Careful Security

Google Highlights Rising AI-Driven Scams, Crypto Fraud, and Cloaking Tactics Google warns of growing online scams using cloaking, AI-driven impersonations, and crypto fraud. Scammers use cloaking to hide fake sites from moderation, while app and page clones trick users into giving up credentials or downloading malware. Google is enhancing protections, such as live scam detection in its Phone app and real-time alerts in Google Play Protect, to help users stay safe. #Cybersecurity #OnlineFraud #AIFraud #CryptoScams #DigitalSafety #TechSecurity #ScamAwareness https://lnkd.in/e2j2_mEm

TSA’s New Cybersecurity Rules for Transportation TSA proposes rules for pipeline and railroad operators to report cyber incidents and implement cyber risk management plans, formalizing measures introduced after the Colonial Pipeline attack. Requirements include annual cybersecurity evaluations, independent vulnerability assessments, and recovery plans for cyber incidents, impacting around 300 operators at an estimated cost of $2.1 billion over 10 years. #Cybersecurity #CriticalInfrastructure #TSA #RiskManagement https://lnkd.in/eyff-ZZd

Would you agree that #security #reports matter?

New Phishing Tool "GoIssue" Targets GitHub Developers The new phishing tool GoIssue is now targeting GitHub developers, extracting email addresses from public profiles to send tailored phishing messages. Created by threat actor Cyber D’ Luffy, GoIssue bypasses spam filters, directing users to fake login pages or rogue OAuth apps to gain unauthorized access to private repositories. Security experts warn this could lead to source code theft, supply chain attacks, and compromised credentials, impacting thousands of projects. Developers should stay alert to these emerging threats. #CyberSecurity #PhishingAlert #GitHub https://lnkd.in/g5Sm4W_y

Mazda Connect Vulnerabilities Allow Vehicle Hacking Mazda Connect’s infotainment system has multiple flaws that let attackers gain root access through a crafted USB device, affecting Mazda 3 models from 2014-2021. These vulnerabilities enable system manipulation and possible network compromise. Mazda owners should avoid unknown USB devices to reduce risk. #Cybersecurity #Mazda #VehicleSecurity #Infotainment https://lnkd.in/g8ktfXMv

GoZone Ransomware Escalates Coercion GoZone ransomware, identified by SonicWall Capture Labs, takes extortion further by encrypting files and accusing victims of possessing explicit content, threatening to report them if no ransom is paid. This strain employs Chacha20 and RSA encryption, modifies desktop wallpaper with ransom instructions, and disables system recovery and wallpaper change options to increase pressure. SonicWall’s signature GAV: GoZone.RSM(Trojan) provides protection against this growing threat. #Cybersecurity #Ransomware #Infosec https://lnkd.in/gT8c3JYd

IT Outage Hits Washington Courts Statewide Washington’s courts face a statewide IT outage from "unauthorized activity" on their network. The Administrative Office of the Courts (AOC) took systems offline and is working with experts to restore service. Essential hearings are proceeding, but disruptions continue across court services. #Cybersecurity #ITOutage #PublicInfrastructure https://lnkd.in/gJdRs_Mp

Cybersecurity Alert: Schneider Electric Confirms Data Breach Schneider Electric has confirmed a breach of its developer platform, where a hacker claims to have stolen 40GB of data from its JIRA server, including 400,000 rows of user data and 75,000 email addresses. The attacker, now part of the Hellcat ransomware group, is demanding $125,000 to avoid data exposure. Schneider Electric reports its products and services are unaffected, as the incident is isolated to a project tracking platform. #Cybersecurity #DataBreach #SchneiderElectric #Ransomware https://lnkd.in/dzyRJCB9

AI Milestone: Google’s LLM Finds SQLite Vulnerability Google’s Big Sleep AI project identified a vulnerability in SQLite missed by traditional fuzzing tools. This marks one of the first times an AI has uncovered a real-world security flaw, showing AI’s growing role in cybersecurity. #AI #Cybersecurity #Vulnerability https://lnkd.in/gytCZB3P

Los Angeles Housing Authority Hit by Cyberattack The Los Angeles Housing Authority (HACLA) is addressing a cyberattack after the Cactus ransomware gang claimed to have stolen 861 GB of data, including personal info and financial documents. This is HACLA's second incident following a 2023 ransomware attack. Ransomware groups are increasingly targeting U.S. housing authorities, impacting services for vulnerable communities. #CyberSecurity #Ransomware #DataPrivacy #Housing https://lnkd.in/e-SN9H7K