The Akira ransomware group has allegedly claimed the Quik Pawn Shop cyberattack on the dark web, adding yet another victim to their list. The cyberattack on Quik Pawn Shop, which occurred on February 22, 2024, has left Quik Pawn Shop grappling with the aftermath of a data breach. Established in 1978, Quik Pawn Shops has […]
Feb 23, 2024NewsroomSupply Chain Attack / Malware A dormant package available on the Python Package Index (PyPI) repository was updated nearly after two years to propagate an information stealer malware called Nova Sentinel. The package, named django-log-tracker, was first published to PyPI in April 2022, according to software supply chain security firm Phylum, which detected […]
The breach did not compromise payment details, and U-Haul has reset passwords for affected accounts, implemented additional security measures, and offered one-year identity theft protection service to affected customers.
Machine learning and artificial intelligence are popular buzzwords for today’s IT professionals, but in the case of your organization’s data centers, they hold real promise. ML software actively predicts situations faster than you or your team might notice them and maybe even solves them quicker. These systems are a logical extension of today’s hybrid data […]
Feb 23, 2024NewsroomData Privacy / iOS Security Details have emerged about a now-patched high-severity security flaw in Apple’s Shortcuts app that could permit a shortcut to access sensitive information on the device without users’ consent. The vulnerability, tracked as CVE-2024-23204 (CVSS score: 7.5), was addressed by Apple on January 22, 2024, with the release of […]
Feb 23, 2024NewsroomRed Teaming / Artificial Intelligence Microsoft has released an open access automation framework called PyRIT (short for Python Risk Identification Tool) to proactively identify risks in generative artificial intelligence (AI) systems. The red teaming tool is designed to “enable every organization across the globe to innovate responsibly with the latest artificial intelligence advances,” […]
Created by John Tuckner and the team at workflow and automation platform Tines, the SOC Automation Capability Matrix (SOC ACM) is a set of techniques designed to help security operations teams understand their automation capabilities and respond more effectively to incidents. A customizable, vendor-agnostic tool featuring lists of automation opportunities, it’s been shared and recommended […]
By Dylan Duncan Cofense Intelligence is tracking an advanced campaign that is successfully reaching intended targets in the Oil and Gas industry. The campaign delivers an uncommon, but advanced, Malware-as-a-Service information stealer, the Rhadamanthys Stealer. This new and advanced phishing campaign employs a recently updated Malware-as-a-Service (MaaS) within days of law enforcement’s takedown of LockBit […]
Two Chinese nationals have been found guilty of running a sophisticated fraud scheme in which they attempted to con Apple out of millions of dollars, by sending it thousands of fake iPhones. Haotian Sun (aka Hao Sun, Jack Sun) of Baltimore, Maryland, and Pengfei Xue, 33, of Germantown, Maryland, were convicted of mail fraud and conspiracy […]