Multiple vulnerabilities have been found in the fingerprint sensors of Dell Inspiron 15, Lenovo ThinkPad T14, and Microsoft Surface Pro X laptops, which can be exploited to bypass Windows Hello authentication. These vulnerabilities were identified by researchers at Blackwing Intelligence in the sensors from Goodix, Synaptics, and ELAN. The key findings include: Match on Chip Sensors: These sensors, which integrate matching and biometric management functions, do not prevent a malicious sensor from spoofing a legitimate sensor’s communication, falsely claiming an authorized user has authenticat ..read more

The U.S. Securities and Exchange Commission (SEC) has guidelines and rules that relate to how publicly traded companies must handle and disclose data breaches. These rules are primarily focused on ensuring that companies provide timely, accurate, and comprehensive information to investors about risks and incidents that could affect their investment decisions. Key aspects of these rules include: Disclosure Requirements: Publicly traded companies are required to disclose material information that could affect an investor’s decision to buy, sell, or hold the company’s securities. A data breach c ..read more

In a startling revelation, ChatGPT, the advanced AI chatbot developed by OpenAI, has been found to have a significant security vulnerability. The discovery, first reported by renowned security researcher Johann Rehberger and subsequently reproduced by others, highlights a serious flaw in ChatGPT’s recently enhanced capabilities, including its Code Interpreter and file handling features. This article delves into the nature of this vulnerability, its implications, and the broader context of AI and cybersecurity. Good opportunity to raise awareness around prompt injection and data exfilration ..read more

CVE-2023-22515 and CVE-2023-22518 are critical vulnerabilities found in Atlassian Confluence, a widely used team collaboration software. CVE-2023-22515 Description: This vulnerability was discovered in publicly accessible Confluence Data Center and Server instances. Attackers exploited it to create unauthorized Confluence administrator accounts and access Confluence instances. This vulnerability did not affect Atlassian Cloud sites. Severity: It has a critical base score of 9.8 or 10.0, indicating a high level of risk. The vector notation shows that the attack vector is network-based (AV:N ..read more

Google has warned about a method by which hackers could exploit its Calendar service to create a covert Command-and-Control (C2) channel. The technique involves using Google Calendar Events for C2 communications through a Gmail account. The tool, known as Google Calendar RAT (GCR), allows the compromised machine to poll Calendar event descriptions for new commands, execute those commands, and then update the event description with the results. Since the tool operates on legitimate infrastructure, it’s challenging for defenders to detect suspicious activity​. This method is part of a broader tr ..read more

RSA-2048 is a widely used encryption scheme based on the RSA (Rivest–Shamir–Adleman) cryptosystem. The “2048” in RSA-2048 denotes the key size used for the encryption, which is 2048 bits long. RSA is an asymmetric cryptographic algorithm, which means it uses a pair of keys for encryption and decryption – a public key for encryption and a private key for decryption. This system allows for secure communication over an insecure channel, as the public key can be shared openly, but the private key remains secret. The security of RSA-2048 primarily relies on the difficulty of factoring large composi ..read more

It would seem that the global leader in aerospace, Boeing, is the most recent victim of the ransomware gang known as LockBit, which has ties to Russia. On Friday, the gang claimed on its dark web leak site that it had broken into the aerospace business and taken a significant quantity of sensitive data from the company’s computer systems. The organisation declared its breach of the company’s security on Friday. LockBit has threatened to make the data public if Boeing does not comply with their requests by November 2nd, the timeframe for which has been set. “Sensitive data was exfiltrated and r ..read more

In recent weeks, the renowned Lazarus gang, which acts as a cyber threat actor, has been more active than usual, exploiting software vulnerabilities in order to gain control of computers. Even if the vulnerabilities themselves were not novel, what is especially worrisome is the fact that some systems remained susceptible despite the fact that fixes were already available for them. Despite the availability of many updates and warnings from the programme provider, the North Korean hacker organisation known as Lazarus was able to regularly hacked a software vendor by exploiting vulnerabilities in ..read more

The Seiko Group, known for its timekeeping business, suffered a ransomware attack in July 2023 that led to the theft of around 60,000 items of personal data. The attackers, known as the BlackCat ransomware gang, targeted various entities within the Seiko Group, with Seiko Watch Corporation (SWC) being the most adversely affected. The data compromised included names, addresses, phone numbers, and/or email addresses of SWC customers. Additionally, information pertaining to job applicants, current and former employees of SWC, and some business transaction counterparties was also stolen during the ..read more

The Spanish National Police have successfully dismantled a sophisticated cybercriminal organization, resulting in the arrest of 34 individuals. This organization was involved in a multitude of computer scams, ultimately stealing and monetizing the data of over four million people. The police conducted targeted searches across various cities, including Madrid, Malaga, Huelva, Alicante, and Murcia, leading to significant confiscations, including firearms, luxury cars, and cash. The criminals engaged in various fraudulent activities such as email and SMS phishing, impersonating delivery firms and ..read more