Cyber News - 29/01/2024
Your Cyber News of the day ! "Be Cyber Smart, Be Cyber Secure."
Your Cyber News of the day ! "Be Cyber Smart, Be Cyber Secure."
Description:
In nearly every segment of our lives, AI (artificial intelligence) now makes a significant impact: It can deliver better healthcare diagnoses and treatments; detect and reduce the risk of financial fraud; improve inventory management; and serve up the right recommendation for a streaming movie on Friday night. However, one can also make a strong case that some of AI's most significant impacts are in cybersecurity.
Date: Mon, 29 Jan 2024
Source: https://thehackernews.com/2024/01/riding-ai-waves-rise-of-artificial.html
Description:
Cybersecurity researchers have detected in the wild yet another variant of the Phobos ransomware family known as Faust.
Fortinet FortiGuard Labs, which detailed the latest iteration of the ransomware, said it's being propagated by means of an infection that delivers a Microsoft Excel document (.XLAM) containing a VBA script.
Date: Mon, 29 Jan 2024
Source: https://thehackernews.com/2024/01/albabat-kasseika-kuiper-new-ransomware.html
Description:
The U.S. National Security Agency (NSA) has admitted to buying internet browsing records from data brokers to identify the websites and apps Americans use that would otherwise require a court order, U.S. Senator Ron Wyden said last week.
"The U.S. government should not be funding and legitimizing a shady industry whose flagrant violations of Americans' privacy are not just unethical, but illegal," Wyden said in a letter to the Director of National Intelligence (DNI), Avril Haines, in addition to urging the government to take steps to "ensure that U.S. intelligence agencies only purchase data on Americans that has been obtained in a lawful manner."
Date: Mon, 29 Jan 2024
Source: https://thehackernews.com/2024/01/nsa-admits-secretly-buying-your.html
Description:
Cybersecurity researchers have identified malicious packages on the open-source Python Package Index (PyPI) repository that deliver an information stealing malware called WhiteSnake Stealer on Windows systems.
The malware-laced packages are named nigpal, figflix, telerer, seGMM, fbdebug, sGMM, myGens, NewGends, and TestLibs111. They have been uploaded by a threat actor named "WS."
Date: Mon, 29 Jan 2024
Source: https://thehackernews.com/2024/01/malicious-pypi-packages-slip-whitesnake.html
Description:
An analysis conducted by SecurityWeek shows that 413 cybersecurity-related mergers and acquisitions were announced in 2023.
Date: Mon, 29 Jan 2024
Description:
Goldman Sachs leads wireless threat intelligence firm Bastille Networks๏ฟฝ $44 million Series C funding round.
Date: Mon, 29 Jan 2024
Source: https://www.securityweek.com/bastille-networks-raises-44-million-to-secure-wireless-devices/
Description:
Multiple proof-of-concept (PoC) exploits for a critical Jenkins vulnerability allowing unauthenticated attackers to read arbitrary files have been made publicly available, with some researchers reporting attackers actively exploiting the flaws in attacks.
Jenkins is an open-source automation server widely used in software development, particularly for Continuous Integration (CI) and Continuous Deployment (CD).
Date: Sun, 28 Jan 2024
Description:
Governments struck back this week against members of ransomware operations, imposing sanctions on one threat actor and sentencing another to prison.
On Tuesday, the Australian, US, and UK governments announced sanctions against Aleksandr Gennadievich Ermakov, a Russian national believed to be responsible for the 2022 Medibank hack and a member of the REvil ransomware group.
Date: Sat, 27 Jan 2024
Description:
The Kansas City Area Transportation Authority (KCATA) announced it was targeted by a ransomware attack on Tuesday, January 23.
KCATA is a bi-state public transit agency serving seven counties of Missouri and Kansas, operating 78 bus routes and 6 MetroFlex routes using a fleet of 300 buses. The company reports that 10.5 million people use their services in a year.
Date: Sat, 27 Jan 2024