The US Department of Health and Human Services (HHS) has issued a warning that hackers are attempting to target the helpdesks of hospitals in order to gain access to critical hospital systems. The hackers have been observed contacting hospital IT help desks using local area code phone numbers and then pretending to be a hospital … Read more
The future of mobile malware is here. For the first time, cybercriminals are infiltrating iOS and Android devices and stealing user face scans. Then, armed with the power of deepfakes and AI, they’re replicating the user’s likeness to break into their bank accounts. Yes, you read that correctly. Today’s technology allows bad actors to spoof … Read more
The US Cybersecurity and Infrastructure Security Agency (CISA) has added a new Microsoft Sharepoint Server vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, signaling that hackers have begun exploiting it in the wild. The vulnerability is tracked as CVE-2023-24955, and carries a severity score of 7.2. It is described as a critical remote code execution … Read more
The Ray framework, an open source tool for AI and Python workload scaling, is vulnerable to half a dozen flaws that allow hackers to hijack the devices and steal sensitive data. This is according to cybersecurity researchers from Oligo, who published their findings on a new hacking campaign they dubbed “ShadowRay”. Apparently active since early … Read more
Security researchers have found a relatively easy and cheap way to clone the keycards used on three million Saflok electronic RFID locks in 13,000 hotels and homes all over the world. The keycard and lock manufacturer, Dormakaba, has been notified, and it is currently working to replace the vulnerable hardware – but it’s a long, … Read more
An unpatchable vulnerability has been discovered in Apple’s M-series chips that allows attackers to extract secret encryption keys from Macs under certain conditions, according to a newly published academic research paper. Named “GoFetch,” the type of cyber attack described involves Data Memory-Dependent Prefetchers (DMPs), which try to predict what data the computer will need next … Read more
If a hacker can monitor the internet traffic between their target and the target’s cloud-based AI assistant, they could easily pick up on the conversation. And if that conversation contained sensitive information – that information would end up in the attackers’ hands, as well. This is according to a new analysis from researchers at the … Read more
Microsoft recently patched a vulnerability in Windows SmartScreen, but not before hackers abused it as a zero-day to drop the DarkGate malware. A report from cybersecurity researchers Trend Micro detailed a new campaign that included phishing emails with malicious PDF files, open redirects via Google DoubleClick Digital Marketing (DDM), and Microsoft installers (.MSI) impersonating legitimate … Read more
For years, Registered Agents Inc.—a secretive company whose business is setting up other businesses—has registered thousands of companies to people who appear to not exist. Multiple former employees tell WIRED that the company routinely incorporates businesses on behalf of its customers using what they claim are fake personas. An investigation found that incorporation paperwork for … Read more
Russian hackers keep trying to infiltrate Microsoft, the company These hacks follow a of last year, in which state-sponsored agents obtained the emails of Microsoft’s senior level managers. An internal investigation led by Microsoft identified the hackers in both instances as a Russian group called Midnight Blizzard. It looks like Midnight Blizzard has gotten bolder … Read more