Lemon Group’s Guerrilla malware model an example of how threat actors are monetizing compromised Android devices, researchers say.
Related Posts
Facebook Marketplace users’ stolen data offered for sale
Facebook Marketplace users’ stolen data offered for sale
[[{“value”:”
Personal data belonging to Facebook Marketplace users has been published online, according to BleepingComputer.
A cybercriminal was allegedly able to steal a partial database after hacking the systems of a Meta contractor.
The leak consists of around 200,000 records that contain names, phone numbers, email addresses, Facebook IDs, and Facebook profile information of the affected Facebook Marketplace users. BleepingComputer was able to verify the some of the data.
Marketplace was introduced by Facebook in 2016 and quickly became a popular platform to sell items to local buyers. It’s often preferred over other marketplaces because you can find or sell items locally that would be too expensive to ship, but you can easily pick up yourself.
Smaller businesses also use it as well to get their ecommerce side of the business started. Statistics say that every month, on average 40% of Facebook users are Marketplace users, and an estimated 485 million or 16% of active users log in to Facebook for the sole purpose of shopping on Facebook Marketplace.
Depending on the buyer of the leaked data, both the email addresses and the phone numbers could be used in phishing attacks. Phishing is the art of sending an email with the aim of getting users to open a malicious file or click on a link to then steal credentials. The combination of email addresses and phone numbers could also be used in SIM swapping attacks.
SIM swapping, also known as SIM jacking, is the act of illegally taking over a target’s cell phone number. This can be done in a number of ways, but one of the most common methods involves tricking the target’s phone carrier into porting the phone number to a new SIM which is under the control of the attacker. Having control over or access to the victim’s email combined with the knowledge of the associated phone number makes a SIM swap relatively easy.
Protect yourself from a SIM card swap attack
Don’t reply to calls, emails, or text messages that request personal information. Should you get a request for your account or personal information, contact the company asking for it by using a phone number or website that you know is real.
Limit the personal information you share online.
Set up a PIN or password on your cellular account. This could help protect your account from unauthorized changes. Check your provider’s website for information on how to do this.
Use Multi-Factor Authentication (MFA), especially on accounts with sensitive personal or financial information. If you do use MFA, keep in mind that text message verification may not stop a SIM card swap. If you’re concerned about SIM card swapping, use an authentication app or a security key.
Digital Footprint scan
If you want to find out how much of your own data is exposed online, you can try our free Digital Footprint scan. Fill in the email address you’re curious about (it’s best to submit the one you most frequently use) and we’ll send you a report.
We don’t just report on threats – we help safeguard your entire digital identity
Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using Malwarebytes Identity Theft Protection.
“}]] Read More
Malwarebytes

Protect Your Business with AI-Powered Email Security – Next-Gen Email Threat Protection
Protect Your Business with AI-Powered Email Security – Next-Gen Email Threat Protection
Did you know that over 80% of cyberattack security incidents start with a well-crafted phishing email? That’s right; incoming email phishing attacks are the most common way hackers try to infiltrate your systems.
Artificial intelligence is vital in protecting a mailbox from any cyber threat. New AI tools like Trustifi will allow you to identify malicious email behaviors.
Traditional prevention techniques aren’t enough anymore for these sophisticated attacks.
Here are vital points all organizations need to consider before adopting AI.
Although AI and ML can be used for better organizational efficiency and information management, AI still needs improvement.
It is crucial to remember that this system will only work if uncorrupted data back it.
Feeding data into AI- human intervention machine learning algorithms is essential.
Adding AI-Focused cybersecurity personnel with expertise in data science and analytics is essential to capitalize on the value of AI-powered solutions.
Validating a combination of machine learning and AI for any organization is an ongoing exercise.
While AI has great potential across several business lines, including customer success, product development, and marketing, cybersecurity AI continues to be viewed as more mature for organizations to consider adopting.
The Threat from AL and ML Tools in the Wrong Hands
Dori Buckethal, the vice president of Thomson Reuters Risk & Fraud Solutions, stated that organized crime rings are advanced and adopt new technology quickly.
She explained that generative AI and machine learning can now replace previously manual processes used by
Generative AI technology presents potential risks to the safety and protection of critical state, local, and federal government agencies and entitlement programs.
AI algorithms become used for fraud in various sectors by predicting sensitive information like social security numbers, increasing modern email threats, including creating impersonation email domains, and creating fake identities, leading to fraudulent activities like healthcare claims, defense contracts, tax returns, and aid applications.
Faulty algorithms could block critical emails and attachments from reaching their correct sender and receiver.
Corrupt machine learning also affects the ability to launch reactive and proactive countermeasures during a cybersecurity attack.
