Tag: intelligence

Haben die Russen die Wahl in Rumänien manipuliert?

Dec 9, 2024 10:07 AM

Tags: computer, cyberattack, cybercrime, cyersecurity, governance, government, infrastructure, injection, intelligence, Internet, sql, vulnerability
Gen AI use cases rising rapidly for cybersecurity, but concerns remain

Dec 9, 2024 8:07 AM

Tags: ai, attack, automation, awareness, ceo, ciso, compliance, control, cybersecurity, data, detection, finance, framework, fraud, GDPR, governance, grc, group, guide, Hardware, HIPAA, incident response, intelligence, international, malware, middle-east, monitoring, phishing, privacy, RedTeam, regulation, risk, risk-assessment, risk-management, soc, software, strategy, technology, threat, tool, training, usa

Generative AI is being embedded into security tools at a furious pace as CISOs adopt the technology internally to automate manual processes and improve productivity. But research also suggests this surge in gen AI adoption comes with a fair amount of trepidation among cybersecurity professionals, which CISOs must keep in mind when weaving gen AI…
Hackers Use Artificial Intelligence to Create Sophisticated Social Engineering Attacks

Dec 9, 2024 8:07 AM

Tags: ai, attack, cyber, cybercrime, fraud, hacker, intelligence, social-engineering, technology

The Federal Bureau of Investigation (FBI) has issued a warning about a growing trend in cybercrime, hackers leveraging generative artificial intelligence (AI) to develop highly sophisticated social engineering attacks. With advancements in AI technology, cybercriminals are crafting fraud schemes that are more convincing, scalable, and difficult to detect than ever before. Generative AI, a technology…
Ultralytics AI Library Compromised: Cryptocurrency Miner Found in PyPI Versions

Dec 7, 2024 10:07 PM

Tags: ai, attack, crypto, intelligence, pypi, software, supply-chain

In yet another software supply chain attack, it has come to light that two versions of a popular Python artificial intelligence (AI) library named ultralytics were compromised to deliver a cryptocurrency miner.The versions, 8.3.41 and 8.3.42, have since been removed from the Python Package Index (PyPI) repository. A subsequently released version has introduced a security…
Sophisticated Campaign Targets Manufacturing Industry with Lumma Stealer and Amadey Bot

Dec 7, 2024 5:48 AM

Tags: cyberattack, intelligence

Cyble Research and Intelligence Labs (CRIL) has uncovered a multi-stage cyberattack campaign targeting the manufacturing industry. Leveraging advanced techniques and a combination of Lumma Stealer and Amadey Bot, this campaign... First seen on securityonline.info Jump to article: securityonline.info/sophisticated-campaign-targets-manufacturing-industry-with-lumma-stealer-and-amadey-bot/
Romania ‘s election systems hit by 85,000 attacks ahead of presidential vote

Dec 7, 2024 5:48 AM

Tags: access, attack, country, credentials, cyberattack, cybercrime, data-breach, election, hacker, intelligence, russia, service, threat

Romania ‘s election systems suffered over 85,000 attacks, with leaked credentials posted on a Russian hacker forum before the presidential election. Romania ‘s Intelligence Service revealed that over 85,000 cyberattacks targeted the country’s election systems. Threat actors gained access to credentials for election-related websites, and then leaked them on Russian cybercrime forums a few days…
Trump’s AI, Crypto Czar David Sacks Faces Conflict Scrutiny

Dec 6, 2024 10:49 PM

Tags: ai, crypto, finance, intelligence

David Sacks Appointed as Trump’s AI and Crypto Czar Amid Growing Industry Concerns. President-elect Donald Trump’s appointment of former PayPal executive David Sacks to serve as the inaugural White House czar for artificial intelligence and cryptocurrency is already raising significant concerns about potential conflicts of interest and market favoritism. First seen on govinfosecurity.com Jump to…
Thales Leverages Imperva for Data Risk Intelligence

Dec 6, 2024 9:49 PM

Tags: data, intelligence, risk

First seen on scworld.com Jump to article: www.scworld.com/news/thales-leverages-imperva-for-data-risk-intelligence
Weaponized AI: Hot for Fraud, Not for Election Interference

