Infosecurity News
Vulnerability in Windows Driver Leads to System Crashes
The CVE-2024-6768 flaw in the Windows CLFS.sys driver can lead to BSOD
DARPA Awards $14m to Seven Teams in AI Cyber Challenge
DARPA awards $14 million to seven teams competing to develop AI systems capable of identifying and patching vulnerabilities in open-source software
UN Adopts Controversial Cybercrime Treaty
Many stakeholders said the future UN convention could allow authoritarian countries to stifle political opposition and violate human rights
Microsoft Reveals Iranian US Election Interference Ops
Microsoft claims Iran is ramping up election interference activity in the US, as Trump campaign claims it was hacked
Man in Dock Accused of Breaking Hi-Tech Export Controls
Arthur Petrov is accused of exporting US chips for manufacturers supplying weaponry and equipment to the Russian military
#BHUSA: CISA Encourages Organizations to Adopt a 'Secure by Demand' Strategy
CISA Director Jen Easterly calls on organizations to drive cybersecurity improvements through a 'Secure by Demand' approach
#BHUSA: CoSAI, Combating AI Risks Through Industry Collaboration
Leading AI companies have formed the Coalition for Secure AI (CoSAI) to address the growing cybersecurity risks posed by artificial intelligence
OpenAI Leadership Split Over In-House AI Watermarking Technology
One primary concern is that the tool might turn ChatGPT users away from the product
Threat Actors Favor Rclone, WinSCP and cURL as Data Exfiltration Tools
ReliaQuest found that Rclone, WinSCP and cURL were the top three data exfiltration tools utilized by threat actors over the past year
#BHUSA: CISA Director Confident in US Election Security
CISA Director Jen Easterly expressed strong confidence in the integrity of US election, despite ongoing cybersecurity threats to democratic processes
#BHUSA: Ransomware Drill Targets Healthcare in Operation 911
A ransomware tabletop exercise was conducted against a fictious hospital, aiming to educate attendees of how to fight against such threats
SEC Investigation into Progress MOVEit Hack Ends Without Charges
After months of investigation, the SEC decided not to recommend any enforcement action against software provider Progress regarding the supply chain attack
Phishing Attack Exploits Google, WhatsApp to Steal Data
The LOTS attack uses trusted sites like Google Drawings and WhatsApp to trick users into sharing data
North Korea Kimsuky Launch Phishing Attacks on Universities
Kimsuky was observed phishing university staff to steal valuable research for North Korea
BlackSuit/Royal Ransomware Group Has Demanded $500m
CISA and FBI report claims the BlackSuit ransomware collective has extracted at least $500m from victims
Ethical Hackers Steal and Return $12m to Ronin Network
Hackers stole $12m in virtual currency from Ronin Network, which has previously suffered a massive $620m heist
#BHUSA: CrowdStrike Outage Serves as Dress Rehearsal for China-Led Cyber-Attacks
US cybersecurity officials warn that the recent CrowdStrike outage serves as a stark reminder of potential widespread disruptions from cyber-attacks
Ireland's DPC Takes Twitter to Court Over AI User Data Concerns
The Irish data protection watchdog accuses X Corp’s European subsidiary of breaching GDPR with Grok AI training
#BHUSA: New Ransomware Groups Emerge Despite Crackdowns
A surge in new ransomware groups is fueling the cybercrime epidemic as financial incentives outweigh risks for attackers, despite law enforcement efforts
Microsoft 365 Phishing Alert Can Be Hidden with CSS
Microsoft 365's anti-phishing tip can be hidden via CSS, as shown by Certitude's Moody and Ettlinger
