Air Canada, the flag carrier and the largest airline of Canada, disclosed a cyber security incident this week in which hackers “briefly” obtained limited access to its internal systems. The incident resulted in the theft of a limited amount of personal information of some of its employees and “certain records.” […]
Chinese hackers stole tens of thousands of emails from U.S. State Department accounts after breaching Microsoft’s cloud-based Exchange email platform in May. […]
Microsoft’s new AI image generation Paint tool powered by OpenAI’s DALL-E text-to-image model is now rolling out to Windows Insiders in Dev and Canary channels. […]
A “multi-year” Chinese state-sponsored cyber espionage campaign has been observed targeting South Korean academic, political, and government organizations. Recorded Future’s Insikt Group, which is tracking the activity under the moniker TAG-74, said the adversary has been linked to “Chinese military intelligence and poses a significant threat to academic, aerospace and defense, government,
A critical security vulnerability in the JetBrains TeamCity continuous integration and continuous deployment (CI/CD) software could be exploited by unauthenticated attackers to achieve remote code execution on affected systems. The flaw, tracked as CVE-2023-42793, carries a CVSS score of 9.8 and has been addressed in TeamCity version 2023.05.4 following responsible disclosure on September 6,
Google is notifying Gmail users that the webmail’s Basic HTML view will be deprecated in January 2024, and users will require modern browsers to continue using the service. […]
Ukrainian military entities are the target of a phishing campaign that leverages drone manuals as lures to deliver a Go-based open-source post-exploitation toolkit called Merlin. “Since drones or Unmanned Aerial Vehicles (UAVs) have been an integral tool used by the Ukrainian military, malware-laced lure files themed as UAVs service manuals have begun to surface,” Securonix […]
Generative AI is a double-edged sword, if there ever was one. There is broad agreement that tools like ChatGPT are unleashing waves of productivity across the business, from IT, to customer experience, to engineering. That’s on the one hand. On the other end of this fencing match: risk. From IP leakage and data privacy risks […]
Tibetan, Uyghur, and Taiwanese individuals and organizations are the targets of a persistent campaign orchestrated by a threat actor codenamed EvilBamboo to gather sensitive information. “The attacker has created fake Tibetan websites, along with social media profiles, likely used to deploy browser-based exploits against targeted users,” Volexity security researchers Callum Roxan, Paul
Kosi Goodness Simon-Ebo, a 29-year-old Nigerian national extradited from Canada to the United States last April, pleaded guilty to wire fraud and money laundering through business email compromise (BEC). […]