The operators of the SystemBC proxy botnet are hunting for vulnerable commercial virtual private servers (VPS) and maintain an average of 1,500 bots every day that provide a highway for malicious traffic. […]
ChatGPT Deep Research Targeted in Server-Side Data Theft Attack
OpenAI has fixed this zero-click attack method called by researchers ShadowLeak.
The post ChatGPT Deep Research Targeted in Server-Side Data Theft Attack appeared first on SecurityWeek.
SonicWall Urges Password Resets After Cloud Backup Breach Affecting Under 5% of Customers
SonicWall is urging customers to reset credentials after their firewall configuration backup files were exposed in a security breach impacting MySonicWall accounts.
The company said it recently detected suspicious activity targeting the cloud backup service for firewalls, and that unknown threat actors accessed backup firewall preference files stored in the cloud for less than 5% of its
The company said it recently detected suspicious activity targeting the cloud backup service for firewalls, and that unknown threat actors accessed backup firewall preference files stored in the cloud for less than 5% of its
Target-rich environment: Why Microsoft 365 has become the biggest risk
Microsoft 365’s dominance and tight integration makes it a massive target in today’s cyber landscape. Its tight integration expands the attack surface and amplifies risk. Learn from Acronis TRU why backup blind spots & lateral movement risks demand stronger defenses. […]
Notepad gets free AI features on Copilot+ PCs with Windows 11
Microsoft is adding free AI-powered text writing capabilities to Notepad for customers with Copilot+ PCs running Windows 11. […]
PyPI invalidates tokens stolen in GhostAction supply chain attack
The Python Software Foundation team has invalidated all PyPI tokens stolen in the GhostAction supply chain attack in early September, confirming that the threat actors didn’t abuse them to publish malware. […]
CountLoader Broadens Russian Ransomware Operations With Multi-Version Malware Loader
Cybersecurity researchers have discovered a new malware loader codenamed CountLoader that has been put to use by Russian ransomware gangs to deliver post-exploitation tools like Cobalt Strike and AdaptixC2, and a remote access trojan known as PureHVNC RAT.
“CountLoader is being used either as part of an Initial Access Broker’s (IAB) toolset or by a ransomware affiliate with ties to the LockBit,
“CountLoader is being used either as part of an Initial Access Broker’s (IAB) toolset or by a ransomware affiliate with ties to the LockBit,
Watch Now: Attack Surface Management Summit – All Sessions Available
Videos from SecurityWeek’s Attack Surface Management Virtual Summit are now available to watch on demand.
The post Watch Now: Attack Surface Management Summit – All Sessions Available appeared first on SecurityWeek.
Tiffany Data Breach Impacts Thousands of Customers
The high-end jewelry retailer is informing customers in the United States and Canada that hackers accessed information related to gift cards.
The post Tiffany Data Breach Impacts Thousands of Customers appeared first on SecurityWeek.
SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers
Cybersecurity researchers have discovered two new malicious packages in the Python Package Index (PyPI) repository that are designed to deliver a remote access trojan called SilentSync on Windows systems.
“SilentSync is capable of remote command execution, file exfiltration, and screen capturing,” Zscaler ThreatLabz’s Manisha Ramcharan Prajapati and Satyam Singh said. “SilentSync also extracts
“SilentSync is capable of remote command execution, file exfiltration, and screen capturing,” Zscaler ThreatLabz’s Manisha Ramcharan Prajapati and Satyam Singh said. “SilentSync also extracts