Remote Code Execution Backdoor Uses Unicode Obfuscation & Non-Standard File Extensions
Readers of this blog will know that attackers are constantly finding new ways to hide their malware and avoid detection; after all, that’s what good malware does best! We have recently observed attackers leveraging both excessive amounts of unicode as well as peculiar includes and file extensions within their WordPress backdoors to conceal their malware […] more…From Kin to Clippy — the worst Microsoft products not named Windows
Microsoft recently made it official: its misguided, useless and almost comically bad digital assistant Cortana will finally be killed this fall when Windows support for it ends. The impending death of Cortana made me think about the worst products in Microsoft’s history (not including versions of Windows), many of which have their own brand […] more…EU Parliament approves AI Act, moving it closer to becoming law
The European Parliament has approved a draft of the EU’s AI Act, taking a major step toward what could be the first comprehensive set of regulations for AI in the West. However, the legislation did not pass unanimously, with the final vote at 499 in favor, 28 against, and 93 abstentions. While today’s vote marks […] more…Actionable Threat Intel (II) – IoC Stream
Access to RELEVANT threat data is a recurring challenge highlighted by SOCs and CTI teams, at VirusTotal we want to help you understand your unique threat landscape. Indeed, tracking campaigns and threat actors in VirusTotal’s Threat Landscape module should be a smooth and simple experience. We are excited to announce that VirusTotal users can now […] more…BBC, British Airways, Novia Scotia Among First Big-Name Victims in Global Supply-Chain Hack
The Cl0p cyber-extortion gang’s hack of the MOVEit file-transfer program popular with enterprises could have widespread global impact. The post BBC, British Airways, Novia Scotia Among First Big-Name Victims in Global Supply-Chain Hack appeared first on SecurityWeek. more…Why Your IP Address is Blocked & How to Fix It
Imagine this scenario: You’re sipping a delightful cup of tea (I’m English) while catching up on the latest news when suddenly – wham! You find yourself blocked by a website, encounter a captcha verification — or perhaps your comment on a news story mysteriously vanishes into thin air. Puzzled, you shoot off an email to […] more…How to Update, Install & Remove WordPress Plugins & Themes With WP-CLI
WordPress, like other open-source content management systems, allows you to enhance your website’s appearance and functionality through custom code and third-party components like plugins and themes. It’s these extensions that allow you to publish content with added functionality for your visitors and facilitate the unique look of your brand. While the developers who build these […] more…Russia Blames US Intelligence for iOS Zero-Click Attacks
Kaspersky said its corporate network has been targeted with a zero-click iOS exploit, just as Russia’s FSB said iPhones have been targeted by US intelligence. The post Russia Blames US Intelligence for iOS Zero-Click Attacks appeared first on SecurityWeek. more…The metaverse: Not dead yet
The metaverse has been described as the next phase of the internet: interconnected and persistent 3D spaces where we will work, play, and, so it seems, purchase virtual real estate. But metaverse-related technologies have failed to keep up with the considerable hype, the vision of ultrarealistic virtual environments offered by tech vendors miles away from […] more…OpenAI has ‘no plans to leave’ Europe due to regulations, CEO says
Days after OpenAI CEO Sam Altman said the company might have to cease operations in Europe if the EU’s AI Act regulations passed in their current form, he has has seemingly rolled back on his comments. Despite recently telling US lawmakers he was in favor of regulating AI, when speaking to reporters in the UK […] more…OAuth Vulnerabilities in Widely Used Expo Framework Allowed Account Takeovers
OAuth vulnerabilities found in the widely used Expo application development platform could have been exploited for account takeovers. The post OAuth Vulnerabilities in Widely Used Expo Framework Allowed Account Takeovers appeared first on SecurityWeek. more…Micron to invest $3.6B for Japanese production of DRAM chips
Chipmaker Micron Technologies plans to invest up to 500 billion yen ($3.6 billion) to bring extreme ultraviolet lithography (EUV) to Japan, making them the first company to bring this production method to the country. Extreme ultraviolet lithography (EVU) is used in the most advanced semiconductor device fabrication and Micron plans to use machines powered by […] more…WordPress 6.2.1 Security & Maintenance Release
On May 16, 2023, the WordPress core team released a crucial update — WordPress 6.2.1. This latest security and maintenance release addresses a number of bug fixes and vulnerability patches, including an unauthenticated Directory Traversal vulnerability, unauthenticated Cross-Site Scripting vulnerability, and several other lower-severity vulnerabilities. To mitigate risk, we highly recommend verifying that your WordPress […] more…VT Code Insight: Updates and Q&A on Purpose, Challenges, and Evolution
Following the announcement of VirusTotal Code Insight at the RSA Conference 2023, we’ve been thrilled by the overwhelmingly positive response from the cybersecurity community. As enthusiasm grows, we’ve been flooded with inquiries from those keen to discover more about Code Insight. To address these questions, we’ve put together a Q&A covering popular topics, including news […] more…How remote work is changing American culture
Tech philosophers have been waxing verbose lately about the culture-shifting power of generative artificial intelligence (AI). “Artificial intelligence is transforming the world,” said the Brookings Institute. “Generative AI changes everything,” the Harvard Business Review proclaimed. And that’s true. But the biggest tech-driven culture change at the moment — far bigger than AI — is the […] more…IBM’s watsonx could be a generative AI game-changer
Disclosure: IBM is a client of the author. IBM this week announced watsonx at Think, and it has the potential to be a generative AI standout. That’s important because generative AI has hit the tech industry like a Mack truck and appears to be advancing at an unbelievable rate. Just as quickly, well-founded concerns about […] more…More information
- Boffins receive quantum key from moving plane
- Anti-piracy software developer leaves website open to snoops
- Torrentz Has Died, But It Won’t Take Torrenting With It
- Update: Data Center Firewall maintenance July 11, 5-7 am
- Resolved: ACD/ UCCX Upgrade
- Microsoft Edge CVE-2016-7280 Information Disclosure Vulnerability
- WhatsApp voicemail phishing attack targets nearly 28K organizations
- FTC: Medical lab lost patient info on peer-to-peer network
- Cryptojacking is almost conquered – crushed along with coinhive.com
- Sly malware author hides cryptomining botnet behind ever-shifting proxy service