Month: May 2024
Zscaler says that today’s rumors it was breached are false after a threat actor claimed to be selling access to one of the “largest cyber security companies.” In a Wednesday afternoon post, Zscaler said its ongoing investigation has shown no evidence that they were breached. “Zscaler is aware of a public X (formerly known as Twitter) post by a threat actor…
Read MoreVendors including Palo Alto Networks, Trellix and Proofpoint debuted new AI-powered security tools and capabilities this week during the conference. Without a doubt, this year’s RSA Conference in San Francisco has lived up to expectations when it comes to the focus on generative AI. RSAC 2024 has seen countless vendors unveil new security tools and…
Read MoreThe nonprofit and Catholic health system said that on May 8 it ‘detected unusual activity on select technology network systems.’ Ascension, a health system with 140 hospitals and operations in 19 states and Washington, D.C., said that its clinical operations were disrupted after it discovered “unusual activity” on some of its network systems Wednesday. The…
Read MoreSmashing Security podcast #371: Unmasking LockBitsupp, company extortion, and a Tinder fraudster
- by nlqip
The kingpin of the LockBit ransomware is named and sanctioned, a cybersecurity consultant is charged with a $1.5 million extortion, and a romance fraudster defrauded women he met on Tinder of £80,000. All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and…
Read MoreAscension, one of the largest private healthcare systems in the United States, has taken some of its systems offline to investigate what it describes as a “cyber security event.” As a major U.S. nonprofit health system, Ascension operates 140 hospitals and 40 senior care facilities across 19 states and the District of Columbia. It also…
Read MoreImage: Georgia Institute of Technology Tech Tower (RobRainer) The University System of Georgia (USG) is sending data breach notifications to 800,000 individuals whose data was exposed in the 2023 Clop MOVEit attacks. USG is a state government agency that operates 26 public colleges and universities in Georgia with over 340,000 students. The Clop ransomware gang leveraged a zero-day vulnerability in Progress…
Read More‘Our goal is to essentially get in front of every single one of those customers and convert them all, make them all love of us over time,’ says Kaseya CMO Mike Sanders. Mike Sanders believes that Kaseya’s new Kaseya 365 offering is “disruptively priced and gives MSPs that utilize it a competitive advantage is important.”…
Read More“The initial vector is a SQL Injection in the login form,” Vlad Babkin, the Eclypsium security researcher who found the flaw, told CSO. “Theoretically it should be possible to bypass the login, but we felt our proof of exploitability was sufficient to diagnose the vulnerability.” Weak hashes contributed to vulnerability In theory cryptographic hashes should…
Read MoreSuspected Chinese hack of Britain’s Ministry of Defence payroll linked to government contractor, minister confirms
- by nlqip
That has upset a noisy element among the government’s own MPs, many of whom see China as a major threat to UK security and would prefer it if the government were more explicit about this. In March, China was blamed for a cyber-campaign targeting MPs. Not long after, two Parliamentary aides were charged with spying…
Read MoreA recent partnership announcement between OpenAI and Stack Overflow has some members concerned that their data is being used without permission and will only lead to inaccurate information being created by LLMs. The partnership was announced on Monday, with OpenAI getting access to Stack Overflow’s API and feedback from developers and StackCommerce getting links in ChatGPT back to its source material and…
Read MoreRecent Posts
- Fake AI video generators infect Windows, macOS with infostealers
- T-Mobile confirms it was hacked in recent wave of telecom breaches
- GitHub projects targeted with malicious commits to frame researcher
- NSO Group used another WhatsApp zero-day after being sued, court docs say
- Ingram Micro’s Sahoo: ‘Don’t React To AI.’ Act On AI’