A cybercrime group linked to the RansomHub ransomware was spotted using a new tool designed to kill EDR software. Sophos reports that a cybercrime group, likely linked to the RansomHub ransomware operation, has been observed using a new EDR-killing utility that can terminate endpoint detection and response software on compromised systems. The researchers called the […]

Zero Day Initiative threat researchers discovered CVE-2024-38213, a simple and effective way to bypass Windows mark-of-the-web protections leading to remote code execution.In March 2024, Trend Micro’s Zero Day Initiative Threat Hunting team started analyzing samples connected to the activity carried out by DarkGate operators to infect users through copy-and-paste operations. This DarkGate campaign was an update from a previous campaign  in which the DarkGate operators were exploiting a zero-day vulnerability, CVE-2024-21412, which we disclosed to Microsoft earlier this year. The investigation into this campaign directly influenced further vulnerability research into Windows Defender SmartScreen and how files originating from WebDAV shares are handled during copy-and-paste operations. As a result, we discovered and reported CVE-2024-38213 to Microsoft, which they patched in June. This exploit, which we've named copy2pwn, results in a file from a WebDAV share being copied locally without Mark-of-the-Web protections.What is Web-based Distributed Authoring and Versioning (WebDAV)?Web-based Distributed Authoring and Versioning (WebDAV) is an extension to the Hypertext Transfer Protocol (HTTP). It provides added functionality to HTTP, including features such as authoring, sharing, and versioning.

Since WebDAV is based on HTTP, WebDAV shares can be accessed through a web browser using the HTTP protocol, for example, at[...]

Texas is suing General Motors for collecting driver data without consent and then selling it to insurance companies: From CNN: In car models from 2015 and later, the Detroit-based car manufacturer allegedly used technology to “collect, record, analyze, and transmit highly detailed driving data about each time a driver used their vehicle,” according to the AG’s statement. General Motors sold this information to several other companies, including to at least two companies for the purpose of generating “Driving Scores” about GM’s customers, the AG alleged. The suit said those two companies then sold these scores to insurance companies...

Three state attorneys general probed the company and found plenty to chastise Biotech biz Enzo Biochem is being forced to pay three state attorneys general a $4.5 million penalty following a 2023 ransomware attack that compromised the data of more than 2.4 million people.…

Lone Star State alleges GM cashed in with "millions in lump sum payments" from the sale Texas has sued General Motors for what it said is a years-long scheme to collect and sell drivers' data to third parties - including insurance companies - without their knowledge or consent. …

Orianna Rosa Royle / Fortune: During a talk, Eric Schmidt said Google is losing the AI race because it decided that work-life balance and working from home were “more important than winning”  —  Google's former CEO Eric Schmidt has a complaint about his old stomping ground—and it's one that workers have heard …

Multiple high-profile open-source projects, including those from Google, Microsoft, AWS, and Red Hat, were found to leak GitHub authentication tokens through GitHub Actions artifacts in CI/CD workflows. [...]

Twenty-six financial firms agreed to pay about $393 million in total fines after the US Securities and Exchange Commission said they failed to keep their employees’ electronic communications, the latest fallout from the regulator’s so-called WhatsApp investigations.

Microsoft warned customers this Tuesday to patch a critical TCP/IP remote code execution (RCE) vulnerability with an increased likelihood of exploitation that impacts all Windows systems with IPv6 enabled. [...]

A critical vulnerability in SolarWinds' Web Help Desk solution for customer support could be exploited to achieve remote code execution, the American business software developer warns in a security advisory today. [...]

Ben Dickson / VentureBeat: MIT releases a database of 700+ unique AI risks, based on 43 existing taxonomies, including peer-reviewed articles, preprints, conference papers, and reports  —  As research and adoption of artificial intelligence continue to advance at an accelerating pace, so do the risks associated with using AI.

The White House is calling their push the "Time is Money" initiative.