Megaupload duo will go to prison at last, but Kim Dotcom fights on…
Credit to Author: Paul Ducklin| Date: Mon, 19 Jun 2023 16:59:00 +0000
One, sadly, has died, and two are heading to prison, but for Kim Dotcom, the saga goes on…
Read moreMonth: June 2023
Recent Teams, Office outages were caused by cyberattacks: Microsoft
Microsoft has confirmed that recent outages to its popular services, including Outlook, Teams, OneDrive, and cloud computing platform Azure, were caused by a DDoS attack by a threat actor that the company tracks as Storm-1359.
Also known as Anonymous Sudan, Storm-1359 was first detected in January, targeting organizations and government agencies with DDoS attacks and efforts to exfiltrate data. The threat actor was initially assumed to be a “hacktivist” group protesting a controversial outfit at the Melbourne Fashion Week but has since been linked to the Russian state, according to several media reports.
Apple beefs up enterprise identity, device management
Last week at WWDC, Apple introduced new capabilities related to Managed Apple IDs and to user identity overall.
Managed Apple IDs have been around for some time. They handle many of the same tasks as personal Apple IDs, but are owned by an organization rather than the end user and are typically created alongside a user’s enterprise identity through federated authentication with a company’s identity provider.
Managed IDs allow a user to activate and use an Apple device — whether company owned or personal BYOD— and create a business profile on employee devices. Additionally, they provide Apple services including some core iCloud functionality such as backing up the work-related content on the device and syncing app data from Mail, Calendar, Contacts, and Notes. They also allow IT to manage what resources and devices a user can access, reset passwords, and help with Apple device management.
Humans Aren’t Mentally Ready for an AI-Saturated ‘Post-Truth World’
.jpg)
Credit to Author: Thor Benson| Date: Sun, 18 Jun 2023 11:00:00 +0000
The AI era promises a flood of disinformation, deepfakes, and hallucinated “facts.” Psychologists are only beginning to grapple with the implications.
Read moreA Newly Named Group of GRU Hackers is Wreaking Havoc in Ukraine
Credit to Author: Andy Greenberg, Andrew Couts| Date: Sat, 17 Jun 2023 13:00:00 +0000
Plus: The arrest of an alleged Lockbit ransomware hacker, the wild tale of a problematic FBI informant, and one of North Korea’s biggest crypto heists.
Read moreClop Hacking Rampage Hits US Agencies and Exposes Data of Millions
Credit to Author: Lily Hay Newman| Date: Fri, 16 Jun 2023 21:25:48 +0000
The ransomware gang Clop exploited a vulnerability in a file transfer service. The flaw is now patched, but the damage is still coming into focus.
Read moreMOVEit discloses THIRD critical vulnerability
Categories: Exploits and vulnerabilities Categories: News Categories: Ransomware Tags: Progress Tags: Moveit Tags: CVE-2023-34362 Tags: CVE-2023-35036 Tags: Cl0p Progress has released an advisory about yet another MOVEit Transfer vulnerability while new victims of the first one keep emerging. |
The post MOVEit discloses THIRD critical vulnerability appeared first on Malwarebytes Labs.
Read moreFake security researchers push malware files on GitHub
Categories: News Tags: GitHub Tags: malware Tags: repository Tags: security researcher Tags: fake Tags: download Tags: scam Tags: twitter Tags: social We take a look at reports of fake security researchers offering up malware downloads via GitHub repositories. |
The post Fake security researchers push malware files on GitHub appeared first on Malwarebytes Labs.
Read moreUpdate 2: Information on MOVEit Vulnerabilities CVE-2023-34362, CVE-2023-35036, and CVE-2023-35708
Credit to Author: Christopher Budd| Date: Mon, 05 Jun 2023 21:50:09 +0000
Users of the file-transfer package should apply patches immediately and check for indications of possible compromise
Read moreJune's Patch Tuesday updates focus on Windows, Office
Microsoft released 73 updates to its Windows, Office, and Visual Studio platforms on Patch Tuesday, with many of them dealing with core, but not urgent, security vulnerabilities. That’s a welcome respite from the previous six months of urgent zero-days and public disclosures. With that in mind, the Readiness testing team suggests a focus on printing and backup/recovery processes to make sure they’re not affected by this update cycle.
For the first time, we see a (non-Adobe) third-party vendor added to a Patch Tuesday release, with three minor plugin updates to Visual Studio for AutoDesk. Expect to see more such vendors added to Microsoft’s updates in the near future. The team at Readiness has created a useful infographic that outlines the risks associated with each of the updates.