Dec 6, 2024 5:48 PM

Tags: ai, deep-fake, election, fraud, intelligence

FBI Sees Rising AI-Enabled Fraud; Meta Reports Scant Election Interference Use Artificial intelligence: What’s it good for? Per the old song about war, the answer isn’t absolutely nothing, but so far it also isn’t absolutely everything. New findings pinpoint where generative AI and deepfakes are hot – fraud – and where they’re not – election…
Top Five Industries Most Frequently Targeted by Phishing Attacks

Dec 6, 2024 4:52 PM

Tags: attack, cyber, email, intelligence, phishing, phone

Researchers analyzed phishing attacks from Q3 2023 to Q3 2024 and identified the top five industries targeted by subject-customized emails, which often leverage personal information like names, emails, phone numbers, or company names to bypass security measures. Employing redaction techniques to protect sensitive information while providing actionable intelligence to clients ensures that valuable insights are…
Russian Hackers Hijacked Pakistani Actor Servers For C2 Communication

Dec 6, 2024 3:49 PM

Tags: access, blizzard, control, cyber, government, group, hacker, intelligence, malware, network, russia, threat

Secret Blizzard, a Russian threat actor, has infiltrated 33 command-and-control (C2) servers belonging to the Pakistani group Storm-0156, which allows Secret Blizzard to access networks of Afghan government entities and Pakistani operators. They have deployed their own malware, TwoDash and Statuezy, and leveraged Storm-0156’s malware, Waiscot and CrimsonRAT, to gather intelligence on targeted networks, which…
Russischer Geheimdienst: FSB konfisziert Smartphone, gibt es mit Spyware zurück

Dec 6, 2024 3:49 PM

Tags: intelligence, spyware

Der FSB hatte das Gerät im April beschlagnahmt. Nach der Rückgabe war plötzlich eine Spyware mit weitreichenden Zugriffsrechten installiert. First seen on golem.de Jump to article: www.golem.de/news/russischer-geheimdienst-fsb-konfisziert-smartphone-gibt-es-mit-spyware-zurueck-2412-191495.html
FCC calls for urgent cybersecurity overhaul amid Salt Typhoon espionage case

Dec 6, 2024 12:50 PM

Tags: access, at&t, attack, breach, china, cisa, communications, cyber, cyberattack, cyberespionage, cybersecurity, data, defense, espionage, framework, infrastructure, intelligence, law, monitoring, network, phone, risk, risk-management, service, technology, threat, unauthorized, usa, vulnerability

In the wake of the Salt Typhoon cyberespionage campaign allegedly linked to China, Federal Communications Commission (FCC) Chairwoman Jessica Rosenworcel has proposed immediate measures to strengthen the cybersecurity of US telecommunications infrastructure.The FCC’s action came a day after top US security agencies briefed senators and the Commission on the scope of Salt Typhoon’s espionage campaign,…
8 biggest cybersecurity threats manufacturers face

Dec 6, 2024 8:48 AM

Tags: access, ai, apt, attack, authentication, automation, awareness, business, china, cloud, computer, control, cyber, cyberattack, cybercrime, cybersecurity, data, data-breach, ddos, detection, email, encryption, exploit, extortion, firmware, framework, group, Hardware, india, infrastructure, intelligence, international, Internet, iot, iran, lazarus, leak, malicious, malware, monitoring, network, nis-2, north-korea, open-source, password, phishing, ransom, ransomware, regulation, risk, risk-analysis, risk-assessment, russia, service, software, strategy, supply-chain, technology, threat, update, vulnerability, windows

The manufacturing sector’s rapid digital transformation, complex supply chains, and reliance on third-party vendors make for a challenging cyber threat environment for CISOs.Manufacturers, often prime targets for state-sponsored malicious actors and ransomware gangs, face the difficult task of maintaining cost-effective operations while modernizing their network infrastructure.”Many manufacturing systems rely on outdated technology that lacks modern…
New Malware Campaign Exposes Gaps in Manufacturing Cybersecurity Defenses

Dec 6, 2024 8:48 AM

Tags: attack, cyberattack, cybersecurity, defense, injection, intelligence, malware

