TRiNet International, Inc.

A wave of cyberattacks using AppDomain Manager Injection, a technique that leverages the .NET Framework's AppDomainManager class for stealthy code ex*****on, has been observed since July.

Hackers now use AppDomain Injection to drop CobaltStrike beacons A wave of attacks that started in July 2024 rely on a less common technique called AppDomain Manager Injection, which can weaponize any Microsoft .NET application on Windows.

We can provide your organization with complete protection and security to help reduce the risk of , data leaks, ensure , and coach users to make smart decisions. Please feel free to contact us for more information.

Fake Palo Alto GlobalProtect used as lure to backdoor enterprises Threat actors target Middle Eastern organizations with malware disguised as the legitimate Palo Alto GlobalProtect Tool that can steal data and execute remote PowerShell commands to infiltrate internal networks further.

Report: AMD faces second data breach in 3 months.

We can help you deploy enterprise-wide protection that analyzes data from any source to detect and prevent sophisticated attacks and provide complete visibility. Please feel free to contact us for more information.

AMD data reportedly offered for sale on dark web souk Second sensitive info theft claimed by the same crims since June

We can help dramatically reduce your risk of attack plus providing compliance with a zero trust endpoint protection platform. Please feel free to contact us for more information.

Patelco notifies 726,000 customers of ransomware data breach Patelco Credit Union warns customers it suffered a data breach after personal data was stolen in a RansomHub ransomware attack earlier this year.

We can help reduce the risk by providing your organization with NextGen Security Awareness Training, contact us for more information.

Microsoft Sway abused in massive QR code phishing campaign ​A massive QR code phishing campaign abused Microsoft Sway, a cloud-based tool for creating online presentations, to host landing pages to trick Microsoft 365 users into handing over their credentials.

What a mess!

Delta, American, Other Major Airlines Grounded Amid Mass IT Outage, Other Industries Impacted All flights from major carriers, including Delta, American, and United, were grounded Friday morning following a massive global technical outage that affected several industries. The issue reportedly follows an update made by cybersecurity firm CrowdStrike, one of the world’s largest software....

The Eldorado ransomware, a new ransomware-as-a-service that appeared in March, targets both Windows and VMware ESXi virtual machines.

New Eldorado ransomware targets Windows, VMware ESXi VMs A new ransomware-as-a-service (RaaS) called Eldorado emerged in March and comes with locker variants for VMware ESXi and Windows.

Russia has been a good market for virtual private network internet gateways, and the country's leaders have responded by pushing several of the major providers out of Apple's App Store.

Apple removes popular VPNs from the App Store on behalf of Russian authorities Apps contain content that is "Illegal in Russia"

Every second, passwords are under attack from cybercriminals seeking access to computer systems. As this article explains, the concept of passwords is also under attack, with 78% of tech companies signaling they are ready to move to other systems such as software tokens, biometric data, and physical badges, according to one survey.
Are you ready to move? Contact us for additional information.

Passwords in the Modern Internet: Why Keyword Securities Should be Phased Out Password security systems are becoming more obsolete in the face of more modern data safety threats.

CDK Global, a SaaS platform for car dealerships, experienced a second cyberattack while attempting to recover from a previous breach, leading to widespread outages and operational disruptions at dealerships, including major ones like Penske Automotive Group. Despite efforts to restore services, concerns have arisen over CDK's approach, as cybersecurity experts believe the company may be moving too quickly without fully investigating the breaches

CDK Global hacked again while recovering from first cyberattack Car dealership SaaS platform CDK Global suffered an additional breach Wednesday night as it was starting to restore systems shut down in an previous cyberattack.

Interesting inside look at the business model of a full-time ransomware syndicate.

Council Post: Inside The Organizational Structure Of A Modern Ransomware Syndicate Little is known about how ransomware gangs operate and how their operations are structured.

Russian government hackers who recently stole Microsoft corporate emails have acquired passwords and other confidential material that could enable them to infiltrate US agencies.

Russian hackers stole some agencies' emails in recent Microsoft hack CISA is directing affected agencies to reset passwords and deactivate some services as they investigate further.

The Federal Bureau of Investigation is raising alarm over an ongoing SMS phishing operation that targets American drivers after its Internet Crime Complaint Center received more than 2,000 complaints from at least three states.

FBI warns of massive wave of road toll SMS phishing attacks On Friday, the Federal Bureau of Investigation warned of a massive ongoing wave of SMS phishing attacks targeting Americans with lures regarding unpaid road toll fees.

Research by Internet Safety Labs reveals that 78% of school apps have a "very high risk" of infringing on student privacy.

Many Schools Use Edtech That Puts Student Privacy at Risk. Here’s What They Should Do Instead Recent research found that 78% of required or recommended school apps were “very high risk” in terms of student privacy, suggesting a need for greater protections at schools.

Two info-stealing malware are now being used in separate attacks that aim to steal data -- including account usernames, passwords and crypto wallet data -- from Mac users.

