Ahead of a discussion in the Oireachtas (Irish parliament) today on a proposed amendment to a bill that would allow the Irish Data Protection Commission (DPC) to label all matters before it as confidential, Rasha Abdul-Rahim, Programme Director at Amnesty Tech, said: “The government’s attempt to allow the Irish Data …
Read More »
Today, CISA ordered federal agencies to patch recently patched security vulnerabilities exploited as zero-days to deploy Triangulation spyware on iPhones via iMessage zero-click exploits. The warning comes after Kaspersky published a report detailing a Triangulation malware component used in a campaign it tracks as “Operation Triangulation.” Kaspersky says it found …
Read More »
Refuting the ChatGPT Data Breach OpenAI, the parent company of ChatGPT, has refuted a report by Group-IB that alleges a data breach of the AI software. Group-IB reported that over 100,000 infected devices were housing ChatGPT hacked credentials. However, OpenAI claims that the credential leak was due to “existing commodity …
Read More »
Group-IB, a global cybersecurity leader headquartered in Singapore, has identified 101,134 stealer-infected devices with saved ChatGPT credentials. Group-IB’s Threat Intelligence platform found these compromised credentials within the logs of info-stealing malware traded on illicit dark web marketplaces over the past year. The number of available logs containing compromised ChatGPT accounts reached a peak of 26,802 in May 2023. According …
Read More »
InfoSecBulletin by Associated Press: In early June, sporadic but serious service disruptions plagued Microsoft’s flagship office suite — including the Outlook email and OneDrive file-sharing apps — and cloud computing platform. A shadowy hacktivist group claimed responsibility, saying it flooded the sites with junk traffic in distributed denial-of-service attacks. Initially …
Read More »
Three hacking groups, Killnet, Anonymous Sudan, and REvil, have threatened to launch a “destructive” attack against the European financial system, starting with the SWIFT international communications system. The attack is expected to take place within the next 48 hours. The groups are reportedly motivated by political reasons, as they are …
Read More »
After months of silence, the notorious cybercrime and hacking forum, BreachForums, has resurfaced under new management. ShinyHunters, a well-known hacking group, has seized control of the revived platform, sending shockwaves through the cybersecurity community and raising concerns among global law enforcement agencies. The announcement of BreachForums’ return came from Baphomet, …
Read More »
Fortinet on Monday warned customers that a recently patched vulnerability, tracked as CVE-2023-27997, could be a zero-day flaw that has been exploited in limited attacks. The vulnerability, which is a critical heap-based buffer overflow in the SSL-VPN module, can allow a remote hacker to execute arbitrary code or commands using …
Read More »
A newly discovered multi-stage Adversary-in-the-Middle (AitM) phishing and BEC attack campaign has been targeting banking and financial organizations. According to Microsoft, the attack originated from a compromised trusted vendor and transitioned to a series of AitM and BEC attacks. During this period, the attackers abused the trusted relationship between vendors, …
Read More »
Several Indian media report that a massive data breach of the CoWIN portal (The central platform for COVID-19 vaccination registration in India) had happened. For this breach media report one billion Indian citizens’ data is at risk. This data leak has also exposed the Aadhaar card, Voter ID, and PAN …
Read More »
InfoSecBulletin Cybersecurity for mankind