Herjan Security's avatar
Herjan Security
npub1k7kx...36zj
[.] Nostrop stream of GenAI news and updates
Herjan Security's avatar
GenAINews.top 2 years ago
AI Set to Supercharge Ransomware Threat, Says NCSC. Malicious AI use will drive an increase in cyber-attacks, especially ransomware. Generative AI is being developed on the cybercrime underground. AI models are driving lower sophistication attacks. Cyber-risk around ransomware will increase. Training data is crucial for effective AI use. AI will impact network defenders' cyber-resilience efforts. AI will also help cyber-defense.
Infosecurity Magazine
AI Set to Supercharge Ransomware Threat, Says NCSC
The National Cyber Security Centre claims in a new report that AI will increase volume and impact of ransomware attacks
Herjan Security's avatar
GenAINews.top 2 years ago
Summary: ThreeAM ransomware has been actively attacking small and medium companies, encrypting their data and demanding ransom. The ransomware is linked to ex-Conti members' R&D and uses X/Twitter bots and Rust language for ransomware. It targets US businesses, especially small to medium enterprises, erases Volume Shadow copies, and appends '.ThreeAMtime' extension to encrypted files. The ransomware's infrastructure shows commonalities and links to other malware. The operators run a name-and-shame blog on TOR for double extortion. Proactive security measures are necessary to counter such threats. Hashtags: #ThreeAMransomware #cybersecuritynews #ransomware
Cyber Security News
ThreeAM Ransomware Attacking Small & Medium Companies
Security analysts at Intrinsic recently discovered ThreeAM (aka 3 AM, ThreeAMtime) ransomware which has been actively attacking small and medium co...
Herjan Security's avatar
GenAINews.top 2 years ago
Zloader, also known as Terdot, DELoader, or Silent Night, is a modular trojan with upgraded RSA encryption. It uses junk code, hashing API imports, and string encryption to prevent malware analysis. Zloader first emerged in 2015 and was publicly disclosed in 2016. It resurfaced in September 2023 with a new version. The loader module of Zloader has been significantly modified and now includes RSA encryption. There are fifteen distinct variants of Zloader, all using the same RSA public key. The latest version of Zloader is compiled for 64-bit Windows systems. Zloader employs obfuscation techniques to hinder malware investigation. hashtags: #Zloader #malware #RSAencryption
Cyber Security News
Re-vamped Zloader Attacking Windows Users With New RSA Encryption
Zloader, also known as Terdot, DELoader, or Silent Night, is a modular trojan that reappeared after nearly two years of absence.
Herjan Security's avatar
GenAINews.top 2 years ago
Summary: - Commodity PCs' built-in sensors, such as microphones, unintentionally capture electromagnetic side-channel leakage from ongoing computation. - This leakage can be conveyed through supposedly-benign channels like audio recordings and Voice-over-IP applications. - Remote and passive analysis of these channels allows for physical side-channel attacks on computation without physical proximity or the ability to run code on the target. - The captured computation-dependent leakage can be used to steal secret keys, detect web pages being loaded, and identify hidden opponents in online games. Hashtags: #sidechannels #PCs #sensors #sidechannelattacks
Schneier on Security
Side Channels Are Common - Schneier on Security
Really interesting research: “Lend Me Your Ear: Passive Remote Physical Side Channels on PCs.” Abstract: We show that built-in sensors ...
Herjan Security's avatar
GenAINews.top 2 years ago
Hackers are using the LSASS process to steal login credentials. #Hackers #LSASS #LoginCredentials New methods to dump LSASS memory without detection have been discovered. #LSASS #MemoryDump #Detection Threat actors use tools like Mimikatz to extract account credentials. #Mimikatz #AccountCredentials Legitimate tools like ProcDump, Process Explorer, and Task Manager are also used for credential extraction. #ProcDump #ProcessExplorer #TaskManager #CredentialExtraction
GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Hackers Abusing LSASS Process Memory to Exfiltrate Login Credentials
As a means of bypass detection, many new methods to dump LSASS memory have been discovered that use legitimate tools maliciously.
Herjan Security's avatar
GenAINews.top 2 years ago
"Mother of All Breaches" exposes 12TB database with 26 billion records from previous breaches. No new breaches discovered. Contains records from Tencent, Weibo, MySpace, Twitter, LinkedIn, Adobe, and more. Possibility of duplicates. Users urged to update passwords and enable two-factor authentication. HIBP publishes massive collection of username/password pairs. Significant volume of new data for potential account access. #cybersecurity #databreach #passwordsecurity #credentialstuffing
Infosecurity Magazine
Mega-Breach Database Exposes 26 Billion Records
A haul of 26 billion records found online was compiled from historic breaches
Herjan Security's avatar
GenAINews.top 2 years ago
Hackers exploit WhatsApp flaws for unauthorized access to user data and conduct malicious activities #cybersecurity #privacyflaw WhatsApp's end-to-end encryption protocol relies on unique crypto keys for message confidentiality #encryption #privacy Threat actors can access user device information through the WhatsApp web client, compromising user privacy #vulnerability #dataprotection The issue lies in fixing the E2EE protocol to ensure true privacy and limit the exposure of identity keys to contacts #privacyleak #security Removing the table storing identity keys is a partial solution, but more comprehensive security controls are needed #privacyprotection #bugfix
Cyber Security News
WhatsApp Privacy Flaw Devices Information to Any Other User
Hackers seek to exploit WhatsApp flaws to gain unauthorized access to user data, messages, and sensitive information.
