Category: AI in news
In the 2023 data breach, the attackers specifically accessed and exfiltrated the customer proprietary network information (CPNI) data which pertains to critical subscribers’ information maintained by the telecommunication companies in the US. The CPNI consists of information on the services used, the amount paid for the services, and the type of usage opted for. The…
Read More
Apr 01, 2024NewsroomBotnet / Mobile Security Several malicious Android apps that turn mobile devices running the operating system into residential proxies (RESIPs) for other threat actors have been observed on the Google Play Store. The findings come from HUMAN’s Satori Threat Intelligence team, which said the cluster of VPN apps came fitted with a Golang…
Read More
It’s just an unfortunate reality that it took a skills shortage for the cybersecurity industry to realize that bias recruitment has long been a problem and it needs to be addressed for the workforce to be more diverse, according to Michael Page Australia regional director George Kauye. “I think most of us in the workforce…
Read More
Google recently announced the general availability of Duet AI for Developers and Duet AI in Security Operations, marking a significant advancement in the realm of artificial intelligence (AI) designed to bolster productivity for developers and security professionals. Let’s delve deeper into how these innovative AI tools can transform these respective fields. Duet AI for Developers:…
Read More
The Android banking trojan known as Vultur has resurfaced with a suite of new features and improved anti-analysis and detection evasion techniques, enabling its operators to remotely interact with a mobile device and harvest sensitive data. “Vultur has also started masquerading more of its malicious activity by encrypting its C2 communication, using multiple encrypted payloads…
Read MoreRoss Anderson Ross Anderson unexpectedly passed away Thursday night in, I believe, his home in Cambridge. I can’t remember when I first met Ross. Of course it was before 2008, when we created the Security and Human Behavior workshop. It was well before 2001, when we created the Workshop on Economics and Information Security. (Okay,…
Read More
Mar 30, 2024NewsroomMalware / Cryptocurrency Malicious ads and bogus websites are acting as a conduit to deliver two different stealer malware, including Atomic Stealer, targeting Apple macOS users. The ongoing infostealer attacks targeting macOS users may have adopted different methods to compromise victims’ Macs, but operate with the end goal of stealing sensitive data, Jamf…
Read More
Mar 30, 2024NewsroomLinux / Supply Chain Attack RedHat on Friday released an “urgent security alert” warning that two versions of a popular data compression library called XZ Utils (previously LZMA Utils) have been backdoored with malicious code designed to allow unauthorized remote access. The software supply chain compromise, tracked as CVE-2024-3094, has a CVSS score…
Read MoreFriday Squid Blogging: The Geopolitics of Eating Squid New York Times op-ed on the Chinese dominance of the squid industry: China’s domination in seafood has raised deep concerns among American fishermen, policymakers and human rights activists. They warn that China is expanding its maritime reach in ways that are putting domestic fishermen around the world…
Read More
Mar 29, 2024NewsroomReverse Engineering / RFID Security Security vulnerabilities discovered in Dormakaba’s Saflok electronic RFID locks used in hotels could be weaponized by threat actors to forge keycards and stealthily slip into locked rooms. The shortcomings have been collectively named Unsaflok by researchers Lennert Wouters, Ian Carroll, rqu, BusesCanFly, Sam Curry, sshell, and Will Caruana.…
Read More