Lucene search
K

45 matches found

Packet Storm News
Packet Storm News
added 2026/03/30 12:0 a.m.10 views

Safeguarding LLMs against Misuse and AI-Driven Malware Using Steganographic Canaries

AI-powered malware increasingly exploits cloud-hosted generative-AI services and large language models LLMs as analysis engines for reconnaissance and code generation. Simultaneously, enterprise uploads expose sensitive documents to third-party AI vendors. Both threats converge at the AI service...

6AI score
Exploits0
Talos Blog
Talos Blog
added 2025/09/08 10:0 a.m.10 views

Stopping ransomware before it starts: Lessons from Cisco Talos Incident Response

Over the past two and a half years January 2023 through June 2025, Cisco Talos Incident Response Talos IR has responded to numerous engagements that we classified as pre-ransomware incidents. Talos looked back to analyze what key security measures were credited with deterring ransomware deploymen...

8.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/07/07 7:1 a.m.8 views

A week in security (June 30 – July 6)

Last week on Malwarebytes Labs: Drug cartel hacked cameras and phones to spy on FBI and identify witnesses Catwatchful "child monitoring" app exposes victims’ data Microsoft, PayPal, DocuSign, and Geek Squad faked in callback phishing scams Qantas: Breach affects 6 million people, "significant"...

7.2AI score
Exploits0
Akamai Blog
Akamai Blog
added 2024/11/18 2:0 p.m.10 views

Five Ways to Prevent and Protect Against Ransomware Attacks

...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/10/21 7:11 a.m.10 views

A week in security (October 14 – October 20)

Last week on Malwarebytes Labs: Unauthorized data access vulnerability in macOS is detailed by Microsoft 23andMe will retain your genetic information, even if you delete the account "Nudify" deepfake bots remove clothes from victims in minutes, and millions are using them Tor Browser and Firefox...

7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/05/09 1:0 p.m.16 views

Layered Defense to Stop Attacks Before they Begin

Ransomware has evolved from opportunistic attacks to highly orchestrated campaigns driven by cyber criminals who are seeking high financial gains. Ransomware-as-a-Service has increased due to its lowered barrier to entry, allowing even those with limited technical expertise to launch devastating...

7.7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/04/03 1:0 p.m.42 views

CVE-2024-0394: Rapid7 Minerva Armor Privilege Escalation (FIXED)

Rapid7 is disclosing CVE-2024-0394, a privilege escalation vulnerability in Rapid7 Minerva’s Armor product family. Minerva uses the open-source OpenSSL library for cryptographic functions and to support secure communications. The root cause of this vulnerability is Minerva’s implementation of...

4.3CVSS8.1AI score0.00234EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2024/02/05 9:59 p.m.13 views

Clorox counts the cost of cyberattack

Cleaning products maker Clorox has reported losses of $49 million in connection to a cyberattack it suffered in August of last year. On Monday, August 14, 2023, Clorox disclosed it had identified unauthorized activity on some of its IT systems. Despite a business continuity plan, the incident...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/01/07 12:8 p.m.23 views

How AI hallucinations are making bug hunting harder

Bug bounty programs that pay people for finding bugs are a very useful tool for improving the security of software. But with the availability of artificial intelligence AI as seen in the popular large language models LLMs like ChatGPT, Bard, and others it looks like there is a new problem on the...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/12/01 2:4 p.m.32 views

Explained: Domain fronting

Domain fronting is a technique of using different domain names on the same HTTPS connection. Put simply, domain fronting hides your traffic when connecting to a specific website. It routes traffic through a larger platform, masking the true destination in the process. The technique became popular...

6.9AI score
Exploits0
ICS
ICS
added 2023/11/15 12:0 p.m.70 views

#StopRansomware: Rhysida Ransomware

Actions to take today to mitigate malicious cyber activity: 1. Prioritize remediating known exploited vulnerabilities. 2. Enable multifactor authentication MFA for all services to the extent possible, particularly for webmail, VPN, and accounts that access critical systems. 3. Segment networks to...