Faults in AI and ML Configuration and Management
Human error creates more challenging issues when organizations enable next-generation security email threat defense.
Setting up AI and ML systems is a challenging single-click experience. AI and ML require a team of data scientists, data analytics, application, and cybersecurity engineers working together to develop and maintain these complex systems.
The effect of human error in maintaining AI and ML systems could take months or even years before the issue becomes discovered.
Hackers will attack AL and ML systems looking for exposed vulnerabilities and misconfiguration, hoping to corrupt the systems.
With the risk of this type of security breach, security engineers need to develop testing and quality assurance automation capabilities to continuously test their AI and ML systems to validate the data and outputs and maintain the highest level of integrity.
How Important is AI-Powered Email Security?
To identify and notify users when their mailbox has been compromised, AI-Powered Email Security solutions like Trustifi AI Engines continuously monitor user email behavior to spot anomalies in volume, context, devices, geo-location, type of sent emails, and more.
Trusifi is an AI-powered Email security solution that secures your business from today’s most dangerous email threats; you can request a free Demo.
With the increasing availability of structured and unstructured electronic data, artificial intelligence and machine learning techniques have been crucial in protecting email and IM.
Email-based threats, including zero-day attacks and associated methods of communication, continue to be targeted by hackers, phishers, and cyber criminals.
Organizations could face orchestrated and well-coordinated cybersecurity from a state-sponsored APT hacker group or loosely formed hacker hobbyist.
Knowing what type of email attack the organization faces, including methods and how it becomes attacked, is no longer a manual process.
The amount of AI-Powered Email Security telemetry prevents a manual correlation. Without AI and Machine learning( ML) tools, organizations will quickly become overwhelmed with the amount of data to process, no root-cause analysis, or timely deployment of security countermeasures.
What is at Risk if the Entire Cloud Email is not Protected with AI?
Email continues to be the top method of communication for organizations. With the broad adoption of data loss prevention, email encryption, and multi-factor authentication, the need to continuously innovate AI-Powered Email Security capabilities is an ongoing event.
Hackers have found ways to bypass multi-factor authentication. Okta Concludes its Investigation Into the January 2022 Compromise.
Hackers will use their version of AI to execute multi-threat attacks, including these threat vectors and more.
These attacks cause damage to organizations on a much grander scale if companies do not deploy the proper AI countermeasures.
The damage to the organization could include the following:
Loss of Customers.
Building trust with your customers is essential. Phishing scams can harm your brand and compromise your data.
Losing trust damages your brand and reduces revenue.
Fines and Regulatory Audits.
In the event of data theft, organizations may be required to compensate those affected, resulting in significant financial costs.
Data breaches can cause consumers to lose trust in a company’s security measures, shifting towards alternative options. The affected organization may experience financial losses and decreased customer loyalty.
Loss of Investor Confidence.
After experiencing a setback, it’s challenging to rebuild confidence. This can also affect investor confidence, resulting in a decrease in a company’s worth. For example 2018, Facebook’s value decreased by $36 billion following a data breach.
Losing Intellectual Property.
Beware of the treacherous waters of phishing attacks, trade secret theft, customer lists, priceless research, cutting-edge tech stolen by phishers and hackers more!
How Can AI Be Used for Email Security?
A business email compromise is a prevalent form of fraud where a criminal impersonates a legitimate business through email.
That’s where artificial intelligence (AI) and machine learning (ML) come in.
Companies can improve their email security and optimize efficiency using these cutting-edge technologies. Let’s dive in and see what AI and ML can do for your email security strategy.
Implementing AI-Powered Email security solutions can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware – Request Free Demo.
Machine Learning-Assisted Hacking Tools.
Phishing attacks typically involve voice and SMS text-phishing attacks, tricking victims into providing password and email information.
Organizations investing in their own defensive machine learning-assisted tools quickly recognize both the need and time sensitively to get these tools deployed.
However, AI and ML tools take many months to learn the behavior of the organization’s network and systems to develop benchmarking and trending.
These AI and ML development stages also require extensive data to help understand and create machine learning outputs.
Hackers using similar AI and ML steal terabytes from organizations through email, syslog highjacking, and data exfiltration.
The hackers feed stolen data into their AI and ML engines to create attack strategies.
AL and ML Integration into SecOps Workflows.
Organizations incorporating several innovative architectures, including extended detection and response(XDR), zero-trust, cloud-based email security with AI, and security orchestrated automation and response(SOAR), are collapsing the security telemetry into security event information management(SIEM) system with AI capabilities.
