Category: AI in news
Cybercriminals have succeeded in stealing the payment card information from over 110,000 animal lovers over several months after meddling with Oregon Zoo’s online ticket payment system. Sensitive information belonging to 117,815 people including their names, payment card numbers, CVV codes, and card expiry dates were stolen after being entered onto the Oregon Zoo’s website by…
Read More
The security benefits of multifactor authentication (MFA) are well-known, yet MFA continues to be poorly, sporadically, and inconsistently implemented, vexing business security managers and their users. Often, MFA users have an extra workflow burden with the additional factors, one of many obstacles to their continued success. And the frequent news stories that describe innovative ways…
Read More
The exponential growth of non-human identities (NHI) — service accounts, system accounts, IAM roles, API keys, tokens, secrets, and other forms of credentials not associated with human users — has created a surge in their inclusion in security incidents and data breaches. Here are three key areas to focus on when you’re building out your…
Read More
Aug 22, 2024Ravie LakshmananBrowser Security / Vulnerability Google has rolled out security fixes to address a high-severity security flaw in its Chrome browser that it said has come under active exploitation in the wild. Tracked as CVE-2024-7971, the vulnerability has been described as a type confusion bug in the V8 JavaScript and WebAssembly engine. “Type…
Read More
Aug 22, 2024Ravie LakshmananDatabase Security / Cryptocurrency Cybersecurity researchers have unpacked a new malware strain dubbed PG_MEM that’s designed to mine cryptocurrency after brute-forcing their way into PostgreSQL database instances. “Brute-force attacks on Postgres involve repeatedly attempting to guess the database credentials until access is gained, exploiting weak passwords,” Aqua security researcher Assaf Morag said…
Read More
“In the M&A game, rumors are currency. We accept that, and my general response is to ignore them. But what I’ve seen over the past few weeks from a company called Action1 goes far beyond anything I’ve ever experienced in my career, and I feel compelled to set the record straight,” Talpaz wrote in a…
Read More
Email attachments remain one of the most common vectors for delivering malware and other cyber threats. Despite advancements in email security, businesses continue to fall victim to sophisticated attacks that exploit the simplicity of opening an attachment. That’s because email attachments are often used by cybercriminals to deliver a range of malware, including ransomware, banking…
Read More
Protecting emails that contain sensitive data is crucial. The loss of confidential information or customer details can lead to hefty fines, negative publicity, and a significant erosion of customer trust. Unfortunately, email is often a primary target for cyberattacks such as phishing, business email compromise (BEC), and data breaches. Despite the advancements in security technologies,…
Read More
In episode 12 of The AI Fix, Mark and Graham meet an LLM having an existential crisis, ChatGPT speaks Welsh for no reason, Graham does an impression of a water spout, Eric Schmidt shares a new and unexpected take on “do no evil”, and our hosts feel like David Attenborough as they witness herds of…
Read MoreIranian cyberespionage group deploys new BlackSmith malware in sophisticated spear-phishing campaign
A known Iranian APT group has revamped its malware arsenal in a campaign against a prominent Jewish religious figure, security researchers have found. The new toolset, dubbed BlackSmith, bundles most features from the group’s previous tools with a new malware loader and PowerShell-based trojan, and it is likely being used as part of a larger…
Read More