Security executives are overwhelmingly craving more AI solutions in 2023 to help them battle the growing cybersecurity threat landscape, according to a report by Netrix Global.
Scam Sniffer used blockchain analysis to detect the Pink Drainer hacking group, which it said has now stolen over $3 million from more than 2000 victims, some of which are said to be high-profile individuals such as OpenAI CTO Mira Murati.
In their haste to make money, some new players are picking over the discarded remnants of previous ransomware groups, cobbling together ransomware rather than going through the trouble of coding bespoke crypto-locking software.
According to The Athletic, three class action lawsuits related to the breach were combined into one case. The plaintiffs filed settlement papers in California federal court, the site reported, which they described as an “unopposed motion.”
Researchers found that the Strava heatmap feature opens up the possibility for tracking and de-anonymizing users using publicly available heatmap data combined with specific user metadata.
In addition to the rise in botnet-driven DDoS attacks, Nokia’s Threat Intelligence Report highlighted a doubling in the number of trojans targeting personal banking information on mobile devices, now accounting for 9% of all infections.
The vulnerability, tracked as CVE-2023-27997, is “reachable pre-authentication, on every SSL VPN appliance,” Lexfo Security researcher Charles Fol, who discovered and reported the flaw, said in a tweet over the weekend.
The DOJ unsealed charges filed in 2019 against 43-year-old Alexey Bilyuchenko and 29-year-old Aleksandr Verner, accusing the two of stealing 647,000 BTC from Mt. Gox and using it to underpin illicit cryptocurrency exchange BTC-e from 2011 to 2017.
The group, known as Anonymous Sudan, has claimed credit for the alleged DDoS attacks and made additional threats against the company. Microsoft officials acknowledged the public claims and are working to fully restore services.
By utilizing what the researchers term “AI package hallucinations,” threat actors can create and distribute malicious code packages that developers may inadvertently download and integrate into their legitimate applications and code repositories.