A cybercriminal gang, tracked by researchers as "Revolver Rabbit," has registered over 500,000 domain names for infostealer campaigns targeting Windows and macOS systems. The threat actor uses Registered Domain Generation Algorithms (RDGAs). The use of this automated method enables the registration of multiple domain names at once. This article continues to discuss findings regarding the Revolver Rabbit cybercriminal group.

According to a new report from the Department of Homeland Security's (DHS) Office of Inspector General (IG), the Coast Guard lacks staffing, training, authority, and cyber expertise to secure the US maritime supply chain. The report notes that since 2021, Coast Guard "Cyber Protection Teams" (CPTs) have offered free cybersecurity help to organizations in the Maritime Transportation System (MTS), but only 36 percent have taken advantage.

"OilAlpha," a likely pro-Houthi threat group, used Android spyware to steal data from at least three humanitarian organizations in Yemen. According to Recorded Future's Insikt Group, the attacks involve new malicious mobile apps with their own supporting infrastructure. This article continues to discuss findings regarding OilAlpha's operations.

THN reports "Pro-Houthi Group Targets Yemen Aid Organizations with Android Spyware"

Submitted by grigby1

Google has officially introduced the Coalition for Secure AI (CoSAI) to address Artificial Intelligence (AI) cybersecurity risks. Under OASIS Open, the international standards and open source consortium, CoSAI includes Amazon, Anthropic, Chainguard, Cisco, Cohere, GenLab, IBM, Intel, Microsoft, and more. CoSAI will support efforts to adopt AI security standards and best practices by collaborating with the industry and academia in three main areas. This article continues to discuss the new coalition for advancing security measures for AI.

According to OpenSSF and the Linux Foundation, attackers are always finding and exploiting software vulnerabilities. However, many developers lack the necessary knowledge and skills to successfully implement secure software development. Survey findings reveal that nearly one-third of all professionals involved in development and deployment say they are unfamiliar with secure software development practices. This article continues to discuss the lack of education in secure software development and filling educational gaps with language-agnostic courses.

A suspected technical issue at cybersecurity vendor CrowdStrike is causing mass IT outages across the world, disrupting critical sectors such as airlines, banks, media and retailing.  It was noted that the issue appears to concern an update to CrowdStrike's security platform Falcon Sensor, which is impacting Microsoft Windows operating systems.  Reports suggest the affected systems are struggling to boot correctly, causing a bluescreen error to appear.

Mandiant researchers report a rise in attacks by the Chinese government-backed hacking group "APT41" against shipping, logistics, technology, and automotive organizations in Europe and Asia. The group is known for its dual-role operations, which include both state-sponsored espionage and financially motivated intrusions. This article continues to discuss APT41's latest attacks.

According to security researchers at the Identity Theft Resource Center (ITRC), the number of US data breach victims in Q2 2024 increased annually by over 1000%, despite a 12% decrease in the actual number of incidents in those three months.  The researchers claimed the Q2 increase in victim numbers was due to the impact of a small number of large breaches and impacted organizations like Prudential Financial and Infosys McCamish System, revising victim counts from tens of thousands to millions of customers.

MediSecure recently announced that the personal and health data of almost 13 million Australians has been impacted by the cyberattack that occurred in May 2024.  The company says that it has determined that 12.9 million individuals who used the MediSecure prescription delivery service during the period of March 2019 to November 2023 have been impacted by the incident.  This includes information relating to patient prescriptions.  Some of the information exposed includes full names, dates of birth, gender, email addresses, home addresses, and phone numbers.

According to a team of researchers from Arizona State University, the University of New Mexico, the University of Michigan, and the University of Toronto's Citizen Lab, Virtual Private Networks (VPNs) are impacted by a vulnerability that can lead to Man-in-the-Middle (MitM) attacks, allowing threat actors to intercept and redirect traffic. The attack technique called "Port Shadow" builds on research first presented by Benjamin Mixon-Baca and Jedidiah R. Crandall in 2021. This article continues to discuss the Port Shadow technique.