Israel to Expose Identities of Iranian Cyberattack Group at Cybertech Global Tel Aviv
Gaby Portnoy, head of the Israel National Cyber Directorate (INCD), will expose the identities of hackers affiliated with the Iranian cyberattack group known as Black Shadow at the Cybertech Global Tel Aviv conference. The group, operating on behalf of the Iranian Intelligence Ministry, has been responsible for a series of cyber-attacks against Israeli companies and targets. Portnoy will reveal that the group operates undercover in Tehran and has attempted to attack a wide range of sectors in Israel, including academia, tourism, media, finance, transportation, health, government, and technology.
Unpatched Vulnerability in D-Link NAS Devices Exploited in the Wild
An unpatched vulnerability affecting D-Link network-attached storage (NAS) devices has been discovered and is reportedly being exploited in the wild. The vulnerability, identified as CVE-2024-3273, impacts several D-Link NAS models, enabling unauthenticated attackers to execute arbitrary commands on the device. Despite D-Link’s advisory to discontinue using affected devices, exploitation attempts have been observed, highlighting the ongoing threat to D-Link devices and the need for proactive security measures.
Scammers using fake AI services on Facebook to distribute malware
Scammers are using the allure of artificial intelligence features and services to dupe unsuspecting Facebook users into downloading malicious software on their computers. Security firm Bitdefender has uncovered a scheme where scammers hijack Facebook Pages and pose as legitimate AI services, promising early access to experimental AI research and products. Once users follow the Pages, the scammers post AI-generated content and instruct followers to download software, which is actually malware. Bitdefender discovered a popular Facebook Page, Midjourney AI, with 1.2 million followers before it was shut down by Facebook. However, new pages continue to crop up, creating a game of Whac-a-Mole. Users were directed to download software through Google Drive or Dropbox links, and inspecting the Pages would reveal they aren’t associated with the companies they claim to represent.
State Governments’ Role in Boosting K-12 Cybersecurity
State governments play a crucial role in providing assistance to fortify K-12 schools against digital threats. With the evolving landscape of cybersecurity threats, collaboration between federal and state governments is essential to create a comprehensive approach to K-12 cybersecurity.
Urgent Warning for Google Chrome Users on Windows
Google Chrome users on Windows are urged to update their browser immediately due to critical security fixes for CVE-2024-2883 and three high-risk issues. The ‘use after free’ vulnerability could potentially allow attackers to run arbitrary code on users’ PCs. Google aims to deploy the patch within 30 days, emphasizing the urgency of the situation. It is crucial for Windows users to update their browsers to mitigate the risk of exploitation and protect their devices from potential security threats.
Cybersecurity Tech Company Rubrik Plans IPO After Microsoft Support
Rubrik, a cybersecurity tech company supported by Microsoft (NASDAQ:MSFT), is planning to initiate an initial public offering (IPO) as early as next week. Founded in 2014, Rubrik provides innovative cybersecurity solutions such as cloud-based ransomware protection. Some of its major customers include NVIDIA (NASDAQ:NVDA) and Home Depot (NYSE:HD). Microsoft invested in Rubrik in 2021, with the company’s valuation estimated at around $4 billion. According to Bloomberg, Rubrik could aim to raise between $500 million and $700 million from its IPO. Other top IPO contenders such as Stripe and Databricks could possibly wait for another year before stepping into public markets.
New Linux Version of DinodasRAT Identified as V10, Poses Threat to Linux-Based Systems
DinodasRAT, also known as XDealer, is a multi-platform backdoor that targets government entities. A new Linux variant, V10, has been discovered, posing a significant threat to Linux-based systems. The backdoor maintains persistence and evades detection, making it challenging to detect with debugging and monitoring tools.
New Cybercrime Software ‘GEOBOX’ Sold on Telegram Allows Hackers to Convert Raspberry Pi into Anonymous Cyberattack Tools
GEOBOX, a new cybercrime software sold on Telegram, allows inexperienced hackers to convert Raspberry Pi mini-computers into anonymous cyberattack tools. Priced at $80 per month or $700 for a lifetime license, the software enhances anonymity and complicates law enforcement tracking and investigation. Resecurity warns of the potential misuse of such cybercrime software and its impact on cybersecurity.
The Evolution of AI in Cybersecurity Threats
AI is changing the cybersecurity landscape, and businesses need to prioritize cybersecurity as a critical component of their growth strategy. Panelists at Istari Global’s Charter Asia-Pacific Cyber Congress emphasized the need for better coordination and urgency in addressing cybersecurity issues, highlighting the importance of understanding cyber threats and leveraging threat intelligence to gain insights into emerging threats and attackers. With the integration of AI into the threat landscape, proactive cybersecurity measures are essential to safeguard digital assets and operations.
Cisco Completes Acquisition of Splunk, Enhancing Digital Visibility and Insights
Cisco completes acquisition of Splunk, enhancing visibility and insights across digital landscapes. Integration of network capabilities with leading security and observability solutions aims to empower teams to defend critical infrastructure and enhance network experience. Chuck Robbins, CEO of Cisco, excited about potential for revolutionizing how customers harness data. This development signifies a pivotal step in the evolution of Cisco’s offerings, highlighting its commitment to empowering organizations and fortifying their defenses against emerging threats.