Today, CISA ordered federal agencies to patch recently patched security vulnerabilities exploited as zero-days to deploy Triangulation spyware on iPhones via iMessage zero-click exploits. The warning comes after Kaspersky published a report detailing a Triangulation malware component used in a campaign it tracks as “Operation Triangulation.” Kaspersky says it found …
Read More »
Cybersecurity solutions company Fortinet has updated its zero-trust access solution FortiNAC to address a critical-severity vulnerability that attackers could leverage to execute code and commands. FortiNAC is a allows organizations to manage network-wide access policies, gain visibility of devices and users, and secure the network against unauthorized access and threats. …
Read More »
Facebook and Instagram users in Canada cannot share news on these two platforms. Meta, the company that owns the two social media, said that the Canadian government is going to stop the news feature due to the new law. In addition to Facebook and Instagram, the new law will also …
Read More »
Millions of software repositories on GitHub are likely vulnerable to an attack called RepoJacking, a new study has revealed. This includes repositories from organizations such as Google, Lyft, and several others, Massachusetts-based cloud-native security firm Aqua said in a Wednesday report. The supply chain vulnerability, also known as dependency repository …
Read More »
Refuting the ChatGPT Data Breach OpenAI, the parent company of ChatGPT, has refuted a report by Group-IB that alleges a data breach of the AI software. Group-IB reported that over 100,000 infected devices were housing ChatGPT hacked credentials. However, OpenAI claims that the credential leak was due to “existing commodity …
Read More »
StrategINK is a team of experienced industry experts who help businesses accelerate their innovation and go-to-market strategies. It’s core offerings include research-based business insights, content-driven marketing solutions, digital transformation consulting and advisory, and learning, enablement, and skill augmentation services. StrategINK helps businesses transform their operations, innovate digitally, accelerate sales, enhance …
Read More »
Group-IB, a global cybersecurity leader headquartered in Singapore, has identified 101,134 stealer-infected devices with saved ChatGPT credentials. Group-IB’s Threat Intelligence platform found these compromised credentials within the logs of info-stealing malware traded on illicit dark web marketplaces over the past year. The number of available logs containing compromised ChatGPT accounts reached a peak of 26,802 in May 2023. According …
Read More »
Group-IB, a global cybersecurity leader headquartered in Singapore, has identified 101,134 stealer-infected devices with saved ChatGPT credentials. Group-IB’s Threat Intelligence platform found these compromised credentials within the logs of info-stealing malware traded on illicit dark web marketplaces over the past year. The number of available logs containing compromised ChatGPT accounts reached a peak of 26,802 in May 2023. According …
Read More »
ASUS has released new firmware for several router models to address security vulnerabilities, including critical ones like CVE-2022-26376 and CVE-2018-1160, which can lead to denial-of-service attacks and code execution. The seven other flaws are as follows – CVE-2022-35401 (CVSS score: 8.1) – An authentication bypass vulnerability that could permit an attacker to send malicious HTTP requests …
Read More »
ESET researchers have identified an updated version of Android GravityRAT spyware being distributed as the messaging apps BingeChat and Chatico. GravityRAT is a remote access tool known to be used since at least 2015 and previously used in targeted attacks against India. Windows, Android, and macOS versions are available, as previously documented …
Read More »
InfoSecBulletin Cybersecurity for mankind