In a recent analysis by Cyble Research and Intelligence Labs (CRIL), a multi-stage cyberattack campaign has been identified, targeting the manufacturing industry. The attack, which heavily relies on process injection techniques, aims to deliver dangerous payloads, includ First seen on thecyberexpress.com Jump to article: thecyberexpress.com/lumma-stealer-amadey-bot-target-manufacturing/
Die besten Hacker-Filme

Dec 6, 2024 5:48 AM

Tags: backdoor, computer, cyber, cybercrime, dark-web, germany, governance, government, hacker, intelligence, Internet, malware, marketplace, usa
Romania’s election systems targeted in over 85,000 cyberattacks

Dec 6, 2024 1:48 AM

Tags: country, cyberattack, election, infrastructure, intelligence, service

A declassified report from Romania’s Intelligence Service says that the country’s election infrastructure was targeted by more than 85,000 cyberattacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/romanias-election-systems-targeted-in-over-85-000-cyberattacks/
Securing cloud-native applications: Why a comprehensive API security strategy is essential

Dec 6, 2024 12:49 AM

Tags: access, ai, api, attack, authentication, automation, best-practice, breach, business, cloud, compliance, control, data, data-breach, ddos, detection, exploit, finance, firewall, gartner, guide, infrastructure, intelligence, malicious, microsoft, monitoring, open-source, programming, risk, risk-management, saas, service, strategy, threat, tool, unauthorized, vulnerability, waf

Despite their capabilities and benefits, cloud-native applications also present several security challenges. Application programming interfaces (APIs) are among the top areas of risk for these applications. This isn’t surprising. As organizations look to enhance connections between digital services and increase data sharing between modern applications and systems, APIs are proliferating rapidly across hybrid and multicloud…
Russian APT Hackers Co-Opt Pakistani Infrastructure

Dec 5, 2024 9:50 PM

Tags: apt, control, espionage, group, hacker, hacking, infrastructure, intelligence, microsoft, network, russia

FSB Hackers Have Hijacked Others’ Command and Control Before. A Russian state hacking group hijacked the command and control infrastructure of a Pakistan-based espionage network as part of an ongoing intelligence-gathering operation targeting victims in Asia, finds a report from Microsoft and Black Lotus Labs. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/russian-apt-hackers-co-opt-pakistani-infrastructure-a-26982
Romanian elections targeted with cyberattacks by foreign state-sponsored actors

Dec 5, 2024 5:48 PM

Tags: access, attack, breach, computer, country, credentials, cyber, cyberattack, cybercrime, cybersecurity, data, data-breach, defense, election, exploit, government, group, infrastructure, injection, intelligence, Internet, monitoring, network, organized, password, risk, russia, service, sql, theft, threat, training, unauthorized, vulnerability

Romania, an EU and NATO member state, faced tens of thousands of intrusion attempts, some successful, that targeted its election IT infrastructure before and during the first round of its presidential elections, according to a report from the country’s main intelligence service. The Romanian Intelligence Service (SRI), which operates the National Cyberint Center tasked with detecting…
Exclusive: Feds are probing 764, The Com’s use of cybercriminal tactics to carry out violent crimes

Dec 5, 2024 4:48 PM

Tags: crime, crimes, cybercrime, group, intelligence, law, social-engineering, tactics, tool

The child sextortion group 764 and the global collective of loosely associated groups known as “The Com” are using tools and techniques normally used for financially motivated cybercrime tactics, such as SIM swapping, IP grabbing and social engineering, to commit violent crimes, according to exclusive law enforcement and intelligence reports reviewed by CyberScoop. […] First…
>>aiocpa<< Python Package Exposed as Cryptocurrency Infostealer

Dec 5, 2024 3:48 PM

Tags: crypto, cybersecurity, data-breach, intelligence, threat

SUMMARY The machine learning-based threat-hunting system of leading threat intelligence and cybersecurity firm ReversingLabs (RL) recently detected malicious… First seen on hackread.com Jump to article: hackread.com/aiocpa-python-package-cryptocurrency-infostealer/
US may plan legislation to contain Chinese cyber espionage

Dec 5, 2024 1:48 PM

Tags: advisory, ai, at&t, breach, ceo, china, cisa, cloud, cyber, cybersecurity, data, defense, espionage, finance, government, hacker, hacking, intelligence, mobile, network, phone, risk, technology, theft, threat, vulnerability

