Infostealer malware developers released updates claiming to bypass Google Chrome’s recently introduced feature App-Bound Encryption to protect sensitive data such as cookies. App-Bound Encryption was introduced in Chrome 127 and is designed to encrypt cookies and stored passwords using a Windows service that runs with system privileges. This model does not allow infostealer malware, which runs with the…
Read More
In an email campaign targeting French users, researchers discovered malicious code believed to have been created with the help of generative artificial intelligence services to deliver the AsyncRAT malware. While cybercriminals have used generative AI technology to create convincing emails, government agencies have warned about the potential abuse of AI tools to creating malicious software, despite the safeguards…
Read More
From elections to ransomware, CISA Director Jen Easterly breaks down the threats to America’s critical infrastructure and what’s being done to stop them, sharing along the way her journey from the real-life battlefield to the frontlines of cybersecurity. A rare glimpse into the most pressing threats America faces—and a compelling story about Director Easterly’s own…
Read More
‘Without data, the systems are useless. We see this much like what cloud was in the early eras, where cloud was a distinct silo, the on-premises world was a distinct silo, and you needed to bridge the two,’ says NetApp CEO George Kurian. At The Intersection Of Data And Intelligence While businesses have been digitizing…
Read More
CISA has tagged another critical Ivanti security vulnerability, which can let threat actors create rogue admin users on vulnerable Virtual Traffic Manager (vTM) appliances, as actively exploited in attacks. Tracked as CVE-2024-7593, this auth bypass flaw is caused by an incorrect implementation of an authentication algorithm that lets remote unauthenticated attackers circumvent authentication on Internet-exposed…
Read More
‘When we speak to our customers and partners, they are choosing Google Cloud as their strategic GenAI partner and platform for four distinct reasons,’ says Google Cloud CEO Thomas Kurian. Google Cloud CEO Thomas Kurian is bullish about his company’s new AI launches around Gemini, Google Workspace and cybersecurity today, as he says customers of…
Read MoreTry Tenable Web App Scanning Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.…
Read More
Sep 24, 2024Ravie LakshmananMobile Security / Malware Altered versions of legitimate Android apps associated with Spotify, WhatsApp, and Minecraft have been used to deliver a new version of a known malware loader called Necro. Kaspersky said some of the malicious apps have also been found on the Google Play Store. They have been cumulatively downloaded…
Read More
Aruba’s senior vice president of worldwide sales says integrating the Aruba networking channel team into HPE’s global sales organization is poised to power a new era of AI and security growth for HPE partners. Aruba Senior Vice President of Worldwide Sales Alain Carpentier said integrating the Aruba channel networking team into HPE is priming the…
Read MoreCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-7593 Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of…
Read More