Singapore Banks to Phase Out OTPs for Online Logins Within 3 Months
Retail banking institutions in Singapore have three months to phase out the use of one-time passwords (OTPs) for authentication purposes when signing into online accounts to mitigate the risk of phishing attacks. The decision was announced by the Monetary Authority of Singapore (MAS) and The Association of Banks in Singapore (ABS) on July 9, 2024. […]
New HardBit Ransomware 4.0 Uses Passphrase Protection to Evade Detection
Cybersecurity researchers have shed light on a new version of a ransomware strain called HardBit that comes packaged with new obfuscation techniques to deter analysis efforts. « Unlike previous versions, HardBit Ransomware group enhanced the version 4.0 with passphrase protection, » Cybereason researchers Kotaro Ogino and Koshi Oyama said in an analysis. « The passphrase needs to be […]
GPT-4 et l’analyse financière : une révolution en marche ?
Une étude récente a révélé que le GPT-4 d’OpenAI pourrait analyser les états financiers et, dans certains cas, prédire les performances futures d’une entreprise mieux qu’un analyste humain.
AT&T Confirms Data Breach Affecting Nearly All Wireless Customers
American telecom service provider AT&T has confirmed that threat actors managed to access data belonging to « nearly all » of its wireless customers as well as customers of mobile virtual network operators (MVNOs) using AT&T’s wireless network. « Threat actors unlawfully accessed an AT&T workspace on a third-party cloud platform and, between April 14 and April 25, […]
DarkGate Malware Exploits Samba File Shares in Short-Lived Campaign
Cybersecurity researchers have shed light on a short-lived DarkGate malware campaign that leveraged Samba file shares to initiate the infections. Palo Alto Networks Unit 42 said the activity spanned the months of March and April 2024, with the infection chains using servers running public-facing Samba file shares hosting Visual Basic Script (VBS) and JavaScript files. […]
Australian Defence Force Private and Husband Charged with Espionage for Russia
Two Russian-born Australian citizens have been arrested and charged in the country for spying on behalf of Russia as part of a « complex » law enforcement operation codenamed BURGAZADA. This includes a 40-year-old woman, an Australian Defence Force (ADF) Army Private, and her husband, a 62-year-old self-employed laborer. Media reports have identified them as Kira Korolev […]
Critical Exim Mail Server Vulnerability Exposes Millions to Malicious Attachments
A critical security issue has been disclosed in the Exim mail transfer agent that could enable threat actors to deliver malicious attachments to target users’ inboxes. The vulnerability, tracked as CVE-2024-39929, has a CVSS score of 9.1 out of 10.0. It has been addressed in version 4.98. « Exim through 4.97.1 misparses a multiline RFC 2231 […]
Ever Wonder How Hackers Really Steal Passwords? Discover Their Tactics in This Webinar
In today’s digital age, passwords serve as the keys to our most sensitive information, from social media accounts to banking and business systems. This immense power brings with it significant responsibility—and vulnerability. Most people don’t realize their credentials have been compromised until the damage is done. Imagine waking up to drained bank accounts, stolen identities, […]
U.S. Seizes Domains Used by AI-Powered Russian Bot Farm for Disinformation
The U.S. Department of Justice (DoJ) said it seized two internet domains and searched nearly 1,000 social media accounts that Russian threat actors allegedly used to covertly spread pro-Kremlin disinformation in the country and abroad on a large scale. « The social media bot farm used elements of AI to create fictitious social media profiles — […]
Compromission de la bibliothèque polyfill[.]io (11 juillet 2024)
Résumé Le 25 juin 2024, l’éditeur Sansec indique que des redirections malveillantes sont déployées par la bibliothèque polyfill.js. Cette dernière est employée par plusieurs centaines de milliers de sites à travers le monde et permet à des sites web de supporter des navigateurs obsolètes comme…