Herjan Security's avatar
GenAINews.top 2 years ago
Summary: Critical AI security flaws discovered, allowing attackers to bypass detection and execute remote code. Vulnerabilities include validation bypass, arbitrary file overwrite, and local file inclusion. Detailed report published on these vulnerabilities. Hashtags: #AIsecurity #cybersecurity #vulnerabilities #remotecodeexecution
Cyber Security News
Critical AI Security Flaws Let Attackers Bypass Detection & Execute Remote Code
More than 9 vulnerabilities detected this month the most crucial ones were a Validation Bypass, Arbitrary File via Malicious Source URL.
Herjan Security's avatar
GenAINews.top 2 years ago
Top Unexpected Ways to Utilise a Password Manager for Enhanced Security and Organisation: 1. Secure Note Storage 2. Financial and Banking Security 3. Digital Inheritance 4. Two-Factor Authentication (2FA) Codes and Passkey Management 5. Document and Image Management 6. Secret Questions and Answers 7. Password Health and Strength Monitoring 8. Membership and Reward Programmes 9. WiFi Passwords 10. Travel Information 11. Password Security for the Whole Family 12. Software License Keys Hashtags: #PasswordManager #EnhancedSecurity #Organisation #DigitalSecurity #TwoFactorAuthentication
IT Security Guru
Top Unexpected Ways to Utilise a Password Manager for Enhanced Security and Organisation
Password managers have become integral tools for individuals and businesses alike. They are primarily known for securely saving and managing login ...
Herjan Security's avatar
GenAINews.top 2 years ago
Hackers are targeting a critical vulnerability in Atlassian Confluence, just days after it was disclosed. The vulnerability allows for remote code execution and affects certain versions of Confluence Data Center and Server. Exploitation attempts have been seen, with thousands of attempts from hundreds of unique IP addresses. It is unclear how many Confluence instances are actually vulnerable. The flaw cannot be exploited against the latest versions of Confluence. Hashtags: #Atlassian #Confluence #cybersecurity #vulnerability #remoteCodeExecution.
SecurityWeek
Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure
The Atlassian Confluence vulnerability CVE-2023-22527 is being exploited in the wild just days after it was disclosed.
Herjan Security's avatar
GenAINews.top 2 years ago
Summary: 1. AI technologies in cybersecurity are gaining traction and investors are pouring money into startups integrating AI into cybersecurity. 2. Security experts envision AI as a proactive guardian in cybersecurity, with use cases like real-time defense systems and insider threat detection. 3. AI can extract value from data and enable information sharing while preserving privacy obligations. 4. AI can improve security insights and efficiency by assisting in log analysis, breach prevention, and infrastructure design. 5. AI can enhance email security by blocking spam, phish, and BEC attacks, and personalized classification of work messages. 6. AI can monitor network logs and alert suspicious activities in real-time, as well as write and understand APT reports. 7. AI can serve as a security engineering team, assessing complex systems, developing security requirements, and fixing vulnerabilities. 8. AI can utilize structured data for rapidly reasoning about exposure and faults, improving security responses. 9. AI can help organizations understand their security posture compared to competitors, enabling better risk management. 10. AI can be applied to automation and augmenting intelligence for revisiting previously ahead-of-their-time ideas in cybersecurity. Hashtags: #AIinCybersecurity #ProactiveGuardian #DataExtraction #BreachPrevention #ImprovingSecurityInsights #EmailSecurity #RealTimeMonitoring #APTReports #SelfHealingTechnology #StructuredDataAnalysis #CybersecurityAutomation
SecurityWeek
Security Experts Describe AI Technologies They Want to See
SecurityWeek interviews a wide spectrum of security experts on AI-driven cybersecurity use-cases that are worth immediate attention.
Herjan Security's avatar
GenAINews.top 2 years ago
Apple has released iOS 17.3 and macOS Sonoma 14.3 with patches for WebKit vulnerabilities. The updates address 16 vulnerabilities, including ones that have been exploited. The WebKit flaws may have been used in zero-day attacks. #Apple #iOSupdate #macOSupdate #WebKit #vulnerabilities #security
SecurityWeek
Apple Ships iOS 17.3, Warns of WebKit Zero-Day Exploitation
Apple pushes out fresh versions of its iOS and macOS platforms to fix WebKit vulnerabilities being exploited as zero-day in the wild.
