Category: AI in news
Nearly 7% of Internet Traffic Is Malicious Cloudflare reports on the state of applications security. It claims that 6.8% of Internet traffic is malicious. And that CVEs are exploited as quickly as 22 minutes after proof-of-concepts are published. News articles. Tags: denial of service, malware, spam, vulnerabilities Posted on July 31, 2024 at 11:55 AM…
Read More
Jul 31, 2024Ravie LakshmananWeb Security / Compliance Certificate authority (CA) DigiCert has warned that it will be revoking a subset of SSL/TLS certificates within 24 hours due to an oversight with how it verified if a digital certificate is issued to the rightful owner of a domain. The company said it will be taking the…
Read More
Jul 31, 2024Ravie LakshmananMalware / Software Development The threat actors behind an ongoing malware campaign targeting software developers have demonstrated new malware and tactics, expanding their focus to include Windows, Linux, and macOS systems. The activity cluster, dubbed DEV#POPPER and linked to North Korea, has been found to have singled out victims across South Korea,…
Read More
As federal agencies adopt a cloud-first policy, they face unique challenges in securing cloud infrastructure. Learn how Tenable Cloud Security, which is now FedRAMP “In Process,” can help. As part of the federal government’s cloud-first policy, agencies are increasingly adopting cloud computing to modernize their infrastructure and more effectively perform their missions. One key aspect…
Read More
More than a million domain names — including many registered by Fortune 100 firms and brand protection companies — are vulnerable to takeover by cybercriminals thanks to authentication weaknesses at a number of large web hosting providers and domain registrars, new research finds. Image: Shutterstock. Your Web browser knows how to find a site like…
Read More
Cybercriminals looking to abuse the power of generative AI to build phishing campaigns and sophisticated malware can now purchase easy access to them from underground marketplaces as large numbers of threat actors are putting stolen GenAI credentials up for sale every day. Hackers are selling usernames and passwords of approximately 400 individual GenAI accounts per…
Read More
Jul 31, 2024Ravie LakshmananCyber Attack / Threat Intelligence Japanese organizations are the target of a Chinese nation-state threat actor that leverages malware families like LODEINFO and NOOPDOOR to harvest sensitive information from compromised hosts while stealthily remaining under the radar in some cases for a time period ranging from two to three years. Israeli cybersecurity…
Read More
Jul 31, 2024Ravie LakshmananMobile Security / Malware A new malicious campaign has been observed making use of malicious Android apps to steal users’ SMS messages since at least February 2022 as part of a large-scale campaign. The malicious apps, spanning over 107,000 unique samples, are designed to intercept one-time passwords (OTPs) used for online account…
Read More
7. Data exfiltration Frequently overlooked, data exfiltration is a significant cloud security threat. “Data exfiltration refers to the electronic transmission of data from a cloud environment to an unauthorized external location,” says John Henley, principal consultant at technology research and advisory firm ISG. “This could occur in several ways, including the exploitation of a vulnerability,…
Read More
Jul 31, 2024Ravie LakshmananPrivacy / Social Media Meta, the parent company of Facebook, Instagram, and WhatsApp, agreed to a record $1.4 billion settlement with the U.S. state of Texas over allegations that it illegally collected biometric data of millions of users without their permission, marking one of the largest penalties levied by regulators against the…
Read More