Category: AI in news
When confirming details of a massive data breach of about 110 million customers, AT&T on Friday also revealed that it became apparently the first enterprise to be given permission to initially keep breach details secret, and then was cleared to publish. The incident itself — which AT&T said stemmed from a series of Snowflake attacks…
Read MoreWhat’s RansomHub? Despite first appearing earlier this year, RansomHub is already considered one of the most prolific ransomware groups in existence. It operates a ransomware-as-a-service (RaaS) operation, meaning that a central core of the group creates and maintains the ransomware code and infrastructure, and rents it out to other cybercriminals who act as affiliates. How…
Read MoreFriday Squid Blogging: 1994 Lair of Squid Game I didn’t know: In 1994, Hewlett-Packard released a miracle machine: the HP 200LX pocket-size PC. In the depths of the device, among the MS-DOS productivity apps built into its fixed memory, there lurked a first-person maze game called Lair of Squid. […] In Lair of Squid, you’re…
Read MoreAmerican telecom service provider AT&T has confirmed that threat actors managed to access data belonging to “nearly all” of its wireless customers as well as customers of mobile virtual network operators (MVNOs) using AT&T’s wireless network. “Threat actors unlawfully accessed an AT&T workspace on a third-party cloud platform and, between April 14 and April 25,…
Read MoreCybersecurity Snapshot: CISA Tells Tech Vendors To Squash Command Injection Bugs, as OpenSSF Calls on Developers To Boost Security Skills
- by nlqip
Check out CISA’s call for weeding out preventable OS command injection vulnerabilities. Plus, the Linux Foundation and OpenSSF spotlight the lack of cybersecurity expertise among SW developers. Meanwhile, GenAI deployments have tech leaders worried about data privacy and data security. And get the latest on FedRAMP, APT40 and AI-powered misinformation! Dive into six things that…
Read MoreSecurity intelligence firm Group-IB reports that attackers from a recently created ransomware group – EstateRansomware – exploited a year old vulnerability (CVE-2023-27532) in backup software from Veeam as part of a complex attack chain. Anatomy of an attack EstateRansomware exploited a dormant account in Fortinet FortiGate firewall SSL VPN appliances to gain initial access. After…
Read MoreThe phrase “may have been” signals that JAXA officials are still not certain what was and was not accessed. The agency also shared a cryptic comment that “In the course of taking the above measures and strengthening monitoring, we have detected and responded to multiple unauthorized accesses to JAXA’s network since January of this year—including…
Read MoreJul 11, 2024NewsroomVulnerability / Enterprise Security Palo Alto Networks has released security updates to address five security flaws impacting its products, including a critical bug that could lead to an authentication bypass. Cataloged as CVE-2024-5910 (CVSS score: 9.3), the vulnerability has been described as a case of missing authentication in its Expedition migration tool that…
Read MoreApple Is Alerting iPhone Users of Spyware Attacks Not a lot of details: Apple has issued a new round of threat notifications to iPhone users across 98 countries, warning them of potential mercenary spyware attacks. It’s the second such alert campaign from the company this year, following a similar notification sent to users in 92…
Read MoreGoogle reportedly has walked away from a potentially massive deal to buy CRM provider HubSpot, a merger that would have helped Google Cloud. Google reportedly has abandoned its plans to acquire CRM specialist HubSpot, axing a potential deal that would have been worth billions and aided Google Cloud. HubSpot generated over $2 billion in revenue…
Read MoreRecent Posts
- Global infostealer malware operation targets crypto users, gamers
- Hacktivist Group Twelve Targets Russian Entities with Destructive Cyber Attacks
- Ukraine Bans Telegram Use for Government and Military Personnel
- LinkedIn Halts AI Data Processing in UK Amid Privacy Concerns Raised by ICO
- False claims of hacked voter data – Week in security with Tony Anscombe