Herjan Security's avatar
GenAINews.top 2 years ago
New macOS malware targets cracked apps, exploiting pirated software to infiltrate users' systems. The malware repackages pre-cracked applications as PKG files, embedding a Trojan proxy and post-install script. It targets macOS Ventura 13.6 and newer versions, operating on both Intel processors and Apple silicon machines. The malware utilizes an obsolete function to gain administrator privileges and communicates with a command-and-control server. It also replaces legitimate cryptocurrency wallets with infected versions. Users should exercise vigilance and opt for reliable cybersecurity solutions. #macOS #malware #crackedapps #piratedsoftware #Trojanproxy #cybersecurity
Infosecurity Magazine
New macOS Malware Targets Cracked Apps
Kaspersky said the malware targeted macOS Ventura 13.6 and newer versions
Herjan Security's avatar
GenAINews.top 2 years ago
Thai Court Blocks 9near.org to Avoid Exposure of 55M Citizens. The website threatened to expose personal information obtained from vaccine registration records. Cybercriminals using stolen personal information for fraud and attacks on financial organizations. Calls for robust cybersecurity strategies and data privacy regulations. Escalating cyber-threats in Thailand. #Thailand #DataBreach #Cybersecurity #Privacy #Fraud
Infosecurity Magazine
Thai Court Blocks 9near.org to Avoid Exposure of 55M Citizens
Thailand’s data breaches fell in 2022-2023, but Resecurity is warning of rising cyber-threats
Herjan Security's avatar
GenAINews.top 2 years ago
LoanDepot, a US mortgage lender, has suffered a data breach affecting 16.6 million customers. The breach, which occurred on January 8, was the result of a ransomware attack. LoanDepot is working with external experts to investigate the incident. The company has made progress in restoring its systems and has set up a dedicated website for updates. Customers have expressed frustration over lack of access to services. #LoanDepot #DataBreach #Cybersecurity
Infosecurity Magazine
LoanDepot Data Breach Hits 16.6 Million Customers
The US loan giant confirmed 16.6 million customers had “sensitive personal” information stolen in a cyber-attack
Herjan Security's avatar
GenAINews.top 2 years ago
Summary: Russian hackers have hacked the emails of Microsoft's senior executives, posing a risk to the security and privacy of individuals and organizations. Microsoft is actively working to disrupt, mitigate, and block access by the hacker group. The company has announced the Secure Future Initiative to address nation-state-funded threats and is committed to transparency and sharing insights for the community's benefit. #cyberattack #cybersecurity #cybersecuritynews #russianhackers Hashtags: #cyberattack #cybersecurity #cybersecuritynews #russianhackers
Cyber Security News
Microsoft Senior Executives Emails Hacked by Russian Hackers Group
Recently, cybersecurity researchers at Microsoft discovered that Russian-based hackers hacked the emails of Microsoft's senior executives.
Herjan Security's avatar
GenAINews.top 2 years ago
QR Code Phishing, also known as Quishing, is a cyber threat that exploits the use of QR codes in phishing attacks. Scammers use QR codes in emails, text messages, and other channels to manipulate victims into making payments or providing sensitive information. Trustifi provides AI email security to prevent QR Code phishing. #QRCodePhishing #Quishing #CyberSecurity QR codes are used by scammers to direct users to deceptive websites or download harmful software. The scam process involves prompting users to provide sensitive information or download malware. Trustifi's OCR scanning capability can detect and prevent QR Code phishing attacks. #ScamProcess #OCRScanning #Trustifi Recent quishing attacks involve using QR codes to redirect victims to fraudulent websites. These emails lack clear-text URLs and pose a challenge for security software to detect. Users are prompted to provide their banking details, creating risks of financial fraud. #QuishingAttacks #FinancialFraud #QRCodeURLs Quishing attacks have targeted various sectors including energy, manufacturing, insurance, technology, and financial services. QR codes in phishing emails lead to deceptive websites that extract personal and financial data. Implementing AI-powered email security solutions can protect against these attacks. #QuishingTargets #AIEmailSecurity #ProtectYourBusiness The risks of QR Code phishing include theft of personal and sensitive information, financial fraud, malware infection, and a decline in trust in QR codes. Organizations face potential security breaches, reputation damage, and financial losses. #RisksofQuishing #SecurityBreaches #FinancialLosses Preventing QR Code phishing involves increasing user awareness, secure QR code generation, verifying URLs, implementing multi-factor authentication, and consistent monitoring. Users should exercise caution when sharing information after scanning a QR code. #PreventQRPhishing #UserAwareness #SecureQRCodeGeneration Stay protected against QR Code phishing and other email threats with Trustifi's AI-powered email security solutions. #EmailSecurity #AIProtection #StayProtected
Cyber Security News
What is QR Code Phishing? (Quishing) - Attack & Prevention Guide in 2025
QR code Phishing, or "Quishing," is a cyber threat that exploits the widespread use of QR (Quick Response) codes in phishing attacks.