720-891-1663

Security News Update for October 18, 2024

Scams evolve. Now that the scam concept is public, North Korea is pivoting. They are extorting the companies that hire these North Koreans as IT employees after the employees steal corporate secrets. Read the details here.

In a surprise (to no one) announcement, OpenAI says it has disrupted “over 20” malicious cyber operations abusing ChatGPT, this year. While security companies like Proofpoint have said this was happening, this is the first time OpenAI has admitted it. How many of these operations are out there undetected? Credit: Bleeping Computer

Oops! Microsoft is warning enterprise customers that, for almost a month, a bug caused critical logs to be partially lost, putting at risk companies that rely on this data to detect unauthorized activity. The loss affected many services including Entra, Sentinel, virtual desktop and others, with the losses being different for each. They are blaming the loss on a software bug. While Microsoft said they have notified all affected customers, some customers disagree and were not notified. Credit: Tech Crunch and Bleeping Computer

When the patches come out, so do the hackers. This bug had a score of 9.8 which definitely motivates the bad actors. The bug patch was released on September 4th. The proof of concept exploit hack was released on September 15th. CISA tagged the bug as “known to be used in ransomware campaigns”. Credit: The Record

Security researchers say they have found ways to attack the secure enclave processors in both Intel and AMD chips. One attack is called CounterSEVeillance; the other is called TDXDown. Intel says the attack is low risk in real world environments, but has released an update. AMD says that the attack works but programmers programming security operations should not be using the compromised instructions and provide guidance on what they should do. How many programmers read the processor chip best practices manuals? Credit: Security Week

Facebooktwitterredditlinkedinmailby feather

Leave a Reply

Your email address will not be published. Required fields are marked *