Tag: technews

Chinese hacker group Earth Longzhi resurfaces with more advanced malware tactics This is not the first time that Earth Longzhi has leveraged the BYOVD technique, and its attacks against organizations in East and Southeast Asia and Ukraine date back to November 2022. According to the company’s research, earth longzhi remains active and continues to improve…

Google Introduces Paswordsless Secure Sign-In with Passkeys for Google Accounts Passkeys, backed by the FIDO Alliance, are a more secure way to sign in to apps and websites without having to use a traditional password. Passkeys are resistant to online attacks like phishing, making them more secure than things like SMS one-time codes. Almost five…

A Data Augmentation Approach for Brain Lesion Segmentation from China In this paper, the authors describe a new approach called CarveMix, which was proposed as a data augmentation technique for brain lesion segmentation. They use a set of 3D annotated images with brain lesions to train a neural network to analyze brain tissue. The goal…

FTC pushes to end Meta’s profiting off children’s data On Wednesday, the FTC announced that it plans to make some changes to how Meta operates. The agency accuses the company of violating child privacy protections under the Children’s Online Privacy Protection Act and COPPA. The violations arose from an independent assessor’s review of Meta’s privacy…

North Korea’s ScarCruft malware group has been observed deploying a new remote access tro The North Korean threat actor ScarCruft started experimenting with oversized LNK files as a delivery route for RokRAT malware in July 2022, the same month that Microsoft began blocking macros across Office documents by default. Other bespoke malware used by the…

Meta security analysts warn of fake ChatGPT apps In the company’s new Q1 security report, Meta admits that there are broad occurrences of fake ChatGPT malware that exists to hack user accounts and take over business pages. It also notes that these malicious bots are following popular trends and engaging people’s attention. For any business…

Alert: Active Exploitation of TP-Link, Apache, and Oracle Vulner The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three more vulnerabilities to its Catalog of Exploited Vulnerabilities for Enterprises. The latest addition to the list is a bug in Oracle WebLogic Server version 12.2.1.0 that allows an unauthenticated attacker with network access with network…

Amazon Adds Prime Video Originals to its Free Streaming Service Amazon is adding over 100 original Prime Video titles to Freevee, the company’s free ad-supported streaming option, this year. This includes the first three episodes of shows like The Summer I Turned Pretty and A League of Their Own, as well as the first few…

Google Blocks 1.43 Million Malicious Apps, Bans 173,000 Bad Accounts in Google blocked 1.43 million bad apps from being published to the Play Store in 2022 by introducing improved security features and app review processes. This included banning 173,000 bad accounts and preventing over $2 billion in fraudulent and abusive transactions. Google also implemented identity…

APT28 Targets Ukrainian Government Entities with Malicious “Windows Update” Emails CERT-UA has warned of cyberattacks conducted by Russian nation-state hackers targeting Ukrainian government entities. The hackers sent phishing emails impersonating system administrators with fake Microsoft Outlook accounts. CERT-UA is recommending organizations restrict users’ ability to run PowerShell scripts and monitor network connections to the Mocky…