Category: AI in news
Some years ago, my cyber team at my prompting had T-shirts prepared for an offsite meeting. They were bright pink (not black) and said, “Cyber Rock Star.” We wore our T-shirts proudly, and the team was very successful, as a group and individually. To fix issues brought about by the cybersecurity talent gap, we have…
Read More
Jul 26, 2024Mohit KumarEnterprise Security / Network Security CrowdStrike is alerting about an unfamiliar threat actor attempting to capitalize on the Falcon Sensor update fiasco to distribute dubious installers targeting German customers as part of a highly targeted campaign. The cybersecurity company said it identified what it described as an unattributed spear-phishing attempt on July…
Read More
What is DNSSEC? The Domain Name System Security Extensions (DNSSEC) is a set of specifications that extend the Domain Name System (DNS) protocol by adding cryptographic authentication for responses received from authoritative DNS servers. Its goal is to defend against attack techniques such as DNS spoofing and hijacking attacks that direct computers to rogue websites…
Read More
Jul 26, 2024NewsroomSoftware Security / Vulnerability Progress Software is urging users to update their Telerik Report Server instances following the discovery of a critical security flaw that could result in remote code execution. The vulnerability, tracked as CVE-2024-6327 (CVSS score: 9.9), impacts Report Server version 2024 Q2 (10.1.24.514) and earlier. “In Progress Telerik Report Server…
Read MoreThe CrowdStrike Outage and Market-Driven Brittleness Friday’s massive internet outage, caused by a mid-sized tech company called CrowdStrike, disrupted major airlines, hospitals, and banks. Nearly 7,000 flights were canceled. It took down 911 systems and factories, courthouses, and television stations. Tallying the total cost will take time. The outage affected more than 8.5 million Windows…
Read More
The US Department of Homeland Security has unveiled a dog-like robot that it says has been adapted to jam the connectivity of smart home devices. The DHS’s purchase of “NEO,” developed by Ghost Robotics, was announced to attendees during a speech at the Border Security Expo in Texas, according to a report by 404 Media,…
Read More
SEXi? Seriously? What are you talking about this time? Don’t worry, I’m not trying to conjure images in your mind of Rod Stewart in his iconic leopard print trousers. Instead, I want to warn you about a cybercrime group that has gained notoriety for attacking VMware ESXi servers since February 2024. Excuse me for not…
Read More
Most security companies say they use artificial intelligence to help thwart cyber-attacks, but what they really mean can vary dramatically. So how can organization’s vet providers’ claims in this area? In this piece, we’ll look under the covers at how best to use AI in one of the most critical cyber security realms: extended detection…
Read More
Jul 25, 2024NewsroomMalware / Cyber Espionage A North Korea-linked threat actor known for its cyber espionage operations has gradually expanded into financially-motivated attacks that involve the deployment of ransomware, setting it apart from other nation-state hacking groups linked to the country. Google-owned Mandiant is tracking the activity cluster under a new moniker APT45, which overlaps…
Read More
“An attacker could exploit a bypass using an API request with Content-Length set to 0, causing the Docker daemon to forward the request without the body to the AuthZ plugin, which might approve the request incorrectly,” Docker said in the advisory. The AuthZ plugin would have otherwise denied the request if the body had been…
Read More