Google has revealed a new multilingual text vectorizer called RETVec (short for Resilient and Efficient Text Vectorizer) to help detect potentially harmful content such as spam and malicious emails in Gmail. "RETVec is trained to be resilient against character-level manipulations including insertion, deletion, typos, homoglyphs, LEET substitution, and more," [...]
Threat actors from the Democratic People's Republic of Korea (DPRK) are increasingly targeting the cryptocurrency sector as a major revenue generation mechanism since at least 2017 to get around sanctions imposed against the country. "Even though movement in and out of and within the country is heavily restricted, and [...]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed that it's responding to a cyber attack that involved the active exploitation of Unitronics programmable logic controllers (PLCs) to target the Municipal Water Authority of Aliquippa in western Pennsylvania. The attack has been attributed to an Iranian-backed hacktivist collective known [...]
An Android malware campaign targeting Iranian banks has expanded its capabilities and incorporated additional evasion tactics to fly under the radar. That's according to a new report from Zimperium, which discovered more than 200 malicious apps associated with the malicious operation, with the threat actor also observed carrying out [...]
Cybersecurity researchers have detailed a "severe design flaw" in Google Workspace's domain-wide delegation (DWD) feature that could be exploited by threat actors to facilitate privilege escalation and obtain unauthorized access to Workspace APIs without super admin privileges. "Such exploitation could result in theft of emails from Gmail, data exfiltration [...]
Act now if you want to keep your old Google accounts. Starting this week (12/1), Google will start deleting inactive Google accounts, it said, and all their contents, including Gmail messages, Photos, Calendar appointments, Contacts records, YouTube videos and Drive documents. If an account hasn't been used or signed [...]
The maintainers of the open-source file-sharing software ownCloud have warned of three critical security flaws that could be exploited to disclose sensitive information and modify files.A brief description of the vulnerabilities is as follows -Disclosure of sensitive credentials and configuration in containerized deployments impacting graphapi versions from 0.2.0 to 0.3.0. [...]
A new phishing attack has been observed leveraging a Russian-language Microsoft Word document to deliver malware capable of harvesting sensitive information from compromised Windows hosts. The activity has been attributed to a threat actor called Konni, which is assessed to share overlaps with a North Korean cluster tracked as [...]
Delivery- and shipping-themed email messages are being used to deliver a sophisticated malware loader known as WailingCrab. "The malware itself is split into multiple components, including a loader, injector, downloader and backdoor, and successful requests to C2-controlled servers are often necessary to retrieve the next stage," IBM X-Force researchers [...]
A new research has uncovered multiple vulnerabilities that could be exploited to bypass Windows Hello authentication on Dell Inspiron 15, Lenovo ThinkPad T14, and Microsoft Surface Pro X laptops. The flaws were discovered by researchers at hardware and software product security and offensive research firm Blackwing Intelligence, who found [...]
North Korean threat actors have been linked to two campaigns in which they masquerade as both job recruiters and seekers to distribute malware and obtain unauthorized employment with organizations based in the U.S. and other parts of the world. The activity clusters have been codenamed Contagious Interview and Wagemole, [...]
The FBI has recently issued an advisory about the increasing threat of callback phishing, a sophisticated cyberattack tactic. Unlike traditional phishing, callback phishing doesn't include a malicious link in the email. Instead, callback phishing features a prominent phone number, urging the recipient to call for an urgent matter. The [...]
1 South Corporate Drive, Riverdale, NJ 07457
CALL: +1-973-276-0808
FAX: 973-248-6645
EMAIL: info@bmtcorp.com
NJ Service Areas
All work performed by Business Machine Technologies Inc. shall be subject to the terms of the Master Services Agreement which can be reviewed at www.bmtcorp.com/MSA
For 30+ years we have been dedicated to providing the highest levels of customer service, expert support, and the best in technology solutions to our clients.
