Members of a financially motivated threat group are impersonating IT support staff in convincing phone calls and talking employees into granting access to their organization's Salesforce environments.
In the masquerade campaigns discovered by Cisco Talos, cybercriminals hid malware behind software and install packages that mimicked the websites or names of the lead monetization service Nova Leads, the enormously popular Chat GPT, and an AI-empowered video tool called InVideo AI.
Active since June 2022 and also known as Playcrypt, Play is believed to be a closed group, engaging in double-extortion tactics that include exfiltrating victims' data and leveraging it for extortion, in addition to encrypting systems.
Seven years after its implementation, the General Data Protection Regulation (GDPR) continues to serve as a pivotal framework for data privacy across Europe. Widely regarded as a landmark piece of legislation, it set a global benchmark for the protection of personal information in the digital age. However, as technology continues to advance, so does the threat landscape.
Let's Encrypt will stop sending SSL/TLS expiration emails effective June 4 - now's the time to ensure you have SSL monitoring and alerts set up.
Chipmaker giant Qualcomm released patches on Monday fixing a series of vulnerabilities in dozens of chips, including three zero-days that the company said may be in use as part of hacking campaigns.