Security News > 2024 > February

Cybercriminals increasingly use open-source intelligence to craft convincing backstories, often by mining social media profiles for details on a target's profession, interests, and routines. Armed with these personal insights, these malicious actors leverage chatbots to compose highly persuasive messages.

The extent of the scam was revealed on Monday in an audit of the ATO's management and oversight of fraud control arrangements for the Goods and Services Tax - Australia's equivalent of a value-added or sales tax. The scam promoted in online ads detailed a means of securing a loan from the ATO - an outright lie, as Australian tax authorities are not notably more generous than others around the world.

This growth's unintended side effect is an ever-expanding attack surface that, coupled with the availability of easily accessible and criminally weaponized generative AI tools, has increased the need for highly secure remote identity verification. "Generative AI has provided a huge boost to threat actors' productivity levels: these tools are relatively low cost, easily accessed, and can be used to create highly convincing synthesized media such as face swaps or other forms of deepfakes that can easily fool the human eye as well as less advanced biometric solutions. This only serves to heighten the need for highly secure remote identity verification," says Andrew Newell, Chief Scientific Officer, iProov.

Initial access brokers are increasingly targeting entities within NATO member states, indicating a persistent and geographically diverse cyberthreat landscape, according to Flare. Flare analyzed hundreds of IAB posts on the Russian-language hacking forums, and discovered recent activity in 21 out of the 31 NATO countries - confirming the extensive reach and consistent potential threat IABs pose to national security and economic stability.

Patch Tuesday Microsoft fixed 73 security holes in this February's Patch Tuesday, and you better get moving because two of the vulnerabilities are under active attack. First up: CVE-2024-21412, an internet shortcut file security feature bypass vulnerability that earned an 8.1-out-of-10 CVSS severity rating though Redmond only considers it important.

A 20-plus-year-old security vulnerability in the design of DNSSEC could allow a single DNS packet to exhaust the processing capacity of any server offering the system for domain-name resolution, effectively disabling the machine. Yes, a single DNS packet can take out a remote DNSSEC server.

Prudential Financial has disclosed that its network was breached last week, with the attackers stealing employee and contractor data before being blocked from compromised systems one day later. "As of the date of this Report, we believe that the threat actor, who we suspect to be a cybercrime group, accessed Company administrative and user data from certain information technology systems and a small percentage of Company user accounts associated with employees and contractors," Prudential said.

Microsoft has patched today a Windows Defender SmartScreen zero-day exploited in the wild by a financially motivated threat group to deploy the DarkMe remote access trojan.The hacking group was spotted using the zero-day in attacks on New Year's Eve day by Trend Micro security researchers.

Microsoft has released the KB5034763 cumulative update for Windows 10 21H2 and Windows 10 22H2, which includes a small number of changes, including the continued rollout of changes to comply with Europe's Digital Markets Act. KB5034763 is a mandatory Windows 10 cumulative update containing the February 2024 Patch Tuesday security updates.

The paperback version of A Hacker's Mind has just been published. This is the real reason I am posting this-Amazon has significantly discounted the hardcover to $15 to get rid of its stock.