocurrency.…