AI-pwned: Vercel breach traced to stolen employee creds
…If the attackers really were moving with AI in the loop, they didn't need much else beyond access that worked. ® ai security cybercrime cyber-crime
Search
Don't glamorize cybercrims, roast them instead
Security Researchers didn’t want to glamorize cybercrims. So they roasted them True-crime tales of criminals making fools of themselves INTERVIEW Cybercrime crews have become almost mystical entities, with security vendors…
Ransomware scum, other crims exploit 4 old Microsoft bugs
…The latter had been exploited as a zero-day for months , and Adobe finally released a patch over the weekend. ® security patches patch management microsoft cybersecurity and infrastructure security agency cybercrime
Russia's APT28 behind latest wave of router, DNS attacks
…earlier advisories, dated April 2023, noted that similar attacks on Cisco routers resulted in APT28 deploying Jaguar Tooth malware , establishing backdoors for follow-on attacks. ® security russia ncsc dns cybersecurity cyber-crime
RSA panelists cry out for help to missing feds
…But still, when one of the world’s more significant infosec events has no US government speakers, it isn't a good look. ® special_features security rsa conference rsa cybercrime china
Anthropic's Mythos has The Kettle crew curious, skeptical
…community, and whether we should take Anthropic at its word or not. You can listen to The Kettle here , as well as on Spotify and Apple Music . ® anthropic ai cybersecurity kettle security
Manage attack infrastructure? AI agents can now help
…Anyone developing any kind of code is thinking about how to use an AI assistant to do that." ® cybercrime ai security microsoft
'Several dozen' orgs targeted by a new extortion crew
…the Adobe breach appears to be legitimate , and "anyone who submitted a helpdesk ticket to Adobe, or requested assistance in any capacity, could be impacted." ® security google cloud cybercrime cyber-crime adobe
Meta, cops deploy AI and handcuffs in scam crackdown
…journalists, and military personnel worldwide by tricking users into linking attackers' devices to their accounts and persuading targets to share security verification codes or PINs. ® whatsapp security meta cybercrime cyber-crime ai
Fake Linux Foundation leader using Slack to phish devs
…packages, and figure out ways to compromise developers to deliver malware or gather data, depending on the type of threat," Biasini said. ® cyber-crime open source linux foundation google cloud cybercrime security