Security News

Frustration grows over Google's AI Overviews feature, how to disable
2024-05-19 17:43

Since Google enabled its AI-powered search feature, many people have tried and failed to disable the often incorrect AI Overviews feature in regular search results. AI Overviews, also known as "Search Generative Experience," is Google's new search feature that summarizes web content using its in-house LLM. Google says AI overviews appear only when the search engine believes it can provide more value than traditional blue links.

CISA warns of hackers exploiting Chrome, EoL D-Link bugs
2024-05-19 14:17

The U.S. Cybersecurity & Infrastructure Security Agency has added three security vulnerabilities to its 'Known Exploited Vulnerabilities' catalog, one impacting Google Chrome and two affecting some D-Link routers. Two days after disclosing CVE-2024-4761 Google announced that another vulnerability in Chrome's V8 engine has been exploited in the wild, but CISA has yet to add it to the KEV catalog.

Chinese Nationals Arrested for Laundering $73 Million in Pig Butchering Crypto Scam
2024-05-19 09:46

The U.S. Department of Justice (DoJ) has charged two arrested Chinese nationals for allegedly orchestrating a pig butchering scam that laundered at least $73 million from victims through shell...

Week in review: New Black Basta’s social engineering campaign, passing the CISSP exam in 6 weeks
2024-05-19 08:00

How a GRC consultant passed the CISSP exam in six weeksAsk any IT security professional which certification they would consider to be the "Gold standard" in terms of prestige, credibility, or difficulty, and almost invariably they will answer: the CISSP. BLint: Open-source tool to check the security properties of your executablesBLint is a Binary Linter designed to evaluate your executables' security properties and capabilities, utilizing LIEF for its operations. OWASP dep-scan: Open-source security and risk audit toolOWASP dep-scan is an open-source security and risk assessment tool that leverages information on vulnerabilities, advisories, and licensing restrictions for project dependencies.

Grandoreiro Banking Trojan Resurfaces, Targeting Over 1,500 Banks Worldwide
2024-05-19 07:59

The threat actors behind the Windows-based Grandoreiro banking trojan have returned in a global campaign since March 2024 following a law enforcement takedown in January. The large-scale phishing...

Ransomware gang targets Windows admins via PuTTy, WinSCP malvertising
2024-05-18 18:23

A ransomware operation targets Windows system administrators by taking out Google ads to promote fake download sites for Putty and WinSCP. WinSCP and Putty are popular Windows utilities, with WinSCP being an SFTP client and FTP client and Putty an SSH client. System administrators commonly have higher privileges on a Windows network, making them valuable targets for threat actors who want to quickly spread through a network, steal data, and gain access to a network's domain controller to deploy ransomware.

An attorney says she saw her library reading habits reflected in mobile ads. That's not supposed to happen
2024-05-18 17:04

Concerns about the privacy of library reading material date back to the early 20th century, explained Dorothea Salo, academic librarian and library-school instructor at the University of Wisconsin-Madison, to The Register. Library privacy became national news in 2005 when George Christian, then executive director of Library Connection, a Connecticut library consortium, received a National Security Letter from the FBI. The Feds, under the US Patriot Act, demanded library patron information without a warrant and imposed a lifetime gag order that forbade disclosure of the NSL. Christian and three colleagues, who became known as the Connecticut Four, refused to comply and a district court eventually found the gag order unconstitutional, prompting the government to drop its demand.

Banking malware Grandoreiro returns after police disruption
2024-05-18 14:12

The banking trojan "Grandoreiro" is spreading in a large-scale phishing campaign in over 60 countries, targeting customer accounts of roughly 1,500 banks. In January 2024, an international law enforcement operation involving Brazil, Spain, Interpol, ESET, and Caixa Bank announced the disruption of the malware operation, which had been targeting Spanish-speaking countries since 2017 and caused $120 million in losses.

Android malware Grandoreiro returns after police disruption
2024-05-18 14:12

In January 2024, an international law enforcement operation involving Brazil, Spain, Interpol, ESET, and Caixa Bank announced the disruption of the malware operation, which had been targeting Spanish-speaking countries since 2017 and caused $120 million in losses. IBM X-Force noticed several new features and significant updates in the latest variant of the Grandoreiro banking trojan, making it a more evasive and effective threat.

Gawd, after that week, we wonder what's next for China and the Western world
2024-05-18 12:35

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.