OpenAI blocks state-sponsored hackers from using ChatGPT
OpenAI has removed accounts used by state-sponsored threat groups from Iran, North Korea, China, and Russia, that were abusing its…
Ubuntu ‘command-not-found’ tool can be abused to spread malware
A logic flaw between Ubuntu's 'command-not-found' package suggestion system and the snap package repository could enable attackers to promote malicious…
MGM & Caesars Cyberattacks: Lessons Learned
By Tim Callan, Chief Experience Officer, Sectigo In the aftermath of the MGM and Caesars cyberattacks, many IT professionals are…
Patch Now: Critical TeamCity Bug Allows for Server Takeovers
Cyberattackers can exploit a vulnerability in JetBrain's continuous integration and delivery (CI/CD) server (a popular APT target) to gain administrative…
Ukraine Military Targeted With Russian APT PowerShell Attack
The attack, associated with Shuckworm, employs TTPs observed in prior campaigns against the Ukrainian military, predominantly using PowerShell.
More Ivanti VPN Zero-Days Fuel Attack Frenzy as Patches Finally Roll
Both China-backed APTs and ordinary cyberattackers have seized on a pair of Ivanti VPN bugs for global exploitation.
North Korea–Russia Summit
A new alliance in cyberspace? By Stan Vitek, Resident Geopolitical Analyst, Cyfirma Introduction Last month, North Korean leader Kim Jong…
Microsoft: Iran’s Mint Sandstorm APT Blasts Educators, Researchers
The Charming Kitten-related cyber-espionage group is posing as legitimate journalists and researchers to get intel on the Israel-Hamas war.
Ivanti Connect Secure zero-days exploited to deploy custom malware
Hackers have been exploiting the two zero-day vulnerabilities in Ivanti Connect Secure disclosed this week since early December to deploy multiple…
Ivanti warns critical EPM bug lets hackers hijack enrolled devices
Ivanti fixed a critical remote code execution (RCE) vulnerability in its Endpoint Management software (EPM) that can let unauthenticated attackers hijack…