Category: AI in news
May 23, 2024NewsroomRansomware / Virtualization Ransomware attacks targeting VMware ESXi infrastructure following an established pattern regardless of the file-encrypting malware deployed. “Virtualization platforms are a core component of organizational IT infrastructure, yet they often suffer from inherent misconfigurations and vulnerabilities, making them a lucrative and highly effective target for threat actors to abuse,” cybersecurity firm…
Read More
May 23, 2024NewsroomCyber Espionage / Network Security The China-linked threat actor known as Sharp Panda has expanded their targeting to include governmental organizations in Africa and the Caribbean as part of an ongoing cyber espionage campaign. “The campaign adopts Cobalt Strike Beacon as the payload, enabling backdoor functionalities like C2 communication and command execution while…
Read More
“This is something that worries, above all, the smaller players who are struggling with how to solve it. Do they have to be staffed 24/7? The larger players who are used to tough regulations cope better,” says Rönn. And even though the time to prepare for DORA is running out, not all technical regulations have…
Read More
Fake code, inflated prices Researchers at CloudSEK analyzed approximately 25,000 posts on Telegram, many of which claimed to sell authentic Pegasus code, the statement added. These posts often followed a common template offering illicit services, with frequent mention of Pegasus and NSO tools. CloudSEK researchers went a step further, engaging with over 150 potential sellers.…
Read More
A scammer has been sentenced to 10 years in prison for laundering over US $4.5 million obtained by targeting businesses and the elderly with Business Email Compromise (BEC) and romance fraud scams. Malachi Mullings, a 31-year-old from Sandy Springs, Georgia, was charged with opening 20 bank accounts in the name of a sham company, The…
Read More
Context is critical in cloud security. In a recent RSA presentation, Tenable’s Shai Morag offered ten tips for end-to-end cloud infrastructure security. At the recent RSA Conference, Shai Morag, SVP and GM of Cloud Security at Tenable, led the session titled “Cloud Security Novice to Native in 10 Steps: A CNAPP Approach,” which delved into…
Read More
May 23, 2024NewsroomCyber Espionage / Network Security Governmental entities in the Middle East, Africa, and Asia are the target of a Chinese advanced persistent threat (APT) group as part of an ongoing cyber espionage campaign dubbed Operation Diplomatic Specter since at least late 2022. “An analysis of this threat actor’s activity reveals long-term espionage operations…
Read MorePersonal AI Assistants and Privacy Microsoft is trying to create a personal digital assistant: At a Build conference event on Monday, Microsoft revealed a new AI-powered feature called “Recall” for Copilot+ PCs that will allow Windows 11 users to search and retrieve their past activities on their PC. To make it work, Recall records everything…
Read More
Tenable reported the issue to the project’s maintainers on April 30, and they responded by developing a patched version of the technology, Fluent Bit 3.0.4, released May 21. Fluent Bit’s developers urged technology providers to update “immediately to keep your systems stable and secure” in a statement on their website. Vulnerabilities in cloud-based systems are…
Read More
The attack didn’t target grid operations but could have Experts say the apparent financial motivation leads them to believe the attackers were not targeting grid operations. “Those bad guys were looking for compute devices that they could use to do computer internet-related types of extortion,” Thomas Tansy, CEO of DER Security, tells CSO. “From that…
Read More