Month: January 2024
Nitrogen shelling malware from hacked sites
Threat actors are using all the tools at their disposal to deliver malware. Malicious ads are only one step in the chain, with compromised sites providing the free hosting and changing capabilities that can evade detection.
Read moreSmarter, Meaner, Sneakier: Security Trends for 2024
Credit to Author: Jon Clay| Date: Wed, 31 Jan 2024 00:00:00 +0000
Learn how hackers are getting smarter, ruder, meaner, and sneakier and what to do about it with this overview of cybersecurity trends in 2024.
Read moreChatGPT accused of breaking data protection rules
An Italian investigation into privacy concerns has given ChatGPT 30 days to defend itself.
Read moreApple and Google Just Patched Their First Zero-Day Flaws of the Year
Credit to Author: Kate O’Flaherty| Date: Wed, 31 Jan 2024 12:00:00 +0000
Plus: Google fixes dozens of Android bugs, Microsoft rolls out nearly 50 patches, Mozilla squashes 15 Firefox flaws, and more.
Read morePawn Storm Uses Brute Force and Stealth Against High-Value Targets
Credit to Author: Feike Hacquebord| Date: Wed, 31 Jan 2024 00:00:00 +0000
Based on our estimates, from approximately April 2022 until November 2023, Pawn Storm attempted to launch NTLMv2 hash relay attacks through different methods, with huge peaks in the number of targets and variations in the government departments that it targeted.
Read moreJoin us at InfoSec Jupyterthon 2024
Credit to Author: Microsoft Threat Intelligence| Date: Mon, 29 Jan 2024 18:00:00 +0000
Jupyter notebooks are continuing to grow in popularity in information security as an alternative or supplement to mainstream security operations center (SOC) tools. Notebooks can be used interactively for threat detection and response, or as automated tasks in a larger pipeline. Their flexibility and ability to combine code, data analysis, and visualization in a single, […]
The post Join us at InfoSec Jupyterthon 2024 appeared first on Microsoft Security Blog.
Read moreBest practices in moving to cloud native endpoint management
Credit to Author: Jason Roszak| Date: Mon, 29 Jan 2024 17:00:00 +0000
This blog is the second of three that details our recommendation to adopt cloud native device management. Understand the lessons from various Intune customers in their journeys and how they achieved greater security, cost savings, and readiness for the future through their cloud transformations.
The post Best practices in moving to cloud native endpoint management appeared first on Microsoft Security Blog.
Read moreFla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider
Credit to Author: BrianKrebs| Date: Tue, 30 Jan 2024 19:07:18 +0000
On Jan. 9, 2024, U.S. authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S. technology companies during the summer of 2022.
Read more