Welcome to v060 : Dashing through the net, in a cloud-based CMS
December 4, 2024
AI: Microsoft Details ‘Skeleton Key’ AI Jailbreak Technique
| Microsoft has tricked several gen-AI models into providing forbidden information using a jailbreak technique named Skeleton Key. |  |
Attack: Microsoft Alerts More Customers to Email Theft in Expanding Midnight Blizzard Hack
 |
Shockwaves from the Russian government’s hack of Microsoft’s corporate infrastructure continue to spread as the victim pool widens. |
Breach: Ticketmaster sends notifications about recent massive data breach
| Ticketmaster has started to notify customers who were impacted by a data breach after hackers stole the company’s Snowflake database, containing the data of millions of people. |  |
Cyber Savvy AI Antics |
 |
|
Prompt: Create two cybersecurity riddles – but make them about an update causing the microsoft blue screen of death 1. What brings an update meant to protect, but instead leaves your screen in blue regret? 2. What is the software meant to guard, but after an update, leaves your PC scarred? |
News: TeamViewer Credits Network Segmentation for Rebuffing APT29 Attack
| Despite warnings from Health-ISAC and the NCC Group, the remote access software maker says defense-in-depth kept customers’ data safe from Midnight Blizzard. |  |
News: How MFA Failures are Fueling a 500% Surge in Ransomware Losses
 |
The cybersecurity threat landscape has witnessed a dramatic and alarming rise in the average ransomware payment, an increase exceeding 500%. Sophos, a global leader in cybersecurity, revealed in its annual “State of Ransomware 2024” report that the average ransom payment has increased 500% in the last year with organizations that paid a ransom reporting an average payment of $2 million, up from $400,000 in 2023. |
News: Australian Man Charged for Fake Wi-Fi Scam on Domestic Flights
| An Australian man has been charged with running a fake Wi-Fi access point during a domestic flight with an aim to steal user credentials and data. |  |
Attack: HubSpot Warns of Ongoing Cyberattacks Targeting Customer Accounts
 |
HubSpot is “actively investigating and blocking attempts” to hack into customer accounts but some targets have already been compromised. |
News: Microsoft: Windows 11 22H2 reaches end of service in October
| Microsoft reminded customers today that multiple editions of Windows 11, version 22H2, will reach the end of servicing (EOS) in three months, on October 8, 2024. |  |
Incident: Roblox vendor data breach exposes dev conference attendee info
 |
Roblox announced late last week that it suffered a data breach impacting attendees of the 2022, 2023, and 2024 Roblox Developer Conference attendees. |
News: U.S. Seizes Domains Used by AI-Powered Russian Bot Farm for Disinformation
| The U.S. Department of Justice (DoJ) said it seized two internet domains and searched nearly 1,000 social media accounts that Russian threat actors allegedly used to covertly spread pro-Kremlin disinformation in the country and abroad on a large scale. |  |
Breach: AT&T Confirms Data Breach Affecting Nearly All Wireless Customers
 |
American telecom service provider AT&T has confirmed that threat actors managed to access data belonging to “nearly all” of its wireless customers as well as customers of mobile virtual network operators (MVNOs) using AT&T’s wireless network. |
Cybercrime: New FishXProxy Phishing Kit Making Phishing Accessible to Script Kiddies
| A new phishing kit, FishXProxy, makes it alarmingly easy for cybercriminals to launch deceptive attacks. Learn how it works and how to protect yourself from these scams |  |
News: Technology and cyber crime: how to keep out the bad guys
 |
Maintaining strict security protocols and monitoring your firm’s digital activity can improve your chances of fending off an attack |
Cybercrime: 10,000 Victims a Day: Infostealer Garden of Low-Hanging Fruit
| Imagine you could gain access to any Fortune 100 company for $10 or less, or even for free. Terrifying thought, isn’t it? Or exciting, depending on which side of the cybersecurity barricade you are on. Well, that’s basically the state of things today. Welcome to the infostealer garden of low-hanging fruit. |  |
New HardBit Ransomware 4.0 Uses Passphrase Protection to Evade Detection
 |
Cybersecurity researchers have shed light on a new version of a ransomware strain called HardBit that comes packaged with new obfuscation techniques to deter analysis efforts. |
Vulnerability Vortex
Microsoft’s July Update Patches 143 Flaws, Including Two Actively Exploited
| Microsoft has released patches to address a total of 143 security flaws as part of its monthly security updates, two of which have come under active exploitation in the wild. |  |
New Ransomware Group Exploiting Veeam Backup Software Vulnerability
 |
A now-patched security flaw in Veeam Backup & Replication software is being exploited by a nascent ransomware operation known as EstateRansomware. |
Cisco Warns of Critical Flaw Affecting On-Prem Smart Software Manager
| Cisco has released patches to address a maximum-severity security flaw impacting Smart Software Manager On-Prem (Cisco SSM On-Prem) that could enable a remote, unauthenticated attacker to change the password of any users, including those belonging to administrative users. |  |
Chrome 126 Updates Patch High-Severity Vulnerabilities
 |
Chrome 126 security updates released this week resolve high-severity vulnerabilities reported by external researchers. |
Read also
About Us
Developing cybersecurity plans, evaluating and implementing technology, building effective software, and executing strategic initiatives.
Let’s Socialize
Popular Post
Welcome to v059 : It’s Cyber Budget Time
November 12, 2024