The text-to-dense representation techniques vary, evolving from character bi-grams to advanced subword vectorizers, combating OOV challenges like adversarial attacks and typos.  As the strategies include subword-level tokenization and decomposing unknown words into n-grams for effective neural network training. Researchers at Google recently developed and unveiled a new resilient and … [Read more...]

In the ever-evolving realm of cybersecurity, Promon, a trailblazer in mobile security solutions, has brought to light a novel adversary—FjordPhantom.  This Android malware employs avant-garde techniques, notably virtualization, to elude detection and pilfer sensitive user information. FjordPhantom strategically zeroes in on users within the Southeast Asian enclave, casting its digital … [Read more...]

Hackers use Remote Access Trojans (RATs) to gain unauthorized access and control over a victim’s computer remotely.  RATs allow threat actors to execute the following malicious actions while remaining hidden from the victim:- Stealing sensitive information Monitoring activities Deploying additional malware Recently, cybersecurity researchers at Cisco Talos discovered a … [Read more...]

Black Basta, the fourth-most active ransomware strain with more than 329 victims, has reportedly made over $100 million in ransom payments. This ransomware has also been discovered to resemble the Conti ransomware group, which stopped its operations by May 2022. A group known as Black Basta has been found to engage in double-extortion tactics, whereby they not only demand a ransom from their … [Read more...]

Notepad++ has been discovered with an uncontrolled search path vulnerability, which could allow threat actors to search an untrusted search path. This vulnerability has been disclosed to Notepad++, and a patch has yet to be provided. Notepad++ is a simple text editor for Windows with many more capabilities and can be used to open or edit code files written in other programming languages. … [Read more...]

WhatsApp has announced the rollout of a new feature to safeguard sensitive conversations. The Secret Code feature provides additional protection to ensure users’ private conversations remain secure and protected from unauthorized access. WhatsApp has recently introduced an extra layer of protection to safeguard your chats. As per their announcement, this new feature will make it more … [Read more...]

In a resounding triumph for justice, U.S. District Judge Kathryn Kimball Mizelle has sentenced Vitalii Chychasov, a 37-year-old Ukrainian citizen, to an eight-year federal prison term.  Chychasov played a pivotal role in orchestrating the notorious SSNDOB Marketplace, a clandestine platform thriving in the shadows of the dark web, specializing in the illicit trade of sensitive personal … [Read more...]

Hackers are plotting to benefit from the generosity of Halloween, Thanksgiving, and Christmas shoppers using carding attacks as we gear up for the holiday season shopping.  Online companies selling products or services are struggling with the growing issue of carding. Juniper Research predicts retailers could lose $130 billion to card-not-present (CNP) fraud by 2023. To ensure a secure … [Read more...]

The LLMs (Large Language Models) are evolving rapidly with continuous advancements in their research and applications.However, this progress also attracts threat actors who actively exploit LLMs for various malicious activities like:Recently, cybersecurity researchers at Google discovered how threat actors can exploit ChatGPT queries to collect personal data. Document … [Read more...]

In the dynamic realm of mobile application security, cybercriminals employ ever more sophisticated forms of malware, with code obfuscation standing out as a deceptive technique.  This method intentionally distorts code elements, rendering them inscrutable to the untrained eye, impeding analysis and complicating the decompilation process. Symantec’s recent investigation unravels a … [Read more...]

A recent campaign has been observed to be delivering DJvu ransomware through a loader that pretends to be freeware or cracked software. This ransomware has been previously reported to provide a .xaro extension to infected files, and threat actors demand a ransom for decrypting those files. The main goals of this ransomware are data exfiltration, stealing information, and ransom demand. This … [Read more...]

In a pivotal update to the Okta security incident divulged in October 2023, Okta Security has unearthed additional intricacies surrounding the unauthorized intrusion into its customer support system.  This revelation holds profound implications for the security of Okta’s clientele, particularly those immersed in the Workforce Identity Cloud (WIC) and Customer Identity Solution (CIS) … [Read more...]

We’re currently living in an age where digital threats loom large. Among these, ransomware has emerged as a formidable adversary, disrupting businesses and individuals alike. This malicious software, designed to encrypt data and demand payment for its release, poses significant challenges in terms of security and data integrity. Understanding and implementing a proactive ransomware protection … [Read more...]

Attackers are exploiting the recently discovered critical security vulnerability tracked as (CVE-2023-46604) affecting Apache ActiveMQ to disseminate the Golang-based botnet GoTitan and the.NET application “PrCtrl Rat,” which has the ability to be remotely controlled. Any Operating System using Apache Active MQ versions earlier than 5.15.16, 5.16.7, 5.17.6, and 5.18.3 was susceptible to this … [Read more...]

Media reports highlight the sale of LLMs like WormGPT and FraudGPT on underground forums. Fears mount over their potential for creating mutating malware, fueling a craze in the cybercriminal underground. Concerns arise over the dual-use nature of LLMs, with tools like WormGPT raising alarms.  The shutdown of WormGPT adds uncertainty, leaving questions about how threat actors view and … [Read more...]

An open-source security scanner, developed by Git Hub user Adam Swanda, was released to explore the security of the LLM model. This model is utilized by chat assistants such as ChatGPT. This scanner, which is called ‘Vigil’, is specifically designed to analyze the LLM model and assess its security vulnerabilities. By using Vigil, developers can ensure that their chat assistants are safe and … [Read more...]

One of Slovenia’s major power providers, HSE, has recently fallen victim to a significant cyberattack. The security and control system, along with the fire alarms, were breached by the criminal who caused significant damage. It has been reported that the attack was carried out by the Ransomware gang, which resulted in the encryption of files and rendered them inaccessible to the rightful … [Read more...]

In the labyrinthine landscape of cyber threats, the Trend Micro Managed XDR team has uncovered a malevolent symphony echoing the tactics employed by the infamous Genesis Market.  Trend Micro Managed XDR, or Extended Detection and Response, is a comprehensive cybersecurity solution provided by Trend Micro, a global leader in cybersecurity solutions. This nefarious threat actor has … [Read more...]

BOSTON, MASS. and TEL AVIV, ISRAEL, November 28, 2023 – A severe design flaw in Google Workspace’s domain-wide delegation feature discovered by threat hunting experts from Hunters’ Team Axon, can allow attackers to misuse existing delegations, enabling privilege escalation and unauthorized access to Workspace APIs without Super Admin privileges. This kind of attack might compromise all of the … [Read more...]

SysJoker malware was initially discovered to be used by the APT group dubbed “WildCard” and targeted Israel’s educational sector. However, the operations of this APT threat actor have expanded to include additional malware variants, with one of them found to be written in Rust programming language.  This new rust malware has been coined “Rustdown” by the malware developers. In addition to … [Read more...]