Category: AI in news
TD Synnex, Skyhigh Security, Leidos, Microsoft, NetApp and Salesforce were among the tech companies making key executive hires and moves in August 2024. A chief information security officer at TD Synnex. A chief technology officer at Skyhigh Security. And a chief data officer at Leidos. Alicia Lynch, formerly with Cognizant; Steve Tait, formerly with Snow…
Read More
With patches out for three years, attackers have set their sights on a pair of vulnerabilities affecting DrayTek VigorConnect. Background In November 2021, the Cybersecurity and Infrastructure Security Agency (CISA) launched its Known Exploited Vulnerabilities (KEV) Catalog, an effort to focus on vulnerabilities known to have been exploited and provide defenders with an actionable list…
Read More
Cybersecurity teams must beware of RansomHub, a surging RaaS gang. Plus, North Korea has unleashed sophisticated social-engineering schemes against crypto employees. Meanwhile, a new SANS report stresses the importance of protecting ICS and OT systems. And a Tenable poll sheds light on cloud-native VM. And much more! Dive into six things that are top of…
Read More
“We want to provide the resources that empower businesses to scale,” AWS GM Miguel Alava said in a statement. Amazon Web Services has launched a Global Passport Program aimed at growing a select number of software partners’ business internationally, promising to connect these vendors to regional resellers and distributors to build local market pipelines. Aimed…
Read More
Frontier has a market capitalization of about $10 billion with its stock trading at about $39 a share after market hours Wednesday, up about 11 percent. Verizon is reportedly in talks to buy rival Frontier Communications to grow its fiber network and better compete with AT&T and other rivals. The Basking Ridge, N.J.-based telecommunications vendor…
Read More
North Korean threat actors have leveraged a fake Windows video conferencing application impersonating FreeConference.com to backdoor developer systems as part of an ongoing financially-driven campaign dubbed Contagious Interview. The new attack wave, spotted by Singaporean company Group-IB in mid-August 2024, is yet another indication that the activity is also leveraging native installers for Windows and…
Read More
“The problem is that while this is being discussed, attackers can already use this method to gain code execution on many PyPI users as we’ve demonstrated.” Advice for CISOs, app leaders Infosec leaders should warn their staff that a new version of a package can potentially include malicious code, he said, even if the last…
Read More
Sep 04, 2024Ravie Lakshmanan A new supply chain attack technique targeting the Python Package Index (PyPI) registry has been exploited in the wild in an attempt to infiltrate downstream organizations. It has been codenamed Revival Hijack by software supply chain security firm JFrog, which said the attack method could be used to hijack 22,000 existing…
Read More
Sep 04, 2024The Hacker NewsSaaS Security / Browser Security Account takeover attacks have emerged as one of the most persistent and damaging threats to cloud-based SaaS environments. Yet despite significant investments in traditional security measures, many organizations continue to struggle with preventing these attacks. A new report, “Why Account Takeover Attacks Still Succeed, and Why…
Read MoreSecurity Researcher Sued for Disproving Government Statements This story seems straightforward. A city is the victim of a ransomware attack. They repeatedly lie to the media about the severity of the breach. A security researcher repeatedly proves their statements to be lies. The city gets mad and sues the researcher. Let’s hope the judge throws…
Read More