Category: AI in news
Aug 21, 2024Ravie LakshmananCyber Espionage / Threat Intelligence In what’s a case of an operational security (OPSEC) lapse, the operator behind a new information stealer called Styx Stealer leaked data from their own computer, including details related to the clients, profit information, nicknames, phone numbers, and email addresses. Styx Stealer, a derivative of the Phemedrone…
Read More
Semiconductor firms are appealing targets due to the high value of their intellectual property (IP), sensitive manufacturing processes, and their critical role in global supply chains. The complexity and precision involved in chip manufacturing mean that any disruption — whether through data theft, ransomware, or system sabotage — can have far-reaching consequences, impacting not just…
Read More
“Let’s say someone is using those providers and they happen to have a common identity platform, maybe SailPoint. If SailPoint is passing a data stream to AWS and Microsoft and maybe others, it could permit access to all that client’s information in one of those hyperscaler environments. It might allow limited data access in the…
Read More
Other than scanning huge amounts of data for potential threats, the technology comes in handy at sniffing out anomalies. By analyzing patterns and behaviors, GenAI can pinpoint suspicious activities, an ability well realized by Darktrace, a cybersecurity company that uses GenAI to understand normal network behavior and identify deviations. “GenAI can efficiently handle many tasks…
Read More
Aug 21, 2024Ravie LakshmananCyber Warfare / Threat Intelligence The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of new phishing attacks that aim to infect devices with malware. The activity has been attributed to a threat cluster it tracks as UAC-0020, which is also known as Vermin. The exact scale and scope of the…
Read More
Louis Blackburn, operations director at global ethical hacker and red team cybersecurity solutions provider CovertSwarm, commented: “In order to combat this [RMM abuse] tactic, organizations need to focus on endpoint hardening and reducing their attack surface.” “Implementing application control measures, such as Windows Defender Application Control (WDAC) or AppLocker, will act as a primary line…
Read More
Aug 21, 2024Ravie LakshmananWordPress / Cybersecurity A maximum-severity security flaw has been disclosed in the WordPress GiveWP donation and fundraising plugin that exposes more than 100,000 websites to remote code execution attacks. The flaw, tracked as CVE-2024-5932 (CVSS score: 10.0), impacts all versions of the plugin prior to version 3.14.2, which was released on August…
Read More
‘Sadly, we have made the very difficult decision to say painful goodbyes to some of our team members,’ Five9 CEO Mike Burkland said in an email to employees. Five9 has revealed plans to lay off about 7 percent of its workforce, totaling less than 200 people based on the vendor’s 2,684 full-time employee count as…
Read More
The “very low adoption rate” is “really alarming,” Microsoft program manager Sourish Deb said in a call with partners. Microsoft is warning partners to update their code for new application programming interface by Sept. 30 to avoid service disruption – with a Microsoft representative revealing on a recent call with solution providers that less than…
Read More
Aug 20, 2024The Hacker NewsCybersecurity / Cloud Security As cloud infrastructure becomes the backbone of modern enterprises, ensuring the security of these environments is paramount. With AWS (Amazon Web Services) still being the dominant cloud it is important for any security professional to know where to look for signs of compromise. AWS CloudTrail stands out…
Read More