Go to listing page

Daily Cybersecurity Roundup, October 30, 2024

Dialing danger! The FakeCall malware’s latest trick reroutes your bank calls straight to cybercriminals, letting them hijack conversations by impersonating bank agents. North Korea’s Jumpy Pisces has dived into ransomware waters, teaming up with the Play group. This marks a shift from espionage to active cybercrime, positioning them as potential access brokers in the ransomware landscape. The CISA has set its sights on critical infrastructure security with a new international strategy for 2025-2026. Read on to learn more.

01

The latest version of FakeCall, an Android malware, hijacks calls to banks, redirecting them to attackers instead. The banking trojan uses voice phishing, impersonates banks, and captures live audio or video to steal sensitive data.

02

Unit 42 found the North Korean APT group Jumpy Pisces (aka Andariel) collaborating with the Play ransomware group, marking a shift from espionage to ransomware activity, potentially serving as an initial access broker or affiliate.

03

Researchers uncovered a malicious Python package called CryptoAITools posing as a crypto trading tool. Distributed through PyPI and fake GitHub repositories, the package is designed to steal sensitive data and drain crypto wallets.

04

The CISA released its 2025-2026 International Strategic Plan to enhance global cooperation on critical infrastructure security, improve threat intelligence sharing, and strengthen international partnerships to mitigate risks to interconnected cyber and physical systems.

05

Researchers discovered over 34 vulnerabilities in open-source AI and ML tools, including Lunary, ChuanhuChatGPT, and LocalAI. These security flaws pose the risk of remote code execution and data theft.

06

Russian and Chinese state-linked hackers are intensifying cyberattacks on Dutch critical infrastructure, aiming for future sabotage and data theft, according to a government report. It involves non-state actors, including Russian hacktivists and Chinese organizations.

07

Over 22,000 CyberPanel instances are under attack by PSAUX ransomware, exploiting a recently disclosed critical RCE vulnerability in versions 2.3.6 and likely 2.3.7, taking most instances offline.

08

A Mozilla researcher warned of a new prompt injection technique to bypass safety guardrails in OpenAI’s GPT-4o model by encoding malicious instructions in hexadecimal. It exploits GPT-4o’s compartmentalized task execution, allowing attackers to feed harmful commands undetected.

09

Proofpoint announced its acquisition of Normalyze, a data security posture management startup. Terms of the deal were not disclosed.

10

Zenity, an Israeli startup focused on securing AI copilots, raised $38 million in a Series B funding round led by Third Point Ventures and DTCP.

Get the Daily Cybersecurity Roundup delivered to your email!