cybersecurity threats
-
CISA Highlights Security Flaws in SinoTrack GPS Devices
CISA warns SinoTrack GPS device users about critical vulnerabilities allowing unauthorized access. Affected devices could be remotely controlled, including tracking vehicles and cutting off fuel. Users are urged to change default passwords immediately.
-
New AI Vulnerability Discovered in Microsoft 365 Copilot: ‘EchoLeak’
A new zero-click vulnerability known as ‘EchoLeak’ has been discovered in Microsoft 365 Copilot, enabling attackers to exfiltrate sensitive data without user interaction. While Microsoft has patched the flaw, experts advise businesses to enhance their cybersecurity measures to prevent future exploits.
-
Coordinated Cyber Attacks Target Tomcat Manager Interfaces
GreyNoise has warned of a surge in coordinated brute-force attacks targeting Apache Tomcat Manager interfaces, involving 295 unique malicious IP addresses. As attackers seek to exploit these vulnerabilities, experts recommend strengthening security measures to protect against unauthorized access.
-
Former Black Basta Affiliates Adapt Tactics Amid Ongoing Cyber Threats
Former members of the Black Basta ransomware operation have adapted their tactics, leveraging email phishing and Microsoft Teams phishing to gain access to networks. The report highlights the evolution of these cybercriminals even as the Black Basta brand faces challenges.
-
Microsoft Addresses Critical Zero-Day Vulnerability in June Security Update
Microsoft’s June security update addresses 66 vulnerabilities, including a critical zero-day exploit in WebDAV linked to the Stealth Falcon espionage group, posing risks to organizations worldwide.
-
Trump Administration’s New Cybersecurity Executive Order Shifts Focus and Strategies
The Trump administration’s new cybersecurity executive order pivots sharply from past policies, introducing measures that aim to reinforce national security and tackle emerging digital threats while drawing criticism for its political implications and potential efficacy.
-
China-linked Cyber Espionage Group Targets Over 70 Organizations Across Various Sectors
A China-linked cyber espionage group has targeted over 70 organizations across various sectors, including a South Asian government and a European media organization, underlining the broad implications of recent cyber infiltration tactics.
-
EU Launches DNS4EU to Enhance Digital Sovereignty and Security
The European Union has introduced DNS4EU, a privacy-focused DNS resolution service aimed at enhancing digital sovereignty and security across Europe. This new initiative offers a viable alternative to existing non-European DNS providers and emphasizes user privacy and local regulations.
-
OpenAI Bans Accounts Used by Cybercriminals for Malicious AI-Assisted Activities
OpenAI has banned a series of ChatGPT accounts linked to malicious activities by Russian and Chinese cybercriminals, revealing the extent to which threat actors are leveraging AI technology for malware development and social media automation.
-
United Natural Foods Faces Disruptions Following Cyberattack
United Natural Foods (UNFI) has reported disruptions following a cyberattack that forced the company to take some systems offline, impacting customer orders and revealing ongoing cybersecurity vulnerabilities in the food industry.
