Security News > 2023 > December
Two British teens who were members of the Lapsus$ gang have been sentenced for their roles in a cyber-crime spree that included compromising Uber, Nvidia, and fintech firm Revolut, and also blackmailing Grand Theft Auto maker Rockstar Games. Arion Kurtaj, 18, of Oxfordshire, was sentenced Thursday to detention at a hospital in the UK for an indefinite amount of time.
Google and Twitter ads are promoting sites containing a cryptocurrency drainer named 'MS Drainer' that has already stolen $59 million from 63,210 victims over the past nine months. According to blockchain data on MS Drainer's activity, one of its Ethereum-chain victims lost $24 million worth of cryptocurrency, while other notable cases involve victims losing between $440,000 and $1.2 million.
Kurtaj who is 18 years of age and autistic is among the primary Lapsus$ threat actors, and was involved in the leak of assets associated with the video game, Grand Theft Auto VI. Sentenced to life in a 'secure hospital'. Arion Kurtaj, a member of the Lapsus$ cybercrime group, was sentenced indefinitely to a "Secure hospital" by a British judge, according to a BBC report.
Microsoft says the APT33 Iranian cyber-espionage group is using recently discovered FalseFont backdoor malware to attack defense contractors worldwide. "Microsoft has observed the Iranian nation-state actor Peach Sandstorm attempting to deliver a newly developed backdoor named FalseFont to individuals working for organizations in the Defense Industrial Base sector," the company said.
First American Financial Corporation, the second-largest title insurance company in the United States, took some of its systems offline today to contain the impact of a cyberattack. "First American has experienced a cybersecurity incident," the company said in a statement published on a website dedicated to the cyberattack.
First American Financial Corporation, the second-largest title insurance company in the United States, took some of its systems offline today to contain the impact of a cyberattack. "First American has experienced a cybersecurity incident," the company said in a statement published on a website dedicated to the cyberattack.
Generative AI can be used by attackers, but security professionals shouldn't lose sleep over it, according to a Google Cloud threat intelligence analyst. Google Cloud's team recently spoke about the most notable cybersecurity threats of 2023 - multi-faceted extortion and zero-day exploitation - and predicted more zero-day attacks in 2024, during two public, virtual sessions.
Microsoft is deprecating Defender Application Guard for Edge for Business users. Microsoft Defender Application Guard blocks potential threats by opening them in a secure sandbox using hardware-based virtualization.
A new analysis of the sophisticated commercial spyware called Predator has revealed that its ability to persist between reboots is offered as an "add-on feature" and that it depends on the...
OpenAI has mitigated a data exfiltration bug in ChatGPT that could potentially leak conversation details to an external URL. According to the researcher who discovered the flaw, the mitigation isn't perfect, so attackers can still exploit it under certain conditions. Security researcher Johann Rehberger discovered a technique to exfiltrate data from ChatGPT and reported it to OpenAI in April 2023.