Latest Cybersecurity News and Articles

---

FTC orders Cerebral to restrict how consumer data can be shared

The Federal Trade Commission (FTC) has ordered Cerebral, Inc. to restrict how the company can use and/or disclose sensitive consumer data.

---

RSAC: Experts Highlight Novel Cyber Threats and Tactics

Cybersecurity experts at the RSA Conference highlighted the growing sophistication of cyber threats, including the expanding attack surface, identity-based attacks leveraging AI-generated deepfakes, and the use of generative AI to create malware.

---

How Did Authorities Identify the Alleged Lockbit Boss?

Last week, the United States joined the U.K. and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. LockBit's leader "LockBitSupp" claims the feds named the wrong guy, saying the charges don't explain how they connected him to Khoroshev. This post examines the activities of Khoroshev's many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years.

---

State Attorneys General Implore Congress Not to Preempt Their Privacy Laws

Fifteen state attorneys general on Wednesday called on Congress to prevent new federal comprehensive data privacy legislation from preempting 17 states’ existing or recently passed laws protecting consumer privacy.

---

SHQ Response Platform and Risk Centre to Enable Management and Analysts Alike

In the last decade, there has been a growing disconnect between front-line analysts and senior management in IT and Cybersecurity. Well-documented challenges facing modern analysts revolve around a high volume of alerts, false positives, poor visibility of technical environments, and analysts spending too much time on manual tasks. The Impact of Alert Fatigue and False Positives  Analysts

---

GenAI Enables Cybersecurity Leaders to Hire More Entry-Level Talent

Aroudn 93% of security leaders said public GenAI was in use across their respective organizations, and 91% reported using GenAI specifically for cybersecurity operations, according to Splunk.

---

Severe Vulnerabilities in Cinterion Cellular Modems Pose Risks to Various Industries

Cybersecurity researchers have disclosed multiple security flaws in Cinterion cellular modems that could be potentially exploited by threat actors to access sensitive information and achieve code execution. "These vulnerabilities include critical flaws that permit remote code execution and unauthorized privilege escalation, posing substantial risks to integral communication networks and IoT

---

Black Basta Ransomware Strikes 500+ Entities Across North America, Europe, and Australia

The Black Basta ransomware-as-a-service (RaaS) operation has targeted more than 500 private industry and critical infrastructure entities in North America, Europe, and Australia since its emergence in April 2022. In a joint advisory published by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Department of Health and Human Services (HHS

---

AI-Powered Russian Network Pushes Fake Political News

Security researchers have discovered a major new Russian disinformation campaign using generative AI (GenAI) to “plagiarize and weaponize” content from major news organizations, in a bid to influence Western voters.

---

Malicious Go Binary Delivered via Steganography in PyPI

The malicious package, called "requests-darwin-lite", was a fork of the popular "requests" Python package. The attacker used the cmdclass feature in the setup.py file to customize the package installation process.

---

Feds, Military Personnel Compete in President’s Cyber Cup Challenge

Artificially Intelligent — a team of four Army servicemembers and one from the Air Force — won the 2024 President’s Cyber Cup Challenge, a five-year-old competition open to federal government and U.S. military personnel.

---

Selfie Spoofing Becomes Popular Identity Document Fraud Technique

Selfie spoofing and document image-of-image fraud have become the most prevalent identity document fraud techniques, with older demographics being targeted at nearly four times the rate, according to Socure.

---

FIN7 Uses Trusted Brands and Sponsored Google Ads to Distribute MSIX Payloads

The financially motivated group FIN7 has been observed leveraging malicious Google ads that impersonate legitimate brands to deliver NetSupport RAT, highlighting the ongoing threat of malvertising and the abuse of signed MSIX files by cybercriminals.

---

Malicious Python Package Hides Sliver C2 Framework in Fake Requests Library Logo

Cybersecurity researchers have identified a malicious Python package that purports to be an offshoot of the popular requests library and has been found concealing a Golang-version of the Sliver command-and-control (C2) framework within a PNG image of the project's logo.  The package employing this steganographic trickery is requests-darwin-lite, which has been

---

National Cyber Security Centre CTO: The tech market isn't working

Ollie Whitehouse will say in his keynote speech that companies globally know how to build resilient, secure technology, but the market does not incentivise them to do so.

---

Attack Makes Autonomous Vehicle Tech Ignore Road Signs

Researchers have developed a technique called "GhostStripe" that can exploit the camera-based computer vision systems of autonomous vehicles, causing them to fail to recognize road signs, making it very risky for Tesla and Baidu Apollo vehicles.

---

FIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RAT

The financially motivated threat actor known as FIN7 has been observed leveraging malicious Google ads spoofing legitimate brands as a means to deliver MSIX installers that culminate in the deployment of NetSupport RAT. "The threat actors used malicious websites to impersonate well-known brands, including AnyDesk, WinSCP, BlackRock, Asana, Concur, The Wall

---

'The Mask' Espionage Group Resurfaces After 10-Year Hiatus

An advanced persistent threat (APT) group that has been missing in action for more than a decade has suddenly resurfaced in a cyber-espionage campaign targeting organizations in Latin America and Central Africa.

---

Update your Chrome browser ASAP. Google has confirmed a zero-day exploited in the wild

A new Chrome JavaScript security hole is nasty, so don't waste any time patching your systems.

---

MoD contractor hacked by China failed to report breach for months

Exclusive: Defence ministry was told in recent days that staff details accessed but sources say SSCL knew in FebruaryThe IT company targeted in a Chinese hack that accessed the data of hundreds of thousands of Ministry of Defence staff failed to report the breach for months, the Guardian can reveal.The UK defence secretary, Grant Shapps, told MPs on Tuesday that Shared Services Connected Ltd (SSCL) had been breached by a malign actor and “state involvement” could not be ruled out. Continue reading...