The Week in Ransomware – December 22nd 2023 – BlackCat hacked
Earlier this month, the BlackCat/ALPHV ransomware operation suffered a five-day disruption to their Tor data leak and negotiation sites, rumored to be…
Ransomware Attackers Abuse Multiple Windows CLFS Driver Zero-Days
Attackers were escalating privileges left and right in 2023, thanks to one performance-oriented, security-lacking driver.
Google fixes 8th Chrome zero-day exploited in attacks this year
Google has released emergency updates to fix another Chrome zero-day vulnerability exploited in the wild, the eighth patched since the…
Terrapin attacks can downgrade security of OpenSSH connections
Academic researchers developed a new attack called Terrapin that manipulates sequence numbers during the handshake process to breaks the SSH…
Ransomware Gangs Use PR Charm Offensive to Pressure Victims
Threat actors are fully embracing the spin machine: rebranding, speaking with the media, writing detailed FAQs, and more, all in…
Privilege elevation exploits used in over 50% of insider attacks
Elevation of privilege flaws are the most common vulnerability leveraged by corporate insiders when conducting unauthorized activities on networks, whether…
Russian military hackers target NATO fast reaction corps
Russian APT28 military hackers used Microsoft Outlook zero-day exploits to target multiple European NATO member countries, including a NATO Rapid…
New SLAM attack steals sensitive data from AMD, future Intel CPUs
Academic researchers developed a new side-channel attack called SLAM that exploits hardware features designed to improve security in upcoming CPUs…
Embrace Generative AI for Security, but Heed Caution
AI could be a net positive for security, with a caveat: It could make security teams dangerously complacent.
Russian hackers exploiting Outlook bug to hijack Exchange accounts
Microsoft's Threat Intelligence team issued a warning earlier today about the Russian state-sponsored actor APT28 (aka "Fancybear" or "Strontium") actively…