Category: AI in news
A failure to consider cybersecurity when it comes to engaging in an M&A deal, as Winzer put it, is like driving blind without any mirrors. “You can be very easily attacked and become prey to cyber attackers, and if that were to happen what’s at stake is business operations, being able to run the company…
Read More
Information security analyst/administrator Information assurance security officer Information security manager/specialist Information systems security engineer/manager Information security professionals/officers Information security/IT auditors Risk/threat/vulnerability analyst System administrators Network administrators and engineers This is, of course, over and above jobs that actually have “ethical hacker” or “penetration testing” or the like in their title, which are more glamorous but…
Read More
Unsanitized RPC function calls The vulnerability is located in PyTorch’s distributed Remote Procedure Call (RPC) component, torch.distributed.rpc. The component facilitates inter-process communication between the various nodes involved in distributed training scenarios, in which a task is distributed between multiple deployments that function as workers and is controlled from a master node. When using RPC, workers…
Read More
Most Snowflake customers can heave a sigh of relief: The cloud data platform’s systems do not appear to have been compromised, cybersecurity researchers at Mandiant reported Monday. But they may have to make changes to how they authenticate to Snowflake all the same, as company is considering making multifactor authentication mandatory to access its systems.…
Read More
Secondary threats The exposure of source code held in repositories like this could reveal vulnerabilities that attackers can exploit to launch further attacks, security experts warned. “As well as the potential for risk to individuals through exposed PII [personally identifiable information], the leak also increases the risk to the NYT of further targeted intrusions through…
Read More
Jun 10, 2024NewsroomPhishing Attack / Cybercrime Cybersecurity researchers have spotted a phishing attack distributing the More_eggs malware by masquerading it as a resume, a technique originally detected more than two years ago. The attack, which was unsuccessful, targeted an unnamed company in the industrial services industry in May 2024, Canadian cybersecurity firm eSentire disclosed last…
Read More
Google has revealed that it took down 1,320 YouTube channels and 1,177 Blogger blogs as part of a coordinated influence operation connected to the People’s Republic of China (PRC). “The coordinated inauthentic network uploaded content in Chinese and English about China and U.S. foreign affairs,” Google Threat Analysis Group (TAG) researcher Billy Leonard said in…
Read More
Staying Sharp: Cybersecurity CPEs Explained Perhaps even more so than in other professional domains, cybersecurity professionals constantly face new threats. To ensure you stay on top of your game, many certification programs require earning Continuing Professional Education (CPE) credits. CPEs are essentially units of measurement used to quantify the time and effort professionals spend on…
Read MoreExploiting Mistyped URLs Interesting research: “Hyperlink Hijacking: Exploiting Erroneous URL Links to Phantom Domains“: Abstract: Web users often follow hyperlinks hastily, expecting them to be correctly programmed. However, it is possible those links contain typos or other mistakes. By discovering active but erroneous hyperlinks, a malicious actor can spoof a website or service, impersonating the…
Read More
Morocco as an emerging cybercrime originator Although cybercrime operations are a global phenomenon, most financially motivated cybercriminals operate from a well-understood list of countries, including China, Russia, Ukraine, the US, Romania, and Nigeria. But at this year’s Sleuthcon, a new nation emerged that threatens to break into the ranks of top cybercrime havens: Morocco. Microsoft…
Read More