Russia-linked threat group put ChatGPT to work from lure to payload
Researchers say 'GREYVIBE' crew used AI tools throughout a campaign targeting Ukrainian military and government
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Researchers say 'GREYVIBE' crew used AI tools throughout a campaign targeting Ukrainian military and government
46% say age checks are easy to bypass, and nearly a third admit getting around them It’s been months since the UK government began requiring stronger age checks under the Online Safety Act, and recent research suggests those measures are falling short of keeping kids away from harmful content. In some cases, even drawing on a mustache has been reported as enough to fool age detection software.…
Ransomware, malware-as-a-service, infostealers benefit MOIS, too Iranian government-backed snoops are increasingly using cybercrime malware and ransomware infrastructure in their operations - not just hiding behind criminal masks as a cover for destructive cyber activity, according to security researchers.…
And their toolkit includes a new, Linux kernel rootkit A state-aligned cyber group in Asia compromised government and critical infrastructure organizations across 37 countries in an ongoing espionage campaign, according to security researchers.…
The group targets telecoms, critical infrastructure - all the usual high-value orgs Security researchers have attributed the Notepad++ update hijacking to a Chinese government-linked espionage crew called Lotus Blossom (aka Lotus Panda, Billbug), which abused weaknesses in the update infrastructure to gain a foothold in high-value targets by delivering a newly identified backdoor dubbed Chrysalis.…
Group-IB says Tehran-linked crew used hijacked mailbox and VPN to sling phishing emails across Middle East Iran's favorite muddy-footed cyberespionage crew is at it again, this time breaching more than 100 government entities across the Middle East and North Africa, according to researchers at Group-IB.…
‘Universities are being used to proxy offensive government operations, turning research access decisions political’ Censys Inc, vendor of the popular Censys internet-mapping tool, has revealed that state-based actors are trying to abuse its services by hiding behind academic researchers.…
Sites at yourcountry.gov may also not bother with HTTPs Internet traffic to government domains often flows across borders, relies on a worryingly small number of network connections, or does not require encryption, according to new research.…
Snarfing up config files for 'thousands' of devices…just for giggles, we're sure The FBI and security researchers today warned that Russian government spies exploited a seven-year-old bug in end-of-life Cisco networking devices to snoop around in American critical infrastructure networks and collect information on industrial systems.…
Hello loophole could let a rogue admin, or a pwned one, inject new facial scans Black Hat Microsoft is pushing hard for Windows users to shift from using passwords to its Hello biometrics system, but researchers sponsored by the German government have found a critical flaw in its business implementation.…
In effect: 'Ha ha – the government is borked and so are you' Ransomware scumbags - potentially those behind the Fog gang - are channeling their inner Elon Musk with their latest ransom note, spotted by researchers at Trend Micro.…
Here's what $20 gets you these days More than 4,000 unique backdoors are using expired domains and/or abandoned infrastructure, and many of these expose government and academia-owned hosts – thus setting these hosts up for hijacking by criminals who likely have less altruistic intentions than the security researchers who uncovered the backdoors.…
IOCONTROL targets IoT and OT devices from a ton of makers, apparently An Iranian government-linked cybercriminal crew used custom malware called IOCONTROL to attack and remotely control US and Israel-based water and fuel management systems, according to security researchers.…
'It's a double-edged sword,' security researchers tell The Reg Feature Chinese tech company employees and government workers are siphoning off user data and selling it online - and even high-ranking Chinese Communist Party officials and FBI-wanted hackers' sensitive information is being peddled by the Middle Kingdom's thriving illegal data ecosystem.…
'Be in no doubt: the UK and others in this room are watching Russia' The government of the United Kingdom on Monday announced the formation of a Laboratory for AI Security Research (LASR) to make the nation more resilient to AI-powered cyber threats from Russia.…
USB sticks help, but it's unclear how tools that suck malware from them are delivered A cyberespionage APT crew named GoldenJackal hacked air-gapped PCs belonging to government and diplomatic entities at least twice using two sets of custom malware, according to researchers from antivirus vendor ESET.…
Researchers were able to glean data from 10,000 meetings held by top Dutch gov officials Cisco squashed some bugs this week that allowed anyone to view WebEx meeting information and join them, potentially opening up security and privacy concerns for highly sensitive meets.…
Boffins, why not simply invent an algorithm that autonomously fixes flaws, thereby ending ransomware forever The US government's Advanced Research Projects Agency for Health (ARPA-H) has pledged more than $50 million to fund the development of technology that aims to automate the process of securing hospital IT environments.…
Bad configurations, insecure versions of jQuery, and crummy cookies are some of myriad problems Exclusive Five Chinese researchers examined the configurations of nearly 14,000 government websites across the country and found worrying lapses that could lead to malicious attacks, according to a not-yet-peer-reviewed study released last week.…
Plus potential links to I-Soon, researchers say Chinese cyberspies have compromised at least 70 organizations, mostly government entities, and targeted more than 116 victims across the globe, according to security researchers.…