Category: AI in news
Aug 22, 2024Ravie LakshmananHardware Security / Supply Chain Attack Cybersecurity researchers have uncovered a hardware backdoor within a particular model of MIFARE Classic contactless cards that could allow authentication with an unknown key and open hotel rooms and office doors. The attacks have been demonstrated against FM11RF08S, a new variant of MIFARE Classic that was…
Read More
Aug 22, 2024Ravie LakshmananNetwork Security / Zero-Day Details have emerged about a China-nexus threat group’s exploitation of a recently disclosed, now-patched security flaw in Cisco switches as a zero-day to seize control of the appliance and evade detection. The activity, attributed to Velvet Ant, was observed early this year and involved the weaponization of CVE-2024-20399…
Read More
CEO Sridhar Ramaswamy dives into Cortex AI and Iceberg customer momentum, the impact of Snowflake’s recent cyberattack and how AI will ‘c ontribute materially to revenue’ in 2025 . CEO Sridhar Ramaswamy was bullish about his company’s AI future during Snowflake’s Q2 earnings report on Wednesday, while also downplaying his company’s recent cyberattack and unveiling…
Read More
Aug 22, 2024Ravie LakshmananCloud Security / Application Security As many as 15,000 applications using Amazon Web Services’ (AWS) Application Load Balancer (ALB) for authentication are potentially susceptible to a configuration-based issue that could expose them to sidestep access controls and compromise applications. That’s according to findings from Israeli cybersecurity company Miggo, which dubbed the problem…
Read More
A production partner of Netflix has suffered a serious security breach which has resulted in yet-to-be-released episodes of popular shows to be leaked online. As Variety reports, the security breach occurred at media localisation company Iyuno which confirmed on August 9 that it had suffered a “security issue, involving unauthorized access to confidential content.” Iyuno…
Read More
Cybercriminals have succeeded in stealing the payment card information from over 110,000 animal lovers over several months after meddling with Oregon Zoo’s online ticket payment system. Sensitive information belonging to 117,815 people including their names, payment card numbers, CVV codes, and card expiry dates were stolen after being entered onto the Oregon Zoo’s website by…
Read More
The security benefits of multifactor authentication (MFA) are well-known, yet MFA continues to be poorly, sporadically, and inconsistently implemented, vexing business security managers and their users. Often, MFA users have an extra workflow burden with the additional factors, one of many obstacles to their continued success. And the frequent news stories that describe innovative ways…
Read More
The exponential growth of non-human identities (NHI) — service accounts, system accounts, IAM roles, API keys, tokens, secrets, and other forms of credentials not associated with human users — has created a surge in their inclusion in security incidents and data breaches. Here are three key areas to focus on when you’re building out your…
Read More
Aug 22, 2024Ravie LakshmananBrowser Security / Vulnerability Google has rolled out security fixes to address a high-severity security flaw in its Chrome browser that it said has come under active exploitation in the wild. Tracked as CVE-2024-7971, the vulnerability has been described as a type confusion bug in the V8 JavaScript and WebAssembly engine. “Type…
Read More
Aug 22, 2024Ravie LakshmananDatabase Security / Cryptocurrency Cybersecurity researchers have unpacked a new malware strain dubbed PG_MEM that’s designed to mine cryptocurrency after brute-forcing their way into PostgreSQL database instances. “Brute-force attacks on Postgres involve repeatedly attempting to guess the database credentials until access is gained, exploiting weak passwords,” Aqua security researcher Assaf Morag said…
Read More