The highly decorated soldier who exploded a Tesla Cybertruck outside the Trump hotel in Las Vegas used generative AI including ChatGPT to help plan the attack, Las Vegas police said Tuesday.
(Image credit: Las Vegas Police Department)
As the South prepped for snow and more cold starting Wednesday, residents in Southern California faced off with hurricane-strength winds.
(Image credit: Julio Cortez)
President-elect Donald Trump has said multiple times that the U.S. should buy Greenland, an autonomous territory of Denmark. The sparsely populated island is geopolitically important and mineral-rich.
(Image credit: Claire Harbage)
Cybercriminals are impersonating the US Social Security Administration in an attempt to install a Remote Access Trojan (RAT) malware on people’s devices, experts have warned.
Cybersecurity researchers at Cofense observed a phishing campaign, slowly picking up pace in the days and weeks leading up to the 2024 US presidential elections.
The goal of the campaign was to distribute the ConnectWise RAT - a tainted and malicious use of otherwise legitimate software called ConnectWise Control (formerly ScreenConnect).
ConnectWise RATIn an in-depth analysis, Cofense said it observed multiple variants of the same phishing campaign, in which the crooks would spoof the Social Security Administration and claim to provide an updated benefits statement. Most of the time, the fake statement would come in the form of a mismatched link (a link that doesn’t lead where it says it will lead). Sometimes, the threat actors would try to hide the link behind a “View Statement” button.
The campaign most likely started in or around mid-September 2024, when it was first observed by Cofense. The second sample came in a month later, after which the frequency gradually increased until mid-November.
“While additional emails were seen in late November, this campaign reached peak volume on November 11th and 12th, a week after Election Day,” Cofense concluded.
ConnectWise Control is a legitimate remote desktop and support tool, but in this scenario, it is used to gain unauthorized access to victims' devices. Cybercriminals exploit the software's legitimate capabilities by deploying it stealthily, often bundling it with malware or phishing schemes. Once installed, the RAT allows threat actors to control systems remotely, steal sensitive data, deploy additional malware, and monitor the victim’s computer activity.
Legitimate software is often used for malicious purposes, since endpoint security and malware removal services often don’t recognize them as a threat.
You might also likeSouthern California hasn't seen significant rainfall since last April, and a pileup of dry fuel in combination with the winds has the region on edge. A mandatory evacuation order was issued for the Palisades.
(Image credit: Ethan Swope)