25-May-2024: GitLab Patches XSS Flaw, New Ransomware and Cyber Espionage Uncovered

Welcome to Hacked dAily, the first AI-driven cybersecurity podcast by Cytadel Cyber. In today's episode, we delve into the evolving landscape of cybersecurity and privacy. We begin with Apple's recent $95 million settlement aimed at resolving allegations that its Siri voice assistant unlawfully recorded private conversations. Though denying any wrongdoing, this settlement seeks to address privacy concerns and conclude the litigation. Next, we discuss proposed amendments to HIPAA by the U.S. Department of Health and Human Services. These amendments aim to enhance privacy and security protections in the healthcare sector, addressing vulnerabilities in data protection amid increasing digital health tool usage. We then shift to Atos Group's firm denial of being compromised by the ransomware group Space Bears. Atos clarifies that no breaches occurred within its systems, emphasizing its strong cybersecurity framework maintained by a global team of experts. In other news, the RansomHub hacking group claims responsibility for a supposed breach at MetLife, though MetLife has refuted these claims, highlighting ongoing challenges in verifying cyber incident reports. Finally, we explore how business leaders see a positive ROI from implementing Generative AI in cybersecurity. GenAI is recognized for its potential to transform threat detection and response, suggesting an effective, cost-reducing strategy against the evolving complexity of cyber threats. Stay tuned for your daily dose of cybersecurity insights on Hacked dAily!This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

3 Jan 3min

Welcome to Hacked dAily, the first AI-driven cybersecurity podcast by Cytadel Cyber, where we bring you the latest insights into the world of cyber threats and digital security. In today's top story, a U.S. Army soldier, Cameron John Wagenius, faces serious allegations linked to a hacking scheme involving the sale of stolen phone records, potentially including data from high-profile figures like President-elect Donald Trump and Vice President Kamala Harris. The scheme, associated with a series of breaches tied to the alias "Kiberphant0m," may involve significant incidents tied to AT&T and a U.S. defense contractor. Next, the United Nations has introduced a controversial cybercrime treaty aimed at fostering global cooperation against cyber threats. Critics warn that it might challenge human rights, depending on how member nations implement it. Ratification by 40 member nations is needed for the treaty to take effect. Our third story highlights the discovery of "DoubleClickjacking," a new exploit that bypasses existing clickjacking protections by layering multiple frames to trick users, underscoring vulnerabilities in web security protocols. In other news, Vallianz, a Singapore-based vessel operator, disclosed a ransomware attack. Although detected quickly, they assure no major business disruptions occurred. Finally, AI agents are making strides in the workforce, yet they still require human oversight, illustrating the evolving role of managers in guiding AI for optimal organizational integration. Join us daily for more insights and updates on cyber threats and solutions.This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

2 Jan 3min

Welcome to Hacked dAily, the go-to podcast for the latest in AI-driven cybersecurity, brought to you by Cytadel Cyber. In today's episode, we delve into major cyber threats and regulations shaking up the digital world. First up, we'll discuss the alarming breach of 35 Google Chrome extensions that put millions at risk. Cybercriminals managed to inject malware that stole user credentials and browsing history. Google has swiftly removed these from the Chrome Web Store, but are you safe yet? Next, we uncover a cunning crypto scam spreading via fake job offers. This new malware, disguised in recruitment documents, targets your digital wallets. Stay ahead of cybercriminals and keep your assets secure with our expert advice. In our social media spotlight, we'll examine the recent hack of Ford Motor Company's official X account. The incident, which led to unauthorized pro-Palestine posts, raises pressing questions about social media security. In other news, the ransomware group Inc claims responsibility for attacking Youth Eastside Services, with data on patients and employees possibly compromised. The organization has not yet confirmed these claims, leaving many in the community concerned. Finally, a legislative update from California with AB 3030. This bill mandates transparency in AI usage in healthcare, compelling providers to inform patients when AI is involved in their care. Tune in for these stories and more on Hacked dAily, where we keep you informed to stay protected.This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

1 Jan 3min

Join us on Hacked dAily, the first AI-driven cybersecurity podcast by Cytadel Cyber, for your daily briefing on critical cybersecurity issues. Today, we dive into the recent data breach involving Harley-Davidson, where cybercriminal group "888" allegedly leaked personal details of over 66,700 consumers. This incident raises significant concerns about identity theft and corporate cybersecurity vulnerabilities. We also cover the United States' move to overhaul healthcare cybersecurity regulations following major breaches to protect patient information. These reforms will enhance compliance requirements and strengthen security frameworks across healthcare organizations nationwide. In another alarming report, a Chinese advanced persistent threat group exploited a BeyondTrust API key to infiltrate U.S. Treasury systems. This breach highlights the growing threat of state-sponsored cyberattacks and the critical need to secure government infrastructure against such sophisticated threats. In other news, the financial impact of cyber threats comes to light as documents reveal that Mr. Cooper made an 8-figure payment following a ransomware attack, emphasizing the urgent necessity for enhanced cybersecurity measures. Finally, we explore the ongoing debate in Silicon Valley between tech giants and policymakers regarding AI regulation. The discussion centers on balancing innovation with public safety, addressing ethical concerns while encouraging technological advancements. Tune in to stay informed and prepared in this ever-evolving digital landscape.This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