US senators were briefed behind closed doors this week on the scale of “Salt Typhoon,” an alleged Chinese cyber-espionage campaign targeting the nation’s telecommunications networks.The FBI, CISA, and other key agencies, who were part of the briefing, revealed that the sophisticated operation compromised at least eight US telecom firms, stealing metadata and call intercepts, including…
Russia-linked APT Secret Blizzard spotted using infrastructure of other threat actors

Dec 5, 2024 11:49 AM

Tags: apt, blizzard, group, infrastructure, intelligence, microsoft, russia, threat, tool

Russia-linked APT group Secret Blizzard has used the tools and infrastructure of at least 6 other threat actors during the past 7 years. Researchers from Microsoft Threat Intelligence collected evidence that the Russia-linked ATP group Secret Blizzard (aka Turla,Snake,Uroburos,Waterbug,Venomous BearandKRYPTON) has used the tools and infrastructure of at least 6 other threat actors during the…
How the Shadowserver Foundation helps network defenders with free intelligence feeds

Dec 5, 2024 6:48 AM

Tags: ceo, intelligence, Internet, network

In this Help Net Security interview, Piotr Kijewski, CEO of The Shadowserver Foundation, discusses the organization’s mission to enhance internet security by exposing … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/05/piotr-kijewski-shadowserver-foundation-secure-internet/
FBI Warns of Generative AI’s Role in Amplifying Fraud Schemes

Dec 5, 2024 5:48 AM

Tags: ai, fraud, intelligence, technology

The Federal Bureau of Investigation (FBI) has issued a public warning about the growing use of generative artificial intelligence (AI) by criminals to enhance their fraud schemes. This technology, capable... First seen on securityonline.info Jump to article: securityonline.info/fbi-warns-of-generative-ais-role-in-amplifying-fraud-schemes/
Experts Warn DHS Surveillance Tech Lacks Privacy Protections

Dec 5, 2024 12:50 AM

Tags: ai, data, intelligence, privacy, risk, tool

Privacy Advocates Warn of Risks from Expanding DHS Use of AI and Facial Recognition. The U.S. Department of Homeland Security is reportedly expanding its use of emerging surveillance tools, including drones and artificial intelligence, without proper safeguards as experts warn of potential privacy violations and risks involving facial recognition and third-party data usage. First seen…
FBI shares tips on how to tackle AI-powered fraud schemes

Dec 4, 2024 10:48 PM

Tags: ai, fraud, intelligence, jobs, scam

The FBI warns that scammers are increasingly using artificial intelligence to improve the quality and effectiveness of their online fraud schemes, ranging from romance and investment scams to job hiring schemes. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-shares-tips-on-how-to-tackle-ai-powered-fraud-schemes/
Data Risk Intelligence: Sichtbarkeit von Datenrisiken und proaktive Risikominderung neu definieren

Dec 4, 2024 8:48 AM

Tags: cio, ciso, data, intelligence, risk

Data Risk Intelligence kombiniert positions- und verhaltensbasierte Datenrisikoindikatoren, um Risiken für sensible Daten proaktiv zu erkennen und zu mindern. Erste Lösung, die die Datensicherheitsfunktionen der Imperva Data Security Fabric und der Thales CipherTrust Data Security Platform vereint, um CIOs, CISOs und Datenrisikospezialisten eine äußerst zuverlässige Risikobewertung von Daten zu bieten. Thales kündigt die… First seen…
BlackBerry Highlights Rising Software Supply Chain Risks in Malaysia

Dec 4, 2024 5:49 AM

Tags: access, ai, attack, breach, ceo, ciso, communications, compliance, cyber, cyberattack, cybersecurity, data, detection, espionage, finance, framework, government, infrastructure, intelligence, international, Internet, iot, malware, mobile, monitoring, phishing, ransomware, regulation, resilience, risk, skills, software, strategy, supply-chain, threat, tool, training, vulnerability

In 2024, BlackBerry unveiled new proprietary research, underscoring the vulnerability of software supply chains in Malaysia and around the world.According to the study, 79% of Malaysian organizations reported cyberattacks or vulnerabilities in their software supply chains during the past 12 months, slightly exceeding the global average of 76%. Alarmingly, 81% of respondents revealed they had…