Category: AI in news
A new information stealer has been found leveraging Lua bytecode for added stealth and sophistication, findings from McAfee Labs reveal. The cybersecurity firm has assessed it to be a variant of a known malware called RedLine Stealer owing to the fact that the command-and-control (C2) server IP address has been previously identified as associated with…
Read More
Apr 20, 2024NewsroomVulnerability / Network Security Palo Alto Networks has shared more details of a critical security flaw impacting PAN-OS that has come under active exploitation in the wild by malicious actors. The company described the vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), as “intricate” and a combination of two bugs in versions PAN-OS 10.2,…
Read More
Chief information security officers (CISOs) understand the importance of having an incident response plan in place to help decrease the impact of a cyberattack. That’s because despite increased awareness and evolving security technology and practices, cyber threats continue to grow in both volume and sophistication. Microsoft security researchers have seen a 130.4% increase in organizations that have…
Read MoreFriday Squid Blogging: Squid Trackers A new bioadhesive makes it easier to attach trackers to squid. Note: the article does not discuss squid privacy rights. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Tags: privacy,…
Read More
Vulnerability exploits the difference between DOS and NT paths When someone is asked to type the path to a file on a Windows system, they are likely to type something of the form C:directorysubdirectoryfile.txt. This is known as a DOS-style file path and has been the most common way to represent a file’s location ever…
Read More
In the fast-paced realm of modern business, adaptation is key. As organizations transition to hybrid work models and embrace cloud-based operations, the very fabric of how we work has transformed – opening doors to more security risks. With more freelancers, contractors, and BYOD programs accessing corporate applications (like web and SaaS applications) via their own…
Read More
Threat actors behind the Akira ransomware group have extorted approximately $42 million in illicit proceeds after breaching the networks of more than 250 victims as of January 1, 2024. “Since March 2023, Akira ransomware has impacted a wide range of businesses and critical infrastructure entities in North America, Europe, and Australia,” cybersecurity agencies from the…
Read More
US-based human plasma collector, tester, and supplier Octapharma Plasma may have been experiencing a ransomware attack pushing the company into operational shutdown, according to a report by The Register. An unnamed source familiar with the situation reportedly said that Octapharma Plasma fell victim to a BlackSuit ransomware infection on Monday, disrupting operations for its US-based…
Read More
Apr 19, 2024NewsroomCyber Espionage / Threat Intelligence Government entities in the Middle East have been targeted as part of a previously undocumented campaign to deliver a new backdoor dubbed CR4T. Russian cybersecurity company Kaspersky said it discovered the activity in February 2024, with evidence suggesting that it may have been active since at least a…
Read More
The vulnerability impacts the Cisco 5000 Series Enterprise Network Compute Systems (ENCS), Catalyst 8300 Series Edge uCPE, UCS C-Series Rack Servers in standalone mode and UCS E-Series Servers in default configurations. Many other products and appliances that are based on UCS C-Series servers are also affected if the IMC CLI was explicitly configured to be…
Read More