Current VW Golf will be last with internal-combustion engine

Volkswagen's current Golf, the Mk8, will be the last to be equipped with an internal-combustion engine, VW brand boss Thomas Schaefer has confirmed. In an interview with Automobilwoche (subscription required) published on Sunday, Schaefer said the next Golf will be offered exclusively with electric power, unless the industry takes a major turn...


https://www.motorauthority.com/news/1139...ion-engine

"It's The Service Accounts, Stupid": Why Do PAM Deployments Take (almost) Forever To

Privileged Access Management (PAM) solutions are regarded as the common practice to prevent identity threats to administrative accounts. In theory, the PAM concept makes absolute sense: place admin credentials in a vault, rotate their passwords, and closely monitor their sessions. However, the harsh reality is that the vast majority of PAM projects either become a years-long project, or even

https://thehackernews.com/2023/04/its-se...o-pam.html

Cryptocurrency Companies Targeted in Sophisticated 3CX Supply Chain Attack

The adversary behind the supply chain attack targeting 3CX deployed a second-stage implant specifically singling out a small number of cryptocurrency companies.
Russian cybersecurity firm Kaspersky, which has been internally tracking the versatile backdoor under the name Gopuram since 2020, said it observed an increase in the number of infections in March 2023 coinciding with the 3CX breach.

https://thehackernews.com/2023/04/crypto...ed-in.html

Microsoft Tightens OneNote Security by Auto-Blocking 120 Risky File Extensions

Microsoft has announced plans to automatically block embedded files with "dangerous extensions" in OneNote following reports that the note-taking service is being increasingly abused for malware delivery.
Up until now, users were shown a dialog warning them that opening such attachments could harm their computer and data, but it was possible to dismiss the prompt and open the files.
That's going

https://thehackernews.com/2023/04/micros...ty-by.html

Think Before You Share the Link: SaaS in the Real World

Collaboration sits at the essence of SaaS applications. The word, or some form of it, appears in the top two headlines on Google Workspace’s homepage. It can be found six times on Microsoft 365’s homepage, three times on Box, and once on Workday. Visit nearly any SaaS site, and odds are ‘collaboration’ will appear as part of the app’s key selling point. 
By sitting on the cloud, content within

https://thehackernews.com/2023/04/think-...as-in.html

Arid Viper Hacking Group Using Upgraded Malware in Middle East Cyber Attacks

The threat actor known as Arid Viper has been observed using refreshed variants of its malware toolkit in its attacks targeting Palestinian entities since September 2022.
Symantec, which is tracking the group under its insect-themed moniker Mantis, said the adversary is "going to great lengths to maintain a persistent presence on targeted networks."
Also known by the names APT-C-23 and Desert

https://thehackernews.com/2023/04/arid-v...raded.html

New Rilide Malware Targeting Chromium-Based Browsers to Steal Cryptocurrency

Chromium-based web browsers are the target of a new malware called Rilide that masquerades itself as a seemingly legitimate extension to harvest sensitive data and siphon cryptocurrency.
"Rilide malware is disguised as a legitimate Google Drive extension and enables threat actors to carry out a broad spectrum of malicious activities, including monitoring 
browsing history, taking screenshots,

https://thehackernews.com/2023/04/new-ri...omium.html

Rorschach Ransomware Emerges: Experts Warn of Advanced Evasion Strategies

Cybersecurity researchers have taken the wraps off a previously undocumented ransomware strain called Rorschach that's both sophisticated and fast.
"What makes Rorschach stand out from other ransomware strains is its high level of customization and its technically unique features that have not been seen before in ransomware," Check Point Research said in a new report. "In fact, Rorschach is one

https://thehackernews.com/2023/04/rorsch...perts.html

Sorting Through Haystacks to Find CTI Needles

Clouded vision
CTI systems are confronted with some major issues ranging from the size of the collection networks to their diversity, which ultimately influence the degree of confidence they can put on their signals. Are they fresh enough and sufficiently reliable to avoid any false positives or any poisoning? Do I risk acting on outdated data? This difference is major since a piece of

https://thehackernews.com/2023/04/sortin...d-cti.html

Ford Celebrates 4x4 Day as America’s Top Brand and Seller of 4x4 Trucks and SUVs i

Ford is celebrating April 4 – also known as 4x4 Day – as America’s top brand and seller of 4x4 trucks and SUVs in 2022.


https://media.ford.com/content/fordmedia...-4x4-.html