Category: AI in news
Generative AI (GenAI) is being hailed as the most transformative innovation since the rise of the internet in the 1990s. For security, GenAI can revolutionize the field if applied correctly, especially when it comes to threat detection and response. It enhances efficiency and productivity by swiftly processing and delivering critical information when it matters most.…
Read More
Jun 17, 2024NewsroomCyber Espionage / Vulnerability A suspected China-nexus cyber espionage actor has been attributed as behind a prolonged attack against an unnamed organization located in East Asia for a period of about three years, with the adversary establishing persistence using legacy F5 BIG-IP appliances and using it as an internal command-and-control (C&C) for defense…
Read More
Traditional application security practices are not effective in the modern DevOps world. When security scans are run only at the end of the software delivery lifecycle (either right before or after a service is deployed), the ensuing process of compiling and fixing vulnerabilities creates massive overhead for developers. The overhead that degrades velocity and puts…
Read More
The UPX-packed ELF, apart from DSOP.pdf, has the DISGOMOJI malware payload which, upon execution, reads and exfiltrates system information including IP address, username, hostname, operating system, and the current working directory. Apart from the main functions, DISGOMOJI also downloads a shell script uevent_seqnum.sh, to check for connected USB devices and copy the content of those…
Read MoreUsing LLMs to Exploit Vulnerabilities Interesting research: “Teams of LLM Agents can Exploit Zero-Day Vulnerabilities.” Abstract: LLM agents have become increasingly sophisticated, especially in the realm of cybersecurity. Researchers have shown that LLM agents can exploit real-world vulnerabilities when given a description of the vulnerability and toy capture-the-flag problems. However, these agents still perform poorly…
Read More
On the morning of August 30, 2023, a fire broke out at a data center operated by Belgian telecom giant Proximus. Soon, emergency numbers 112, 101, and 100, which are used to call the ambulance, the firefighters, and the police, became unreachable. The situation lasted for almost half an hour before these essential services were…
Read More
Jun 17, 2024NewsroomWeb Security / Malware Legitimate-but-compromised websites are being used as a conduit to deliver a Windows backdoor dubbed BadSpace under the guise of fake browser updates. “The threat actor employs a multi-stage attack chain involving an infected website, a command-and-control (C2) server, in some cases a fake browser update, and a JScript downloader…
Read More
Perhaps the best way to understand the approach is with an analogy about childhood learning. When we tell toddlers about numbers, they have no idea about how they drive complex human activities (statistical analysis, for instance). Instead, numbers are words learned perhaps by memorizing a song that uses them ( “One, Two, Buckle My Shoe”).…
Read More
Jun 17, 2024NewsroomBotnet / Cryptocurrency Threat actors have been observed deploying a malware called NiceRAT to co-opt infected devices into a botnet. The attacks, which target South Korean users, are designed to propagate the malware under the guise of cracked software, such as Microsoft Windows, or tools that purport to offer license verification for Microsoft…
Read More
As if CSOs didn’t have enough to worry about, how about upwards of four million more ways that cybercriminals could affect businesses — and society in general — through attacks on spacecraft and the infrastructure that develops, launches, and supports them? That’s what a new study from the Ethics + Emerging Sciences Group at California…
Read More