Justice Bureau of Beijing has claimed it has the capacity to unmask the email addresses and phone numbers of senders using Apple’s AirDrop sharing.
The plan for Chinese hackers appears to be a focus on the critical infrastructure that supports military installations, but Wray warns that these groups are also likely to make more general attacks aimed at causing chaos in the lives of US civilians.
US Takes On Volt Typhoon, Chinese Hacking Group That Has Nested in Critical Infrastructure Companies
The FBI and DOJ are on the offensive against a Chinese hacking group thought to have infiltrated US critical infrastructure. Its activity highlights the need for vigilance in keeping an updated inventory of outdated and known vulnerable devices.
The 2024 Allianz survey of top risks set at least one new record for its thirteen-year history: this is the first time that every size of business reported cyber events as their leading concern.
The perpetrator of a recent attack on Microsoft also seems to have been behind a December security breach of Hewlett Packard Enterprise (HPE), the second time it hit the company in the space of a year.
The new MOAB is by far the largest COMB or “combo file” spans some 26 billion records in total and seems to include nearly all of the big data leaks of the past decade and beyond.
Another Security Breach at Microsoft by Russian State Sponsored Hackers; Does Redmond Have a Defense Problem?
While a break-in by a group of Russian state sponsored hackers might initially seem understandable, the Microsoft security breach was eventually traced back to a simple password spray on a legacy test account with some questionable permissions.
Dataset contains some 24 million email addresses that security researchers say were not previously logged by Have I Been Pwned, and many of the leaked credentials are accompanied by plaintext passwords.
Crypto drainers in an “as a service” model burst onto the scene in 2022, but 2023 was the year that they ascended to “major threat” status. Inferno malware is thus far the most successful example in terms of victim count (about 130,000) and stolen assets (about $87 million worth).
AI models rely heavily on huge troves of data to train, and according to NIST that presents a serious challenge for the industry that has no easy solutions. The NIST paper goes into impressive detail about all of the cyber threats that can be anticipated at this point, and should be required reading for AI developers.