A new attack technique could be used to bypass Microsoft’s Driver Signature Enforcement (DSE) on fully patched Windows systems, leading to operating system (OS) downgrade attacks. “This bypass allows loading unsigned kernel drivers, enabling attackers to deploy custom rootkits that can neutralize security controls, hide processes and network activity, maintain stealth, and much more,” SafeBreach […]
Cyber News
Alert: Hackers From North Korea Are Infiltrating Remote Teams Could One Already Be On Yours? Thought your new remote hire was just a tech genius? One company found out he was secretly working for North Korea—and it didn’t end well. Sounds like a Hollywood plot, but it’s real. A company recently hired a North Korean […]
Cyber Thoughts
The infamous cryptojacking group known as TeamTNT appears to be readying for a new large-scale campaign targeting cloud-native environments for mining cryptocurrencies and renting out breached servers to third-parties. “The group is currently targeting exposed Docker daemons to deploy Sliver malware, a cyber worm, and cryptominers, using compromised servers and Docker Hub as the infrastructure […]
Cyber News
Four members of the now-defunct REvil ransomware operation have been sentenced to several years in prison in Russia, marking one of the rare instances where cybercriminals from the country have been convicted of hacking and money laundering charges. Russian news publication Kommersant reported that a court in St. Petersburg found Artem Zaets, Alexei Malozemov, Daniil […]
Cyber News
The Computer Emergency Response Team of Ukraine (CERT-UA) has detailed a new malicious email campaign targeting government agencies, enterprises, and military entities. “The messages exploit the appeal of integrating popular services like Amazon or Microsoft and implementing a zero-trust architecture,” CERT-UA said. “These emails contain attachments in the form of Remote Desktop Protocol (‘.rdp’) configuration […]
Cyber News
A giant squid has washed up on a beach in Northern Spain. Blog moderation policy.
Cyber News
Graham CLULEY October 25, 2024 Promo Protect all your devices, without slowing them down. Free 30-day trial A US $10 million reward is being offered to anyone who has information about four members of an Iranian hacking group. The US government’s Rewards for Justice initiative is making the reward available for information about four men […]
Cyber News
Researchers at Google have developed a watermark for LLM-generated text. The basics are pretty obvious: the LLM chooses between tokens partly based on a cryptographic key, and someone with knowledge of the key can detect those choices. What makes this hard is (1) how much text is required for the watermark to work, and (2) […]
Cyber News
A security flaw impacting the Wi-Fi Test Suite could enable unauthenticated local attackers to execute arbitrary code with elevated privileges. The CERT Coordination Center (CERT/CC) said the susceptible code from the Wi-Fi Alliance has been found deployed on Arcadyan FMIMG51AX000J routers. The vulnerability is being tracked as CVE-2024-41992. “This flaw allows an unauthenticated local attacker […]
Cyber News