The Stack

Cybersecurity

💀This malware campaign uses Discord emojis for C2 instructions

Camera emoji? "Take a screenshot of the victim's screen and upload it to the command channel as an attachment."

Snowflake

Mandiant confirms 165 Snowflake breach victims – sees custom .NET and Java reconnaissance tool

“At least 79.7% of the accounts leveraged by the threat actor in this campaign had prior credential exposure

natwest

Natwest launches new RAG chatbot pilot

Cloud-based ChatGPT 3.5 turbo as the underlying model, with NeuralSeek-powered RAG in support.

Veeam

Amid ransomware epidemic, backup and security pros need to get closer

"You have to get contained or they’ll discover and wipe your backups"

Snowflake

Snowflake warns over “rapeflake” data breaches

"The user must be left in the disabled state for 6 hours to fully invalidate any possible unauthorized access via this ID token feature."

vulnerabilities

Check Point vulnerability far worse than thought – exploited in wild since April

106,000 customers publicly exposed, initial searches suggest.

cybersecurity

New North Korean threat group seen deploying custom ransomware

Multiple Fortune 500 firms breached. Threat group uses remote IT staff, social engineering, trojanised npm packages, even a poisoned "tank game"

google cloud

Google praises UniSuper’s CIO after GCP error deleted $124 billion firm’s entire private cloud

Post-mortem praises Aussie fund's good third-party backups, “speed and precision” from CIO’s team 

NVIDIA

Jensen Huang: There’s 20,000 AI startups wanting our kit

NVIDIA shrugs off analyst concerns about depreciating assets amid pace of platform evolution.

Microsoft

Microsoft’s new AI PCs will screenshot everything every 2 seconds

Redmond's new Arm-based line of computers feature essentially built-in keylogger for hackers and abusers: Lovely.

Cybersecurity

Single host saw 70,000 servers hit with Ebury backdoor

Malware operators “have established a significant presence in data centers worldwide” 

slack

Slack is scraping your messages and files to develop AI by default

"To develop AI/ML models, our systems analyse Customer Data (e.g. messages, content and files) submitted to Slack..."