Fraudsters are hijacking Facebook pages to spread fake AI applications.
Welcome to Cybersecurity Today. It's Monday, April 8, 2024. I'm Howard Solomon. A roundup of the latest cybersecurity news.
Cybercriminals are taking overPoorly secured Facebook profiles for spreading links to fake artificial intelligence applications. According to Bitdefender researchers, yes. The hijacked Facebook pages are said to be designed to trick victims into downloading what appear to be official desktop versions of AI software such as ChatGPT, Midjourney, Sora AI, DALL-E, and Evoto. What the downloaded app actually does is steal information from the victim's computer, such as usernames, passwords, credit card numbers, and cryptocurrency wallet information. A Facebook page masquerading as Midjourney had 1.2 million followers before being shut down last month. Two takeaways from this: You should strengthen the security of your social media pages by using strong passwords and multi-factor authentication to prevent them from being taken over and misused by criminals. Organizations should also notify all employees that they are prohibited from downloading applications from unauthorized locations, such as social media sites, to computers that are allowed to connect to the corporate network.
Tweaked by Cisco Systems This update was released last month to resolve an IOS software vulnerability on Catalyst 6000 series switches. This vulnerability is rated High.
Cisco also said that six models of its Small Business Router RV series have vulnerabilities in the web-based management interface. Cisco says this hole could allow devices to be compromised. The network administrator must disable remote management on two of the models. For the other he four models you also need to block certain ports. Please note that no software updates will be released to fix the vulnerability. Four of the routers are no longer supported and should not be connected to your network at all.
discovered by threat actors A new way to compromise Adobe Magento e-commerce servers. According to Sansec researchers, if an attacker is able to compromise a server, code that adds a backdoor is installed and reinserted after manual modification or setup. This he exploited a vulnerability discovered in February. The goal is to insert a fake Stripe payment skimmer to steal credit and debit card information. Magento administrators should search for hidden backdoors and ensure their systems are up to date with patches or running the latest versions.
American company that provides The provision of financial experts to law firms handling litigation has increased the number of people reporting data breaches. In a filing with the Maine Attorney General's Office, Greylock McKinnon Associates said it has now notified more than 341,000 people whose data was stolen last year. The initial estimate of the number of victims was approximately 5,400. The information, including Social Security numbers, was provided by the U.S. Department of Justice as part of a civil lawsuit. It was stolen in a cyberattack that was discovered in May last year.
Notice from Pacific Guardian Life Insurance Just over 167,000 Americans suffered a data breach. A notice to the Maine Attorney General's Office said the cause was phishing, but did not provide other details of the incident. The theft was discovered in September last year. The stolen data also included names, credit or debit card numbers, and associated passwords and PIN numbers.
IT schools in Pennsylvania has notified approximately 31,000 people of the data breach. York County Technical College announced that the data was stolen in a cyberattack just over 12 months ago. In addition to names, the stolen data also included Social Security, driver's license, and state ID numbers.
Threat actor launched Phishing campaign to steal information from the US energy sector. According to Cofens researchers, the scheme included targeted emails purportedly from the Federal Transit Administration sent to people claiming their cars had been in or left an accident. Ru. They claim they risk being fined. The message may contain the word “urgent” in the subject line. Of course, the possibility of a fine will draw the reader's attention, and they will be more careful in opening attachments that link to malware. This is a type of similar scam that has been going on for years, capitalizing on people's fears that they will be hurt if they don't open the document. As always, you should check who the message with the attachment came from and any signs of fraud, such as grammar mistakes. As a matter of fact, government agencies do not send such e-mail messages. First, how do they know your email address?
finally, As I told our listeners last week, Ivanti has committed to overhauling its product security management practices after more vulnerabilities were uncovered in its Connect Secure and Policy Secure gateways. John Pescatore of the SANS Institute, which offers cybersecurity training courses, suggests: Companies that manufacture security-related products need to demonstrate to the public tangible progress in their security culture, including third-party testing of all products. Penalty: Security product companies are not allowed to use the term AI or machine learning in their marketing or advertising unless they have had vulnerabilities with a CVSS score greater than 7 for at least 12 months.
Links to more information about the news mentioned in this podcast episode can be found in the text version of ITWorldCanada.com.
Follow Cyber Security Today on Apple Podcasts, Spotify, or add us to Flash Briefing on your smart speaker.
