- Details
- hackernews.com
March 25, 2023 hackernews.com published that OpenAI disclosed that a bug in the Redis open source library was responsible for the exposure of other users' personal information and chat titles in the upstart's ChatGPT service earlier this week, The glitch, which came to light on March 20, 2023, enabled certain users to view brief descriptions of other users' conversations from the chat history sidebar, prompting the company to temporarily shut down the chatbot....Read More.............
- Details
- hackernews.com
March 21, 2023 hackernews.com published that as many as 55 zero-day vulnerabilities were exploited in the wild in 2022, with most of the flaws discovered in software from Microsoft, Google, and Apple.While this figure represents a decrease from the year before, when a staggering 81 zero-days were weaponized, it still represents a significant uptick in recent years of threat actors leveraging unknown security flaws to their advantage...Read More..........
- Details
- thehackernews.com
March 21, 2023 thehackernews.com published that Poorly managed Linux SSH servers are being targeted as part of a new campaign that deploys different variants of a malware called ShellBot."ShellBot, also known as PerlBot, is a DDoS Bot malware developed in Perl and characteristically uses IRC protocol to communicate with the C&C server," AhnLab Security Emergency response Center (ASEC) said in a report. ShellBot is installed on servers that have weak credentials, but only after threat actors make use of scanner malware to identify systems that have SSH port 22 open....Read More.......
- Details
- Securityweek.com
February 20 , 2023 , Securityweek.com published that With the launch of Samsungs latest flagship Galaxy smartphones, Samsung has introduced a new sandbox feature named Message Guard that is designed to protect devices against zero-click exploits.It’s not uncommon for sophisticated threat actors to target users with exploits that can be triggered without any interaction from the victim. As an example, Samsung described a scenario where a hacker sends the targeted user a specially crafted image file that automatically exploits a vulnerability — while the phone is locked in the user’s pocket — to give the attacker access to the victim’s messages, picture gallery and bank details. . Read More.......
- Details
- Securityweek.com
February 20 , 2023 , Securityweek.com that Twitter started a security ruckus over the weekend with the sudden decision to turn off text message/SMS method of two-factor authentication (2FA) for anyone not subscribed to its paid Twitter Blue service.“While historically a popular form of 2FA, unfortunately we have seen phone-number based 2FA be used – and abused – by bad actors. So starting today, we will no longer allow accounts to enroll in the text message/SMS method of 2FA unless they are Twitter Blue subscribers,” Twitter announced late Friday.. .Read More.......
- Red alert warning issued to anybody who uses Gmail or Microsoft Outlook
- LockBit 3.0 Ransomware: Inside the Cyberthreat That's Costing Millions
- Chinese and Russian Hackers Using SILKLOADER Malware to Evade Detection
- Medusa ransomware gang picks up steam as it targets companies worldwide
- Clop ransomware gang begins extorting GoAnywhere zero-day victims