Organizations worldwide are in a race to adopt AI technologies into their cybersecurity programs and tools. A majority (65%) of developers use or plan on using AI in testing efforts in the next three years. There are many security applications that will benefit from generative AI, but is fixing code one of them? For many DevSecOps teams, generative AI represents the holy grail for clearing their increasing vulnerability backlogs.
MOVEit Transfer, the software at the center of the recent massive spree of Clop ransomware breaches, has received an update that fixes a critical-severity SQL injection bug and two other less severe vulnerabilities. SQL injection vulnerabilities allow attackers to craft special queries to gain access to a database or tamper with it by executing code. For these attacks to be possible, the target application must suffer from a lack of appropriate input/output data sanitization. Progress, the developer of MOVEit Transfer, discovered multiple SQL injection problems in their product that include a critical one tracked as CVE-2023-36934, which can be exploited without user authentication.
Two spyware applications posing as file management tools have been discovered on the Google Play Store with a total of at least 1.5 million installs. The apps, attributed to the same developer and discovered by cybersecurity firm Pradeo, exhibit similar malicious behaviors and operate without user interaction. Their main objective is to covertly extract and transmit sensitive user data to malicious servers based in China. The findings were reported to Google. One of the spyware applications falsely claimed on its Google Play Store profile that it does not collect user data.
Robots have no plans to steal the jobs of humans or rebel against their creators, but would like to make the world their playground, nine of the most advanced humanoid robots have told an artificial intelligence summit in Geneva. In what was described as “the world’s first human-robot press conference”, one robot, Sophia, said humanoid robots had the potential to lead with “a greater level of efficiency and effectiveness than human leaders” but that “effective synergy” came when humans and AI worked together. “AI can provide unbiased data while humans can provide the emotional intelligence and creativity to make the best decisions. Together, we can achieve great things,” it said.
A 53-year-old man from Tracy, California, has been charged for allegedly hacking into the systems of a water treatment facility in an attempt to delete critical software. The suspect, Rambler Gallo, has been charged with “transmitting a program, information, code, and command to cause damage to a protected computer”, but this is a case of unauthorized access rather than actual hacking. Gallo worked for a company contracted by the town of Discovery Bay in California to operate its water treatment facility, which serves 15,000 residents.
The rise of Vishing (voice or VoIP phishing) has impacted consumers’ trust in unidentified callers. Usually, calls from bank employees or salespeople are common, but what if a fraudster makes the call? According to a report from ThreatFabric, published on 7 July 2023, vishing attacks have become much more sophisticated lately. In a newly detected muli-stage vishing campaign attackers are using an advanced toolset dubbed LetsCall, featuring strong evasion tactics. LetsCall is targeting users in South Korea, but considering how sophisticated it is, ThreatFabric researchers believe attackers can expand this campaign to European Union countries. What makes it unique is that it is a “ready-to-use framework, which any threat actor could use.”
In a breakthrough against cybercrime, authorities have apprehended a suspected senior member of the notorious cybercriminal organization known as OPERA1ER. The arrest, which occurred in Côte d’Ivoire, a country in West Africa, marks a significant blow to the group’s criminal activities that have targeted financial institutions and mobile banking services across Africa, Asia, and Latin America. The international operation, codenamed Nervone, was conducted in collaboration between INTERPOL, AFRIPOL, Group-IB, and Côte d’Ivoire’s Direction de l’Information et des Traces Technologiques (DITT).
Security researchers observed a new campaign they attribute to the Charming Kitten APT group where hackers used new NokNok malware that targets macOS systems. The campaign started in May and relies on a different infection chain than previously observed, with LNK files deploying the payloads instead of the typical malicious Word documents seen in past attacks from the group. Charming Kitten is also known as APT42 or Phosphorus and has launched at least 30 operations in 14 countries since 2015, according to according to Mandiant.