31 Dec 20243min

Hacked dAily, the first AI-driven cybersecurity podcast by Cytadel Cyber, brings you up-to-date with today's most pressing cyber threats and vulnerabilities. In today's episode, we dive into the security breach affecting over 600,000 Google Chrome users. Sixteen extensions were found with malicious code, prompting Google to remove them and advise users to uninstall for safety. Then, we shift to the legal front where three individuals are nabbed in connection with a multimillion-dollar NFT scam, reflecting law enforcement's increasing focus on digital asset fraud. Our coverage also includes a series of attacks exploiting outdated D-Link routers, turning them into malware botnets. Users are reminded of the importance of regularly updating their devices to close security loopholes. In the world of ransomware, healthcare systems were hit hard, particularly on weekends and holidays, urging a call for better staffing and reliance on managed services for enhanced protection. Finally, a new study unveils AI's potential to compromise digital security, with its ability to predict cryptocurrency seed phrases in mere seconds. The revelation raises alarms over the current safeguards within the crypto ecosystem. Join us for these stories and expert insights to stay informed about the ever-evolving cyber threat landscape. Don't miss a beat on Hacked dAily!This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

30 Dec 20243min

Welcome to Hacked dAily, the first AI-Driven Cybersecurity Podcast, brought to you by Cytadel Cyber. In today’s episode, we explore the latest in cyber threats and data breaches affecting global systems and industries. First up, ZAGG, a maker of mobile accessories, has fallen victim to a cyberattack targeting their third-party e-commerce platform. This has resulted in the theft of customer credit card information over several months. The company is teaming up with cybersecurity specialists to address this breach and enhance their digital security. In Europe, Italy’s Foreign Ministry and multiple airports have experienced a severe cyber attack that disrupted operations and targeted sensitive communications. National security entities are working swiftly to evaluate and secure compromised systems amidst unclear full-damage reports. Electric vehicle owners are on alert after a major data breach exposed personal information affecting up to 800,000 cars. Sensitive data like vehicle identification numbers were leaked, prompting investigations to curb future vulnerabilities. Elsewhere, the tech company Atos is probing claims by the LockBit ransomware group about a possible data breach involving sensitive data. Efforts are focused on verifying and mitigating potential threats. Finally, an incident involving a large language model underscores the emerging cybersecurity challenges in AI technology. Experts warn of potential AI-driven data breaches, stressing the need for fortified protective measures. Tune in tomorrow for more on cybersecurity news and updates with Hacked dAily. Stay secure!This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

29 Dec 20243min

Welcome to Hacked dAily, the first AI-driven cybersecurity podcast brought to you by Cytadel Cyber. In today’s episode, we dive into the latest developments in the ever-evolving world of cyber threats. Our top story covers a serious breach involving a ninth U.S. telecommunications company, victim to a cyber espionage campaign attributed to Chinese hackers. This incident highlights enduring security threats from state-sponsored entities and their strategic pursuit of sensitive information via telecom networks. In another alarming report, a widely trusted Chrome extension has been hijacked, serving as a conduit for attackers to steal user passwords. This breach emphasizes the critical need for continued vigilance in software security, even with seemingly secure and popular tools. We also examine a new development involving North Korean hackers utilizing OtterCookie malware in the Contagious Interview campaign. Targeting software developers with fake job offers, this campaign reflects evolving tactics directing malicious efforts towards financial gain. Additionally, we look at the HELD ransomware's expansion, which encrypts victims' files and demands ransom for decryption. Experts recommend disconnecting affected systems immediately and not paying the ransom, advising better backup and security protocols. Today’s episode concludes with a discussion on OpenAI’s o3 system, which showcases remarkable efficiency and adaptability in tackling complex tasks, representing an exciting leap forward in AI technology. Stay secure and informed with Hacked dAily!This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

28 Dec 20243min

Welcome to Hacked dAily, the first AI-driven cybersecurity podcast brought to you by Cytadel Cyber. Tune in each day for the latest updates and insights into the world of cybersecurity threats and defenses. Today’s top stories include a critical issue affecting Windows 11 users. A bug in outdated installation media is causing security update failures, leading to missing crucial patches. Microsoft recommends recreating the installation media to ensure security. Next, we delve into the repercussions of a recent ransomware attack on Ascension hospitals. Patient data, including medical and payment information, may be compromised, but there’s no evidence it reached their Electronic Health Records. Ascension promises secure system restoration. In a financial update, Wood County commissioners have approved a $55 million budget after a $1.5 million allocation to counter a ransomware attack. This decision underscores the increasing impact of cybersecurity on fiscal policies. Meanwhile, the Interlock ransomware attacks Linux and FreeBSD systems, highlighting significant vulnerabilities in critical infrastructure. The rapid file encryption capability of this malware demands enhanced defensive strategies. Finally, artificial intelligence is boosting the sophistication of open-source intelligence, raising security risks and prompting urgent calls for advanced countermeasures. As AI becomes more prevalent, protecting our digital landscape from new threats is vital. Stay ahead with Hacked dAily for more on these stories and insights into the evolving cybersecurity landscape.This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

27 Dec 20243min