Unidentified adversaries orchestrated a sophisticated attack campaign that has impacted several individual developers as well as the GitHub organization account associated with Top.gg, a Discord bot discovery site. “The threat actors used multiple TTPs in this attack, including account takeover via stolen browser cookies, contributing malicious code with verified commits, setting up a custom Python […]
This attack has been able to extract the entire projection matrix of OpenAI’s language models for a cost ranging from a few dollars to several thousand, depending on the model’s size and the number of queries.
The LockBit ransomware gang said it was behind an attack on South Africa’s government workers pension fund last month, which has hampered the organization’s operations and disrupted pension payments. The South African Government Pensions Administration Agency (GPAA) manages the money within the Government Employees Pension Fund (GEPF) — the largest pension fund in Africa — […]
Mar 13, 2024NewsroomPhishing Attack / Threat Intelligence A new phishing campaign has been observed delivering remote access trojans (RAT) such as VCURMS and STRRAT by means of a malicious Java-based downloader. “The attackers stored malware on public services like Amazon Web Services (AWS) and GitHub, employing a commercial protector to avoid detection of the malware,” […]
The British Library ransomware attack was likely caused by the compromise of third-party credentials coupled with no multifactor authentication (MFA) in place to stop the attackers, despite previous warnings about these risks. This is according to a British Library report that sheds new light on the October 2023 attack, which shut down digital services and […]
Mar 09, 2024NewsroomCyber Attack / Threat Intelligence Microsoft on Friday revealed that the Kremlin-backed threat actor known as Midnight Blizzard (aka APT29 or Cozy Bear) managed to gain access to some of its source code repositories and internal systems following a hack that came to light in January 2024. “In recent weeks, we have seen […]
The attack exploited the lack of proper authentication security when linking a new phone key to a Tesla, allowing an attacker to add a new “Phone Key” and gain unauthorized access to the vehicle.
The city of Hamilton, Canada, is recovering from a ransomware attack that has disrupted online government services, forcing residents to use cash transactions and manual methods for payments.
The Duvel Moortgat Brewery in Belgium was hit by a ransomware attack, causing the halt of beer production in their bottling facilities. The company’s IT systems detected the attack, leading to an immediate stop in production.