Events

MiTM phishing attack can let attackers unlock and steal a Tesla
Events

MiTM phishing attack can let attackers unlock and steal a Tesla

The title and content have been clarified to indicate that, while a Flipper Zero was used in this MiTM phishing attempt, other devices might have been used. Researchers gave an example of how to launch a Man-in-the-Middle (MiTM) phishing attack to gain access to Tesla accounts and start the vehicles. The most recent versions of the Tesla OS (11.1 2024.2.7) and app (4.30.6) are vulnerable to the exploit. Security researchers Tommy Mysk and Talal Haj Bakry register a new "Phone key" that may be used to access the Tesla as part of this assault. The researchers informed Tesla of their results, claiming that sufficient identification security is lacking when connecting a car to a new phone read more MiTM phishing attack can let attackers unlock and steal a Tesla. Get up to date on ...
Zero-day vulnerability in MoveIt Transfer under attack
Events

Zero-day vulnerability in MoveIt Transfer under attack

Progress Software's MOVEit Transfer managed file transfer application has a major bug that has been widely exploited in the field to take control of unprotected systems. A serious SQL injection vulnerability that might result in elevated privileges and probable unauthorized access to the environment is the flaw, which has not yet been given a CVE number. The company reported that a SQL injection vulnerability in the MOVEit Transfer online application might give an unauthenticated attacker access to the company's database without authorization read more Zero day vulnerability in MoveIt Transfer under attack. Stay one step ahead of cyber threats with ReconBee.com. Explore our comprehensive coverage of recent cyber attacks, cybersecurity awareness, and the latest cybersecurity news ...
CISA Warns Against Royal Ransomware in New Advisory
Events, Risk, Security

CISA Warns Against Royal Ransomware in New Advisory

Against the Royal Ransomware organization, the US Cybersecurity and Infrastructure Security Agency (CISA) has released a new alert warning system. The paper, which was made public on Thursday in partnership with the FBI as part of the Agency's #StopRansomware campaign, lists indications of compromise (IOCs) and strategies, methods, and procedures (TTPs) related to Various ransomware variants. Since September 2022, recent hostile behavior by threat actors using a specific malware read more CISA Warns Against Royal Ransomware in New Advisory. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.
CISA Shares Advice to Improve Networks Monitoring and Hardening
Events, Risk, Security

CISA Shares Advice to Improve Networks Monitoring and Hardening

The US Cybersecurity and Infrastructure Security Agency has released new guidelines to assist network defenders in strengthening their system monitoring and hardening efforts (CISA). The suggestions are the result of a red team assessment (RTA) CISA that was carried out in 2022 at the request of a sizable critical infrastructure company with numerous geographically dispersed buildings, which must remain unidentified. The team eventually got access to systems close to the organization's sensitive business systems (SBSs) after gaining persistent access to the organization's network read more CISA Shares Advice to Improve Networks Monitoring and Hardening. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the&nbs...
Snap teams up with OpenAI to launch own AI chatbot
Business, Events, Resources

Snap teams up with OpenAI to launch own AI chatbot

Snap plans to launch its own experimental AI chatbot for consumers this week as part of a collaboration using OpenAI's GPT technology. The social media business has announced the launch of its own experimental AI chatbot for its multi-media instant messaging Snapchat program, developed using the most recent version of ChatGPT's large-language model technology. According to the corporate website, Snapchat's blue-haired AI sidekick, dubbed "My AI," will be available solely to Snapchat+ subscribers read more Snap teams up with Ope...
California city of Oakland declares state of emergency over week-long ransomware attack
Events, Reputation, Risk, Security

California city of Oakland declares state of emergency over week-long ransomware attack

Oakland, California has declared a local state of emergency as a result of the negative impacts of a crippling ransomware assault that last week completely shut down most city services. A municipal state of emergency was proclaimed by Oakland, California, government officials on Tuesday night, nearly seven days after a ransomware attack rendered the majority of city services unavailable. The statement was published on the City of Oakland website and was made by interim city administrator G. Harold Duffey. Declaring a local emergency enables the City of Oakland to swiftly acquire supplies and equipment read more California city of Oakland declares state of emergency over week long ransomware attack.
MoneyGram Fraud Victims Get $115m in Compensation
Events, Resources, Risk, Security

MoneyGram Fraud Victims Get $115m in Compensation

According to US officials, tens of thousands of people who were victims of fraud schemes involving the money transfer provider MoneyGram will receive $115 million in compensation. The money that MoneyGram forfeited in 2018 as part of a deferred prosecution deal will be distributed to nearly 40,000 customers (DPA). The FTC and the Department of Justice spearheaded that initiative (DoJ). The FTC settlement from 2012 and a DoJ agreement from three years later, in which MoneyGram committed to crack down on scammers utilizing its service to accept victims' money, were allegedly broken by the money transfer giant. Specifically, MoneyGram had agreed to put in place fraud prevention read more MoneyGram Fraud Victims Get $115m in Compensation. Stay informed and stay ahead of the game w...
Google lost billions after it’s ChatGPT AI rival made a mistake
Events, Reputation, Resources

Google lost billions after it’s ChatGPT AI rival made a mistake

Following the revelation that Alphabet Inc.'s (GOOG) AI chatbot Bard provided false information in a promotional film that was used to showcase its capabilities during a live press conference on Wednesday, the company's shares fell by about 9%. Additionally, the promotional video was published on Twitter at least 48 hours before the event. The video and the error made by ChatGPT's competition, which was initially uncovered by Reuters, have now been viewed by around a million individuals. Bard's online error wasn't enough of a setback for the firm; after the wrong search results were displayed, the hyped-up press conference, "Google: Live from Paris," was unexpectedly cut short, leaving viewers in the dark. For more specific information on Bard as well as other Google AI innovatio...
Researchers Warn of Crypto Scam Apps on Apple App Store
Events, Risk, Security

Researchers Warn of Crypto Scam Apps on Apple App Store

The first "cryptorom" scam applications, according to security experts, have been found that managed to go past Apple's rigorous App Store testing procedures. Ace Pro and MBM BitScan, the two programs in question, were also found on Google Play. Users will be alarmed by their appearance in the App Store, which is often subject to tougher security regulations. According to Sophos, the apps are also resistant to Apple's Lockdown mode, which is intended to shield users from sophisticated social engineering. Malware generally has a difficult time navigating the Apple App Store's security screening procedure. Because of this, when we first started looking into cryptorom schemes aimed against iOS users the con artists would have to convince consumers to first read the complete article ...