Category: AI in news
More of Microsoft’s clients are being warned that emails they exchanged with the company were accessed by Russian hackers who broke into its systems and spied on staff inboxes. In January, Microsoft revealed that members of the “Midnight Blizzard” hacking group (also known as APT29 or Cozy Bear) had compromised the tech giant’s systems in…
Read More
Jun 28, 2024NewsroomCyber Espionage / Cyber Attack The North Korea-linked threat actor known as Kimsuky has been linked to the use of a new malicious Google Chrome extension that’s designed to steal sensitive information as part of an ongoing intelligence collection effort. Zscaler ThreatLabz, which observed the activity in early March 2024, has codenamed the…
Read More
“On Wednesday, June 26th, our security team detected an irregularity in TeamViewer’s internal corporate IT environment,” TeamViewer said in its initial update. “We immediately activated our response team and procedures, started investigations together with a team of globally renowned cyber security experts and implemented necessary remediation measures.” The company assured users that “TeamViewer’s internal corporate…
Read More
Jun 28, 2024NewsroomSoftware Security / DevOps GitLab has released security updates to address 14 security flaws, including one critical vulnerability that could be exploited to run continuous integration and continuous deployment (CI/CD) pipelines as any user. The weaknesses, which affect GitLab Community Edition (CE) and Enterprise Edition (EE), have been addressed in versions 17.1.1, 17.0.3,…
Read More
Check out why memory vulnerabilities are widespread in open source projects. Plus, get the latest on the ransomware attack that’s disrupted car sales in North America. In addition, find out why a majority of organizations grew their cyber budgets this year. And learn how confidential data from U.S. chemical facilities may have been accessed by…
Read More
Jun 28, 2024NewsroomMalware / Cryptocurrency Security researchers have shed more light on the cryptocurrency mining operation conducted by the 8220 Gang by exploiting known security flaws in the Oracle WebLogic Server. “The threat actor employs fileless execution techniques, using DLL reflective and process injection, allowing the malware code to run solely in memory and avoid…
Read MoreJames Bamford on Section 702 Extension Longtime NSA-watcher James Bamford has a long article on the reauthorization of Section 702 of the Foreign Intelligence Surveillance Act (FISA). Tags: FISA, national security policy, NSA, privacy, surveillance Posted on June 28, 2024 at 7:04 AM • 0 Comments Sidebar photo of Bruce Schneier by Joe MacInnis. Source…
Read More
CompTIA Cloud+ Unlike most others on this list, the CompTIA Cloud+ certification provides more general training on the cloud. Still, cloud security features prominently in its curriculum: Candidates will learn vulnerability management, compliance adherence, and security controls. Because CompTIA Cloud+ also provides instruction in cloud architecture, deployment, operations, troubleshooting, and DevOps fundamentals, it may…
Read More
Jun 28, 2024NewsroomIndustrial Security / Critical Infrastructure Multiple security flaws have been disclosed in Emerson Rosemount gas chromatographs that could be exploited by malicious actors to obtain sensitive information, induce a denial-of-service (DoS) condition, and even execute arbitrary commands. The flaws impact GC370XA, GC700XA, and GC1500XA and reside in versions 4.1.5 and prior. According to…
Read More
Jun 28, 2024NewsroomData Breach / Enterprise Security TeamViewer on Thursday disclosed it detected an “irregularity” in its internal corporate IT environment on June 26, 2024. “We immediately activated our response team and procedures, started investigations together with a team of globally renowned cyber security experts and implemented necessary remediation measures,” the company said in a…
Read More