Author: nlqip
A novel command execution technique dubbed ‘GrimResource’ uses specially crafted MSC (Microsoft Saved Console) and an unpatched Windows XSS flaw to perform code execution via the Microsoft Management Console. In July 2022, Microsoft disabled macros by default in Office, causing threat actors to experiment with new file types in phishing attacks. The attackers first switched to ISO…
Read More
By linking its AI monitoring tools – part of the New Relic Observability Platform – with Nvidia NIM, organizations can gain visibility into the “black box” operations of an AI application stack and improve AI operational performance and ROI. New Relic has integrated its observability software with Nvidia’s NIM inference microservices, making it possible to…
Read More
Four Vietnamese nationals linked to the international cybercrime group FIN9 have been indicted for their involvement in a series of computer intrusions that caused over $71 million in losses to companies in the U.S. The defendants, identified as Ta Van Tai, Nguyen Viet Quoc, Nguyen Trang Xuyen, and Nguyen Van Truong, carried out their cybercrimes from May…
Read More
The maker of software used by thousands of car dealerships has reportedly been in negotiations with threat actors over a ransom payment worth tens of millions of dollars. CDK Global has begun to restore its systems and has been in negotiations with threat actors over a ransom payment, purportedly worth tens of millions of dollars,…
Read More
Jun 24, 2024NewsroomVulnerability / Artificial Intelligence Google has developed a new framework called Project Naptime that it says enables a large language model (LLM) to carry out vulnerability research with an aim to improve automated discovery approaches. “The Naptime architecture is centered around the interaction between an AI agent and a target codebase,” Google Project…
Read More
An open-source Android malware named ‘Rafel RAT’ is widely deployed by multiple cybercriminals to attack outdated devices, some aiming to lock them down with a ransomware module that demands payment on Telegram. Researchers Antonis Terefos and Bohdan Melnykov at Check Point report detecting over 120 campaigns using the Rafel RAT malware. Known threat actors conduct some…
Read More
‘As enterprises go through their normal storage refresh, they should be able to uplevel it so instead of having to build specialized environments for AI, they’re able to have their workload data, their existing data that’s sitting in existing environments, accessible for analytics and AI,’ Pure Storage CEO Charles Giancarlo tells CRN. At its recently…
Read More
CoinStats suffered a massive security breach that compromised 1,590 cryptocurrency wallets, with the attack suspected to have been carried out by North Korean threat actors. CoinStats is a comprehensive cryptocurrency portfolio management app with 1,500,000 users. It is used for investment tracking, real-time data, news aggregation, and custom alerts. It also allows users to create…
Read MoreActiontec–WCB6200Q Actiontec WCB6200Q uh_tcp_recv_content Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP server. The issue results from the lack of proper validation of the length of…
Read More
Jun 24, 2024NewsroomArtificial Intelligence / Cloud Security Cybersecurity researchers have detailed a now-patch security flaw affecting the Ollama open-source artificial intelligence (AI) infrastructure platform that could be exploited to achieve remote code execution. Tracked as CVE-2024-37032, the vulnerability has been codenamed Probllama by cloud security firm Wiz. Following responsible disclosure on May 5, 2024, the…
Read More