actors
-
Blog
Microsoft files suit against threat actors abusing AI services
Microsoft has filed a lawsuit against 10 foreign threat actors, accusing the group of stealing API keys for its Azure OpenAI service and using it to run a hacking as a service operation. According to the complaint, filed in December 2024, Microsoft discovered the customer API keys were being used to generate illicit content in late July that year. After…
Read More » -
Blog
Chinese threat actors breached the US Treasury in ‘major incident’ – here’s what you need to know
Chinese threat actors were able to access highly sensitive information held by the US Treasury Department after compromising a third party service used for remote IT support. On 8 December, cybersecurity firm BeyondTrust warned users it had discovered an API key for its remote support SaaS solution had been compromised. The stolen key could allow threat actors to trigger password…
Read More » -
Blog
Winnti hackers target other threat actors with new Glutton PHP backdoor
The Chinese Winnti hacking group is using a new PHP backdoor named ‘Glutton’ in attacks on organizations in China and the U.S., and also in attacks on other cybercriminals. Chinese security firm QAX’s XLab discovered the new PHP malware in late April 2024, but evidence of its deployment, along with other files, dates back to December 2023. XLab comments that,…
Read More » -
Blog
Cloudflare’s developer domains increasingly abused by threat actors
Cloudflare’s ‘pages.dev’ and ‘workers.dev’ domains, used for deploying web pages and facilitating serverless computing, are being increasingly abused by cybercriminals for phishing and other malicious activities. According to cybersecurity firm Fortra, the abuse of these domains has risen between 100% and 250% compared to 2023. The researchers believe the use of these domains is aimed at improving the legitimacy and effectiveness…
Read More » -
Blog
Threat Actors Are Exploiting Vulnerabilities Faster Than Ever
New research by cybersecurity firm Mandiant provides eyebrow-raising statistics on the exploitation of vulnerabilities by attackers, based on the analysis of 138 different exploited vulnerabilities that were disclosed in 2023. The findings, published on Google Cloud’s blog, reveals that vendors are increasingly being targeted by attackers, who are continually reducing the average time to exploit both zero-day and N-day vulnerabilities.…
Read More » -
Blog
Microsoft logs 600 million identity attacks per day as threat actors collaborate more
Microsoft has said it tracked more than 600 million identity attacks across its 2024 fiscal year, as the firm warns cybercriminals are becoming more collaborative and focused in their attacks. In its Digital Defense Report 2024, Microsoft noted the rise of identity-based cyber attacks as firms migrate to the cloud and stated that Microsoft Entra data showed 7,000 password attacks…
Read More » -
Blog
OpenAI confirms threat actors use ChatGPT to write malware
OpenAI has disrupted over 20 malicious cyber operations abusing its AI-powered chatbot, ChatGPT, for debugging and developing malware, spreading misinformation, evading detection, and conducting spear-phishing attacks. The report, which focuses on operations since the beginning of the year, constitutes the first official confirmation that generative mainstream AI tools are used to enhance offensive cyber operations. The first signs of such…
Read More » -
Blog
List of Sonic 3 Cast and Voice Actors
Sonic 3 is closing in on its release date with each passing day. A new trailer for Sonic The Hedgehog 3 was released recently bringing in previously seen characters and some new ones as well. The latest and most remarkable addition to the cast of Sonic 3 is Shadow, who will also be the movie’s main antagonist. So, in this…
Read More » -
Blog
Threat Actors Exploit Microsoft Sway to Host QR Code Phishing Campaigns
A new report from cybersecurity company Netskope reveals details about attack campaigns abusing Microsoft Sway and CloudFlare Turnstile and leveraging QR codes to trick users into providing their Microsoft Office credentials to the phishing platform. These campaigns have targeted victims in Asia and North America across multiple segments led by technology, manufacturing, and finance. What is quishing? QR codes are…
Read More » -
Blog
Threat Actors Increasingly Target macOS
Intel471’s new report reveals macOS is increasingly targeted by threat actors, who develop specific malware for the operating system or use cross-platform languages to achieve their goals on macOS computers. More macOS vulnerabilities are also being exploited in the wild. Malware and exploits might be used for both cybercrime and cyberespionage. More malware than ever on macOS Between January 2023…
Read More »