VF Corporation, one of the largest apparel companies in the world, reported a cyberattack to the U.S. Securities and Exchange Commission (SEC) on the first day of a new cyber incident reporting rule.

The SEC does not aim to manage security but wants better disclosures. The final rule requires the disclosure of material cybersecurity incidents, but does not require specific technical details to avoid providing a roadmap for future attacks.

The Financial Stability Oversight Council has classified artificial intelligence as an “emerging vulnerability” in the financial system, acknowledging both its potential for innovation and the risks it poses.

Xorbot utilizes encryption and decryption algorithms, borrowed from the Mirai source code, to encrypt communication with its command and control server and store sensitive information.

Microsoft has introduced Windows Protected Print Mode (WPP) to enhance security and eliminate vulnerabilities in the Windows print system. These changes aim to reduce the attack surface and enhance user safety.

The vulnerabilities, CVE-2023-35384 and CVE-2023-36710, allow an attacker to bypass security measures and execute code on a victim’s machine by tricking Outlook into downloading a specially crafted sound file.

A Canadian-Russian man, Mikhail Vasiliev, who is facing extradition to the United States for his alleged involvement in the LockBit ransomware group, is now facing new cybercrime charges in Ontario.

The accessed data included sensitive details such as names, addresses, phone numbers, Social Security numbers, and bank account numbers of individuals associated with mortgage loans serviced by Mr. Cooper.

The malware is being distributed through emails pretending to be from an IRS employee, with recipients unknowingly downloading the QakBot DLL when attempting to view a PDF attachment.