10CVSS6.7AI score0.99512EPSS
Exploits75References119
Malwarebytes
Malwarebytes
added 2023/10/27 5:15 a.m.26 views

Octo Tempest cybercriminal group is “a growing concern”—Microsoft

Octo Tempest is believed to be a group of native English speaking cybercriminals that uses social engineering campaigns to compromise organizations all over the world. Initially the group made a name for itself by SIM swapping. SIM swapping, also known as SIM jacking, is the act of illegally taki...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/10/05 3:0 a.m.13 views

Sony was attacked by two ransomware operators

On September 25, newcomer ransomware group RansomedVC claimed to have successfully compromised the computer systems of entertainment giant Sony. Then, on October 4, news leaked that Sony had told current and former employees and their family members about another cybersecurity breach that exposed...

7.3AI score
Exploits0
CISA
CISA
added 2023/08/30 12:0 p.m.5 views

CISA and FBI Publish Joint Advisory on QakBot Infrastructure

Today, the Cybersecurity and Infrastructure Security Agency CISA and Federal Bureau of Investigation FBI released a joint Cybersecurity Advisory CSA, Identification and Disruption of QakBot Infrastructure, to help organizations detect and protect against newly identified QakBot-related activity a...

7.1AI score
Exploits0References8
ICS
ICS
added 2023/08/30 12:0 p.m.21 views

Identification and Disruption of QakBot Infrastructure

SUMMARY The Cybersecurity and Infrastructure Security Agency CISA and Federal Bureau of Investigation FBI are releasing this joint Cybersecurity Advisory CSA to disseminate QakBot infrastructure indicators of compromise IOCs identified through FBI investigations as of August 2023. On August 25, F...

9.7AI score
Exploits0References62
Malwarebytes
Malwarebytes
added 2023/08/22 11:30 a.m.48 views

Update now! WinRAR files can be abused to run malware

A new version of the file archiving software WinRAR fixes two vulnerabilities that could allow an attacker to execute code on a target system. All the victim has to do is to open a specially crafted archive. After receiving a report about the vulnerability in June, a new version of the software w...

7.1AI score0.1308EPSS
Exploits1
Microsoft Secure
Microsoft Secure
added 2023/04/27 4:0 p.m.22 views

Why you should practice rollbacks to prevent data loss in a ransomware attack

The security community is continuously changing, growing, and learning from each other to better position the world against cyberthreats. In the latest post of our Community Voices blog series, Microsoft Security Senior Product Marketing Manager Brooke Lynn Weenig talks with Tanya Janca, Founder...

6.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/04/05 1:0 a.m.16 views

Fake ransomware demands payment without actually encrypting files

Fake it till you make it ransomware groups are trying to get rich off the backs of genuine ransomware authors. Why are they "fake it till you make it"? Because they dont actually create ransomware or compromise networks in any way. Theyre simply lying through their teeth and hoping that recipient...

6.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/03/17 4:30 p.m.68 views

Rubrik is latest victim of the Clop ransomware zero-day campaign

Rubrik, a cybersecurity company specializing in cloud data management, has revealed that some of its systems were infiltrated by the Clop ransomware group. Rubrik is one of many companies attacked by Clop via an infamous zero-day vulnerability in the GoAnywhere file transfer software. The attack...

7.5AI score0.99999EPSS
Exploits12
Malwarebytes
Malwarebytes
added 2023/02/20 2:0 a.m.105 views

GoAnywhere zero-day opened door to Clop ransomware

A semi-active ransomware group has claimed it is behind a string of attacks which have taken advantage of a zero-day vulnerability in GoAywhere MFT. The Russian-linked Clop ransomware group says it was able to remotely attack private systems using exposed GoAnywhere MFT administration consoles...

0.3AI score0.99999EPSS
Exploits12
Rows per page
Query Builder