New Mac malware targets users with legit-looking ads, meeting links Attacks steal sensitive information, including usernames and passwords.

Health care IT teams should heed the FBI's warning on dual ransomware attacks, which involve deploying multiple ransomware packages simultaneously or sequentially to increase chances of success.

5 Questions about Dual Ransomware Attacks The FBI has warned the public about the threat of dual ransomware attacks. Here’s what healthcare organizations need to know.

Major Cell Phone Outage Nationwide Affecting AT&T, T-Mobile, Verizon; Some 911 Impacted.

Major Cell Phone Outage Nationwide Affecting AT&T, T-Mobile, Verizon; Some 911 Impacted  

Standard AI techniques to detect and remove deceptive backdoors are ineffective against large language models with deceptive programming, and trying to retrain deceptive LLMs can worsen the problem.

Two-faced AI language models learn to hide deception ‘Sleeper agents’ seem benign during testing but behave differently once deployed. And methods to stop them aren’t working.

Hewlett Packard Enterprise says that its Microsoft Office 365 email environment was breached last year allegedly by Russian hackers calling themselves Midnight Blizzard.

HPE: Russian hackers breached its security team’s email accounts Hewlett Packard Enterprise (HPE) disclosed today that suspected Russian hackers known as Midnight Blizzard gained access to the company's Microsoft Office 365 email environment to steal data from its cybersecurity team and other departments.

The operator of the notorious QakBot malware has reemerged and is now posing as an IRS employee in phishing emails in order to distribute the QakBot payload.

Qbot malware returns in campaign targeting hospitality industry The QakBot malware is once again being distributed in phishing campaigns after the botnet was disrupted by law enforcement over the summer.

One key to adding AI is to not consign it to a silo, instead making it "a harmonious addition to the enterprise, resonating with and amplifying strategic and operational goals.

Council Post: Scaling AI: A Comprehensive Strategy For Transformative Growth A holistic AI strategy goes beyond mere application—it’s an end-to-end integration from data inception to actionable insights.

The Chameleon banking trojan has reappeared with a new variant, distributed via the Zombinder service as Google Chrome, that can cripple biometric functions on Android devices to steal credentials.

Android malware Chameleon disables Fingerprint Unlock to steal PINs The Chameleon Android banking trojan has re-emerged with a new version that uses a tricky technique to take over devices — disable fingerprint and face unlock to steal device PINs.

The most popular targets in 2023 of cyber attackers were older security flaws that have remained unpatched, often for over 10 years.

Threat actors still exploiting old unpatched vulnerabilities, says Cisco | IT World Canada News The exploitation of a vulnerability in Progress Software's MOVEit file transfer application was one of the biggest cybersecurity news headlines of the year. However, according to Cisco Systems, the most targeted vulnerabilities this year -- as in previous years -- were older security flaws in common...

Took part of for the first time, great summit, great people, bringing back new ideas and tools that will expand and modernize our stack.

Meta's Threads social media platform has 100 million users and counting, as well as way too much of their personal data, experts say.

Threads collects so much sensitive information it's a 'hacker's dream,' experts say - BNN Bloomberg It knows when you've been online shopping, the last time you worked out and whether you’ve been lurking on your ex’s profile.

The Xtreme Bluetooth spam firmware that hackers with the Flipper Zero have been using to spam iPhones has been updated so that it can spam Android devices and Windows computers.

Now Android and Windows devices aren't safe from Flipper Zero either The Bluetooth spam feature that was initially used to inundate, and even crash, iPhones has now been expanded to cover Android and Windows devices.

An advanced persistence threat group called Storm-0062 -- which reportedly conducts cyberspy operations for China's Ministry of State Security -- has been exploiting the zero-day bugs affecting Atlassian's Confluence Data Center and Server products since mid-September.

China-backed hackers behind Confluence zero-day attacks An advanced persistence threat group called Storm-0062 -- which reportedly conducts cyberspy operations for China's Ministry of State Security -- has been exploiting the zero-day bugs affecting Atlassian's Confluence Data Center and Server products since mid-September, Microsoft reports.

Malware first uncovered by Lumen Technologies' Black Lotus Labs in March 2022 has shifted focus to attack Taiwanese groups and US military websites.

Lumen Technologies Rediscovers Malware Targeting Taiwan, US Cyber solutions provider Lumen Technologies has detected malware that targets Taiwanese organizations and US military research websites.

Merely opening a message containing a Skype link on a smartphone -- not even clicking on the link -- can reveal your IP address.

Reading a Skype message could reveal your location to hackers A new report from 404 Media reveals a flaw in Skype that allows anyone to see your IP address—just from an opened message.

OpenAI has introduced ChatGPT Enterprise, enabling companies to customize the model's training and data storage, along with enhanced security features.

OpenAI launches ‘enterprise-grade’ ChatGPT OpenAI said the newest version of its ChatGPT service comes with enterprise-grade security and privacy features.