Category: Uncategorized
-
Brazil Data Regulator Bans Meta From Mining Data to Train AI Models Associated Press
Brazil’s national data protection authority has determined that Meta cannot use data originating in the country to train its artificial intelligence. The post Brazil Data Regulator Bans Meta From Mining Data to Train AI Models appeared first on SecurityWeek. Read More
-
300k Affected by Year-Old Data Breach at Florida Community Health Centers Ionut Arghire
Florida Community Health Centers says the information of 300,000 individuals was stolen in a June 2023 ransomware attack. The post 300k Affected by Year-Old Data Breach at Florida Community Health Centers appeared first on SecurityWeek. Read More
-

The Emerging Role of AI in Open-Source Intelligence [email protected] (The Hacker News)
Recently the Office of the Director of National Intelligence (ODNI) unveiled a new strategy for open-source intelligence (OSINT) and referred to OSINT as the “INT of first resort”. Public and private sector organizations are realizing the value that the discipline can provide but are also finding that the exponential growth of digital data in recent…
-
Patelco Credit Union Scrambling to Restore Systems Following Ransomware Attack Ionut Arghire
Patelco Credit Union shuts down banking systems and suspends electronic operations in response to a ransomware attack. The post Patelco Credit Union Scrambling to Restore Systems Following Ransomware Attack appeared first on SecurityWeek. Read More
-
Intel Says No New Mitigations Required for Indirector CPU Attack Eduard Kovacs
Researchers disclosed a new high-precision Branch Target Injection attack method named Indirector, but Intel says no new mitigations are needed. The post Intel Says No New Mitigations Required for Indirector CPU Attack appeared first on SecurityWeek. Read More
-

Microsoft MSHTML Flaw Exploited to Deliver MerkSpy Spyware Tool [email protected] (The Hacker News)
Unknown threat actors have been observed exploiting a now-patched security flaw in Microsoft MSHTML to deliver a surveillance tool called MerkSpy as part of a campaign primarily targeting users in Canada, India, Poland, and the U.S. “MerkSpy is designed to clandestinely monitor user activities, capture sensitive information, and establish persistence on compromised systems,” Fortinet FortiGuardRead…
-
regreSSHion OpenSSH Flaw: Potential Exploitation Attempts Seen, but Mass Attacks Unlikely Eduard Kovacs
The critical OpenSSH vulnerability tracked as regreSSHion and CVE-2024-6387 may already be targeted by attackers, but mass exploitation is unlikely. The post regreSSHion OpenSSH Flaw: Potential Exploitation Attempts Seen, but Mass Attacks Unlikely appeared first on SecurityWeek. Read More
-

FakeBat Loader Malware Spreads Widely Through Drive-by Download Attacks [email protected] (The Hacker News)
The loader-as-a-service (LaaS) known as FakeBat has become one of the most widespread loader malware families distributed using the drive-by download technique this year, findings from Sekoia reveal. “FakeBat primarily aims to download and execute the next-stage payload, such as IcedID, Lumma, RedLine, SmokeLoader, SectopRAT, and Ursnif,” the company said in a Tuesday analysis. Drive-by…
-

Israeli Entities Targeted by Cyberattack Using Donut and Sliver Frameworks [email protected] (The Hacker News)
Cybersecurity researchers have discovered an attack campaign that targets various Israeli entities with publicly-available frameworks like Donut and Sliver. The campaign, believed to be highly targeted in nature, “leverage target-specific infrastructure and custom WordPress websites as a payload delivery mechanism, but affect a variety of entities across unrelated verticals, and rely onRead More
-

South Korean ERP Vendor’s Server Hacked to Spread Xctdoor Malware [email protected] (The Hacker News)
An unnamed South Korean enterprise resource planning (ERP) vendor’s product update server has been found to be compromised to deliver a Go-based backdoor dubbed Xctdoor. The AhnLab Security Intelligence Center (ASEC), which identified the attack in May 2024, did not attribute it to a known threat actor or group, but noted that the tactics overlap…
