Author: Kirsten Doyle

Cybersecurity experts from Positive Technologies’ Security Expert Center (PT ESC) have uncovered an exploit targeting Roundcube Webmail, an open-source email client written in PHP. According to the researchers, Roundcube’s “extensive functionality and the convenient access it gives users to email accounts via a browser—without the need for full-fledged email clients—have made it popular among commercial and government organizations worldwide.” However, this popularity has also put us in the crosshairs of cybercriminals who rapidly adapt exploits once they become publicly known in the hope of stealing credentials and corporate email communications. The attack leverages a vulnerability—CVE-2024-37383—and poses a significant threat to firms that have yet to update their Roundcube…

The NHS App is set to undergo a major transformation, with plans to make full medical records, test results, and doctor’s letters accessible to patients across England. This initiative is part of a new 10-year strategy aimed at revolutionizing how patients engage with the healthcare system, with digitalization at its core. Government ministers hope the changes will ease healthcare access like apps have eased banking. At present, the app’s functionality is limited because patient records are stored separately by individual GP practices and hospitals, preventing seamless integration. However, under the new strategy, the government intends to establish a unified patient…

A novel attack, dubbed ConfusedPilot, has been discovered, targeting widely used Retrieval Augmented Generation (RAG)-based AI systems such as Microsoft 365 Copilot. This method allows malicious actors to manipulate AI-generated responses by introducing malicious content into documents referenced by these systems. The potential consequences include widespread misinformation and compromised decision-making across entities that rely on AI to help with critical tasks. With 65% of Fortune 500 companies currently implementing or planning to adopt RAG-based AI systems, the implications of these attacks are significant. The researchers from the University of Texas at Austin, led by Professor Mohit Tiwari, have highlighted the…

Due to the tremendous feedback we received on our first two articles, which shared invaluable cybersecurity advice from industry experts, we’re excited to continue the series with even more insights. In this third installment, we delve deeper into the theme of “Secure Our World” by presenting actionable strategies that anyone can implement to enhance their cybersecurity posture. These expert recommendations emphasize the critical need for tailored security practices, from protecting business operations to safeguarding personal information. No single solution can address every cyber threat, but by adopting these essential steps, organizations and individuals alike can significantly strengthen their defenses and…

Iranian cyber actors are targeting organizations across critical infrastructure sectors, using brute force techniques to obtain user credentials and sell sensitive information on cybercriminal forums. The attacks have affected healthcare, government, information technology, engineering, and energy sectors. This was announced in a coordinated alert by the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Communications Security Establishment Canada (CSE), Australian Federal Police (AFP), and Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC). Attack Patterns and Techniques Since October 2023, Iranian threat actors have been leveraging brute force attacks, such as password spraying,…

Leading artificial intelligence (AI) models are failing to meet key European regulatory standards in areas such as cybersecurity resilience and prevention of discriminatory outputs, according to data obtained by Reuters. The EU AI Act is being implemented in phases over the next two years and was introduced to address the growing concerns around the ethical, societal, and safety implications of these technologies, which are becoming increasingly integrated into various aspects of daily life. It is the first comprehensive AI legislation introduced by a major regulatory body. It categorizes AI applications into three risk levels. First, applications deemed to pose an…

Sophisticated and complex threats fuel rapid and profound change in the cybersecurity landscape. Malicious actors are exploiting advanced technologies, like artificial intelligence (AI), to launch more targeted, destructive attacks that are harder to detect. As yesterday’s security solutions battle to keep up, the need for AI-driven cybersecurity solutions has become dire. AI-powered solutions can proactively detect threats and vulnerabilities so organizations can respond more rapidly and effectively. However, no machine is an island, and human expertise is indispensable when navigating the ethical, strategic, and creative dimensions of cybersecurity. AI-Driven Security: A Leap Forward in Cyber Defense AI is a powerful…

In a potentially concerning advancement for global cybersecurity, Chinese researchers have introduced a technique leveraging D-Wave’s quantum annealing systems to breach traditional encryption, which may hasten the timeline for when quantum computers could pose a genuine threat to widely used cryptographic systems. Published under the title “Quantum Annealing Public Key Cryptographic Attack Algorithm Based on D-Wave Advantage,” the paper details how D-Wave’s machines were utilized to compromise RSA encryption and target symmetric encryption systems, raising significant concerns about the future of cybersecurity. Led by Wang Chao from Shanghai University, the research team discovered that D-Wave’s quantum computers can optimize problem-solving…

Mobile device and app security firm Zimperium has discovered a new capability in the notorious banking Trojan TrickMo. Some of the samples the company analyzed are able to steal a device’s unlock pattern or PIN. This new feature enables the malefactor to operate on the device even while it is locked. To obtain the necessary unlock information, the malware shows a fake user interface that mimics the device’s legitimate unlock screen. When users enter their unlock pattern or PIN, the data is transmitted to a PHP script along with the Android ID (a unique device identifier), enabling attackers to correlate…

NHS England’s National Cyber Security Operations Centre (CSOC) has issued a high-severity cyber alert in response to the active exploitation of a critical vulnerability, CVE-2024-40711, in Veeam’s Backup & Replication software. This alert follows Veeam’s security bulletin from September, which addressed one critical and five high-severity vulnerabilities, including CVE-2024-40711. The NHS alert is in line with previous warnings, such as cyber alert CC-4542, highlighting the urgency for rapid patching and other defensive actions. According to the advisory, ransomware groups have been leveraging CVE-2024-40711 as a second-stage exploit to create local Administrator accounts on compromised networks. Executing Remote Code This vulnerability,…