Security Operations(SecOps), through their Al and ML automation, leverage SIEM tools to enable faster and more accurate countermeasures to reduce the impact of these complex attacks.
Hackers, also using AL, often will alter their attacks based on the success or failure of previous episodes. Using their AI, they will change their tactics, the scale of the attack, and targets much faster using AL and ML.
With AL on both sides of the cybersecurity battle, both sides will have a chance against their adversary.
The Imperfection of AI and ML for Email Security.
Even with the tremendous potential of AI and ML for email security, this disruptive technology can quickly become destructive.
Encrypting the data is one way to help prevent corruption. Securing the AI and ML applications and platforms also helps the risk.
Another critical concern for AL and ML is altering algorithms that unintentionally block emails from a specific group in society applying for a student loan or a home mortgage.
Organizations using AL as part of the decision logic must ensure safeguards around how the AI algorithms process the raw data and provide a quality assurance layer within the ML system.
Faulty algorithms could block critical emails and attachments from reaching their correct sender and receiver. Corrupt machine learning also affects the ability to launch reactive and proactive countermeasures during cybersecurity attacks.
AI-Powered Email Security – Conclusion
Fortunately, AI and ML can assist in this area. AI/Ml-powered email security solutions, real-time detection, and other advanced threat feature protection are essential for all organizations.
AI-Powered Email Security technologies can analyze incoming messages in real-time and identify suspicious activity within the message header, body, and attachments.
These remarkable features powered by multilayered detection techniques with threat-protection policies provide an additional layer of inbound email security to stop AI-powered malicious content through the email channel.
Email security systems can take action before a harmful message reaches your inbox. Email security can become more robust and effective with less management overhead with AI and ML.
“Stay ahead of evolving cyber threats with Trustifi’s AI-based email security measures. Protect your business today!” – Request a Free Demo.
The post Protect Your Business with AI-Powered Email Security – Next-Gen Email Threat Protection appeared first on Cyber Security News.
Cyber Security News
AMD SEV Vulnerability Allows Malicious CPU Microcode Injection as Admin
AMD SEV Vulnerability Allows Malicious CPU Microcode Injection as Admin
AMD has disclosed a high-severity vulnerability (CVE-2024-56161) in its Secure Encrypted Virtualization (SEV) technology, which could allow attackers with administrative privileges to inject malicious CPU microcode.
This flaw compromises the confidentiality and integrity of virtual machines (VMs) protected by SEV-SNP, a security feature designed to safeguard sensitive workloads in virtualized environments.
The issue stems from improper signature verification in the AMD CPU ROM microcode patch loader.
Specifically, an insecure hash function used for validating microcode updates enables adversaries with local administrator privileges to bypass signature checks and load unauthorized microcodes.
“Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious CPU microcode resulting in loss of confidentiality and integrity of a confidential guest running under AMD SEV-SNP”, reads the advisory.
Understanding the Vulnerability
AMD SEV-SNP (Secure Nested Paging) is an advanced security feature aimed at isolating VMs from hypervisors and protecting against memory remapping and side-channel attacks.
By encrypting VM memory with unique keys and enforcing memory integrity checks, SEV-SNP creates a trusted execution environment for sensitive data processing.
However, CVE-2024-56161 undermines these protections by allowing malicious microcode to manipulate CPU functionality, potentially exposing encrypted VM data or enabling privilege escalation.
This flaw affects AMD processors across multiple generations, including Zen 1 through Zen 4 architectures, which power EPYC server CPUs used in data centers worldwide.
It carries a CVSS score of 7.2 (High), reflecting its significant potential impact on confidential computing workloads.
AMD credited Google researchers Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo for uncovering this critical flaw.
AMD has released firmware updates through its AGESA platform initialization packages to address the issue. These updates include:
SEV Firmware Updates: Platforms require SEV firmware version 1.55.29 or higher for proper mitigation.
BIOS Updates: System BIOS images must be updated to incorporate the new microcode and firmware changes. Rebooting the platform after the update enables SEV-SNP attestation, allowing confidential guests to verify that mitigations are active through attestation reports.
Notably, AMD has introduced restrictions on hot-loading microcode after these updates. Attempting to load older or unauthorized microcode will result in a general protection (#GP) fault.
Organizations using AMD EPYC processors should immediately apply the latest BIOS updates provided by their Original Equipment Manufacturers (OEMs).
Regularly verify SEV-SNP attestation reports to ensure mitigations are active. Additionally, restrict administrative access to systems running sensitive workloads and monitor for unusual activity indicative of exploitation attempts.
Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free
The post AMD SEV Vulnerability Allows Malicious CPU Microcode Injection as Admin appeared first on Cyber Security News.