How AI is Transforming Businesses

December 1, 2022

While artificial intelligence (AI) is seen as a new phenomenon in mainstream society, it is not a new concept. As AI technologies increase, AI is becoming increasingly important for companies looking to stay competitive. What is AI Artificial intelligence is a broad term for any computer software that engages in human-like activities. This includes learning, planning, and problem-solving. Machine Learning Many different types of artificial intelligence (AI) are used in business today.

Scammers Impersonating Refund Payment Portals

November 30, 2022

The FBI warns about scammers pretending to be refund payment gateways from financial institutions to steal sensitive information from unsuspecting victims. The federal law enforcement agency stated that scammers deceive victims into granting them access to their computers via email or phone calls by posing as representatives of technical or computer repair companies. According to the FBI, scammers typically start by specifying the service to be renewed and include a fee, usually between $300 and $500 USD, causing a sense of urgency for the victims to supply information for a refund.

Twitter’s Data Leak Exposes Over 5.4 Million Users

November 29, 2022

Earlier this year, Twitter confirmed that an API vulnerability had caused a massive data leak containing non-public information for over 5.4 million Twitter users. Twitter denied claims that hackers had leaked the private information priorly. However, Pompompurin, the owner of the hacking forum Breached, stated they were responsible for exploiting the API bug and platforming the data after another hacker shared the vulnerability with them. The stolen data includes public information like Twitter IDs, account names, logins, locations, and verified status.

Phishing-as-a-Service on the Rise with Caffeine

November 28, 2022

Threat actors may now launch their own sophisticated assaults thanks to the emergence of Phishing as a Service (PhaaS) platforms like "Caffeine." Through an open registration procedure, anyone who wishes to launch their phishing campaign can sign up on these platforms. Security experts at Mandiant discovered the first sighting of these threats while investigating a large-scale phishing campaign. The purpose of this campaign was to steal Microsoft 365 credentials.

Vice Society Claims Cincinnati State College Cyberattack

November 26, 2022

Data allegedly stolen from Cincinnati State Technical and Community College has been leaked after Vice Society attacked the campus. Many of the stolen documents were posted on the hackers' websites. These documents date from several years ago until November 24, 2022, suggesting that threat actors still have access to the compromised systems, but this has not been confirmed. The leaked files contain personally identifiable information and can be accessed freely.

Hackers Execute Arbitrary Code with Microsoft Office

November 25, 2022

According to cybersecurity experts at Cisco Talos, Microsoft Office has a high-severity vulnerability that could allow prospective cyber attackers to execute malicious code on the target device remotely. Microsoft announced the issue in a brief blog post, stating that its researcher Marcin 'Icewall' Noga had identified a class attribute double-free vulnerability impacting Microsoft Excel. The victim would give the attacker access to their device by launching a malicious Excel file.

Malicious SEO Campaign Affects Thousands of Sites

November 24, 2022

In a massive malicious SEO campaign, cybercriminals are promoting low-quality Q&A sites by redirecting visitors to fake discussion forums. As a result, almost 15,000 sites have been compromised. In September 2022, researchers at Sucuri discovered the attacks. Each compromised site was found to contain approximately 20,000 files that were utilized in the search engine campaign. Researchers believe that the goal of threat actors is to generate enough indexed pages in order for them to increase their authority in the search engines.

Phishing Kit Targets US Shoppers

November 23, 2022

Security experts at Akamai have discovered a campaign that uses an elaborate phishing kit. This campaign targets Americans using lures centered around holidays like Labor Day and Halloween. The kit combines several methods and employs several evasion detection techniques to prevent non-victims from visiting its phishing pages. One of the most intriguing aspects of the kit is a token-based method that ensures each victim is forwarded to a different URL for a phishing page.

Lenovo Patches Critical Security Flaws

November 22, 2022

Lenovo reports that it has patched two critical security flaws that affected several of its ThinkBook, IdeaPad, and Yoga laptops. Lenovo is also recommending that consumers update their systems immediately. The flaws make it possible for cybercriminals to deactivate the UEFI Secure Boot tool, allowing them to load and run malicious scripts during the system boot process (before the OS is brought up). Most antivirus programs become worthless when malware loads before the OS and makes the malware resistant to OS reinstallations.

DuckDuckGo Releases App Tracking Protection Beta for Android

November 21, 2022

The feature is comparable to Apple's 'App Tracking Transparency. However, unlike Apple, DuckDuckGo's method does not rely on app developers' compliance with user choice. All known trackers are blocked. According to DuckDuckGo, Android users have an average of 35 applications installed on their smartphones, resulting in between 1,000 and 2,000 monitoring attempts every day for over 70 tracking organizations. As users go about their daily lives using their mobile devices for things like online browsing, playing games, and checking the weather, the App Tracking Protection will ostensibly block any tracking attempts in the background.

Contact

Network Revolution

Social Media