9 November 2023
2023
TikTok Faces Further Bans in Europe
Akshaya Asokan
https://www.bankinfosecurity.com/tiktok-faces-further-bans-in-europe-a-21540?&web_view=true
Excerpt:
“The French government is the latest to announce a ban on the use of TikTok on government devices, citing data privacy and cybersecurity concerns.”
Europol details ChatGPT’s potential for criminal abuse
https://www.helpnetsecurity.com/2023/03/28/europol-chatgpt-criminal-abuse/?web_view=true
Exceprt:
“With the increased public interest in ChatGPT, the Europol Innovation Lab took the matter seriously and conducted a series of workshops involving subject matter experts from various departments of Europol. These workshops aimed to investigate potential ways in which large language models (LLMs) like ChatGPT can be exploited by criminals and how they can be utilized to aid investigators in their day-to-day tasks.”
Balancing security risks and innovation potential of shadow IT teams
https://www.helpnetsecurity.com/2023/03/28/shadow-it-teams/?web_view=true
Excerpt:
“Shadow IT teams, also known as rogue IT teams, have grown in popularity in recent years due to the rise of cloud-based apps and remote work. However, this has led to operational tension and security risks within many businesses.”
Outlook Zero-Day Needs Quick Patching : Microsoft
https://cyware.com/news/outlook-zero-day-needs-quick-patching-microsoft-412cc77c
Excerpt:
“Earlier this month, Microsoft disclosed that a Russian hacking group Fancy Bear, aka APT28, exploited a zero-day in Microsoft’s flagship email management software, Outlook, between mid-April and December 2022. The company recently shared additional details, and guidance to help customers discover IoCs associated with the vulnerability to minimize the attack surface.”
New MacStealer macOS Malware Steals iCloud Keychain Data and Passwords
LakshmananData
https://thehackernews.com/2023/03/new-macstealer-macos-malware-steals.html
Excerpt:
“A new information-stealing malware has set its sights on Apple's macOS operating system to siphon sensitive information from compromised devices.”
|
Hackers attack Wisconsin court system computer network Excerpt: “A cyberattack began early this week, according to a statement from court officials. Network users may have experienced intermittent service or slower than usual response times from online services, court officials said. Asked when specifically the attack began and if it's still ongoing, courts spokesman Tom Sheehan said in an email that he had no further information.” Nexus: New Feature-Rich Android Banking Trojan https://cyware.com/news/nexus-new-feature-rich-android-banking-trojan-8eac8ace Exceprt: “A relatively new banking trojan, dubbed Nexus, is being promoted as a MaaS subscription on dark web forums. It is said to have a wide range of capabilities required to take over banking and cryptocurrency accounts, and a built-in list of exploits for over 450 banking and financial applications.” MITRE Rolls Out Supply Chain Security Prototype https://www.darkreading.com/risk/mitre-rolls-out-supply-chain-security-prototype?&web_view=true Excerpt: “MITRE has quietly released a cloud-based prototype platform for its new System of Trust (SoT) framework that defines and quantifies risks and cybersecurity concerns for the supply chain.” New Instagram scam uses fake SHEIN gift cards as lure Luis Corrons https://blog.avast.com/shein-instagram-scam?&web_view=true Excerpt: “This social media scam begins with a comment from a random account on a user’s post, which congratulates the victim saying they’re one of the 2023 lucky ones selected to receive a SHEIN gift card.” Pwn2Own Vancouver 2023 Day 2: Microsoft Teams, Oracle VirtualBox, and Tesla hacked Pierluigi Paganini https://securityaffairs.com/143950/hacking/pwn2own-vancouver-2023-day-2.html?web_view=true Excerpt: “On the second day of Pwn2Own Vancouver 2023, the organization awarded $475,000 for 10 unique zero-day vulnerabilities, bringing the total awarded to $850,000! The bug hunters demonstrated zero-day attacks against the Oracle VirtualBox virtualization platform, Microsoft Teams, Tesla Model 3, and the Ubuntu Desktop OS.”
|