Security News > 2023 > August

In recent years, ransomware groups have evolved their tactics to not only encrypt data but also exfiltrate it, making it a double-edged weapon for extortion. The rise of data extortion ransomware has coincided with a dramatic increase in both the number of groups active and the number of attacks against organizations.

Learn seven different ways to boot a Windows 10 PC in Safe Mode to help troubleshoot issues using this comprehensive guide. Fear not: As with most Windows shortcuts, there are multiple ways to enter Safe Mode in Windows 10.

Learn how to retrieve your Google 2FA backup codes and how best to use them. Some services offer 2FA backup codes that can be used instead. Google is one such service.

A man was arrested in Northern Ireland for suspected Collection of Terrorist Information following an incident where police mistakenly leaked details that identified 10,000 serving officers, but he has now been released on bail. The information was leaked when police posted a spreadsheet online listing the surnames and initials of 10,000 serving officers in the Police Service of Northern Ireland, plus civilian staff members.

Changes in the way we work have had significant implications for cybersecurity, not least in network monitoring. From the hardware and software of the network itself, to all the devices used to access it, from IoT endpoints to laptops and smartphones, network security now needs to look beyond the perimeter to your cloud resources, edge devices, third-party hosted content, integrations with other hardware or software, and assets hosted in dispersed offices.

CVE-2023-24489, a critical Citrix ShareFile vulnerability that the company has fixed in June 2023, is being exploited by attackers.GreyNoise has flagged on Tuesday a sudden spike in IP addresses from which exploitation attempts are coming, and the Cybersecurity and Infrastructure Agency has added the vulnerability to its Known Exploited Vulnerabilities Catalog.

Researchers are trying to use AI to detect "Social norms violations." Feels a little sketchy right now, but this is the sort of thing that AIs will get better at. Tags: academic papers, artificial intelligence, DARPA, Internet and society.

The phishing attacks feature PDF documents with diplomatic lures, some of which are disguised as coming from Germany, to deliver a variant of a malware called Duke, which has been attributed to APT29. "The threat actor used Zulip - an open-source chat application - for command-and-control, to evade and hide its activities behind legitimate web traffic," Dutch cybersecurity company EclecticIQ said in an analysis last week.

A phishing campaign using QR codes has been detected targeting various industries, with the aim to acquire Microsoft credentials. "The most notable target, a major Energy company based in the US, saw about 29% of the over 1000 emails containing malicious QR codes. Other top 4 targeted industries include Manufacturing, Insurance, Technology, and Financial Services seeing 15%, 9%, 7%, and 6% of the campaign traffic respectively," said Nathaniel Raymond, cyber threat intelligence analyst at Cofense.

The U.S. Cybersecurity and Infrastructure Security Agency has added a critical security flaw in Citrix ShareFile storage zones controller to its Known Exploited Vulnerabilities catalog, based on evidence of active in-the-wild exploitation. "This vulnerability affects all currently supported versions of customer-managed ShareFile storage zones controller before version 5.11.24," Citrix said in an advisory released in June.