ThreatsHub.org
In this blog entry, Trend Micro’s Managed XDR team discuss their investigation into how the latest variant of NodeStealer is delivered through spear-phishing attacks, potentially leading to malware execution, data theft, and the exfiltration of sensitive information via Telegram. Read More HERE…
Read moreIt could end up like Huawei -Trump’s gonna get ya, get ya, get ya The Feds may ban the sale of TP-Link routers in the US over ongoing national security concerns about Chinese-made devices being used in cyberattacks.… READ MORE HERE…
Read moreTP-Link products have been connected to several high-profile hacking incidents. (Also, they’re made in China.)READ MORE HERE…
Read moreAll it took to make an Google Edge TPU give up model hyperparameters was specific hardware, a novel attack technique … and several days Computer scientists from North Carolina State University have devised a way to copy AI models running on Google Edge Tensor Processing Units (TPUs), as used in Google Pixel phones and third-party machine learning accelerators.… READ MORE HERE…
Read moreOpen-source tools like Grafana Labs and AI-driven AIOps are shaking up incident management, challenging PagerDuty and streamlining IT problem-solving and code fixes. Here’s why it matters.READ MORE HERE…
Read moreNot that you needed another reason to enable the ‘known senders’ setting Criminals are spoofing Google Calendar emails in a financially motivated phishing expedition that has already affected about 300 organizations with more than 4,000 emails sent over four weeks, according to Check Point researchers.… READ MORE HERE…
Read more€251 million? Zuck can find that in his couch cushions, but Meta still vows to appeal It’s been six years since miscreants abused some sloppy Facebook code to steal access tokens belonging to 30 million users, and the slow-turning wheels of Irish justice have finally caught up with a €251 million ($264 million) fine for the social media biz. … READ MORE HERE…
Read more
APT group Earth Koshchei, suspected to be sponsored by the SVR, executed a large-scale rogue RDP campaign using spear-phishing emails, red team tools, and sophisticated anonymization techniques to target high-profile sectors. Read More HERE…
Read moreBut can you really take crims at their word? Supply chain integration vendor Cleo has urged its customers to upgrade three of its products after an October security update was circumvented, leading to widespread ransomware attacks that Russia-linked gang Cl0p has claimed are its evil work.… READ MORE HERE…
Read moreWith the latest OS versions, you can generate an AirTag link to help airline personnel track down your missing luggage. Apple says privacy safeguards are built in.READ MORE HERE…
Read more