Author: nlqip
Oct 13, 2024Ravie Lakshmanan The Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the Windows Kernel as part of a cyber espionage campaign targeting the U.A.E. and the broader Gulf region. “The group utilizes sophisticated tactics that include deploying a backdoor that leverages Microsoft Exchange servers for…
Read More
Video ESET research dives deep into a series of attacks that leveraged bespoke toolsets to compromise air-gapped systems belonging to governmental and diplomatic entities 11 Oct 2024 This week, ESET researchers published the results of their probe into a series of attacks that leveraged bespoke toolsets to compromise air-gapped systems belonging to governmental and diplomatic…
Read More
OpenAI has disrupted over 20 malicious cyber operations abusing its AI-powered chatbot, ChatGPT, for debugging and developing malware, spreading misinformation, evading detection, and conducting spear-phishing attacks. The report, which focuses on operations since the beginning of the year, constitutes the first official confirmation that generative mainstream AI tools are used to enhance offensive cyber operations.…
Read More
Microsoft has officially deprecated the Point-to-Point Tunneling Protocol (PPTP) and Layer 2 Tunneling Protocol (L2TP) in future versions of Windows Server, recommending admins switch to different protocols that offer increased security. For over 20 years, the enterprise has used the PPTP and L2TP VPN protocols to provide remote access to corporate networks and Windows servers.…
Read More
Oct 12, 2024Ravie LakshmananCryptocurrency / Cybercrime The U.S. Department of Justice (DoJ) has announced arrests and charges against several individuals and entities in connection with allegedly manipulating digital asset markets as part of a widespread fraud operation. The law enforcement action – codenamed Operation Token Mirrors – is the result of the U.S. Federal Bureau…
Read More
“Seamlessly integrated into your experience, the AI assistant continues your conversation as you navigate through Partner Center,” according to Microsoft. Microsoft is previewing an artificial intelligence-powered assistant in its Partner Center with capabilities ranging from support ticket creation to quick answers. The Partner Center AI assistant – notably not called a “copilot,” Microsoft’s typical name…
Read More
Pegasystems, Nextiva, Verint, Sterling, Dewpoint and Cloud Ingenuity are among the companies to list open positions for channel-related roles. This month, Sterling, Dewpoint and Cloud Ingenuity are among the solution providers to list open positions while Pegasystems, Nextiva and Verint are among the vendors to list open positions for channel-related roles. CRN has looked at…
Read More
In addition to launching a new Copilot AI engine to assist with data analytic workflows, dbt Labs is expanding the capabilities of its popular dbt Cloud platform with cross-platform data mesh capabilities, support for the Apache Iceberg data table format, and new low-code visual editing tools. Dbt Labs is expanding its dbt Cloud data management…
Read More
A new tax-themed malware campaign targeting insurance and finance sectors has been observed leveraging GitHub links in phishing email messages as a way to bypass security measures and deliver Remcos RAT, indicating that the method is gaining traction among threat actors. “In this campaign, legitimate repositories such as the open-source tax filing software, UsTaxes, HMRC,…
Read More
The real-world demo of Tesla’s humanoid Optimus robot suggests hackers may soon have a whole new attack surface to try to exploit. Get ready to meet your newest home IoT device, C-3PO. Last night in Burbank, Calif., Elon Musk offered a real-world demo of Tesla’s much-anticipated Optimus bots, letting the humanoid robots loose to mingle…
Read More