Sep 19, 2024Ravie LakshmananEnterprise Security / DevOps GitLab has released patches to address a critical flaw impacting Community Edition (CE) and Enterprise Edition (EE) that could result in an authentication bypass. The vulnerability is rooted in the ruby-saml library (CVE-2024-45409, CVSS score: 10.0), which could allow an attacker to log in as an arbitrary user…

Read More

Discord has introduced the DAVE protocol, a custom end-to-end encryption (E2EE) protocol designed to protect audio and video calls on the platform from unauthorized interceptions. DAVE was created with the help of cybersecurity experts at Trail of Bits, that also audited the E2EE system’s code and implementation. The new system will cover one-on-one audio and…

Read More

Europol and law enforcement from nine countries successfully dismantled an encrypted communications platform called “Ghost,” which was used by organized crime such as drug trafficking and money laundering. Ghost featured advanced security and anonymization features, allowing the purchase of subscriptions with cryptocurrency, featuring three encryption layers, and a message self-destruction system that eliminated evidence from the…

Read More

‘We’ve changed that $1 million or $1.5 million investment, the minimum requirement to have a fine-tuning machine to create ChatGPT, to $50,000. You no longer need three DGX GPUs anymore. You can do it with a single workstation with four workstation GPUs and with two of our aiDAPTIV+ SSDs that are treated as virtual memory…

Read More

Welcome to this week’s edition of the “Bi-Weekly Cyber Roundup” by Canary Trap. At Canary Trap, it is our mission to keep you up-to-date with the most crucial news in the world of cybersecurity and this bi-weekly publication is your gateway to the latest news. In this week’s round-up, we dive into some of the…

Read More

Denzil Samuels, one of Cisco Systems’ leaders in customer experience, has left the tech provider to join global solution provider giant NTT Data to help drive multibillion IT services growth, the executive announced on Wednesday. Top Cisco Systems’ customer experience executive Denzil Samuels has left the company to join NTT Data as senior vice president,…

Read More

Image: Midjourney​Microsoft says a ransomware affiliate it tracks as Vanilla Tempest now targets U.S. healthcare organizations in INC ransomware attacks. INC Ransom is a ransomware-as-a-service (RaaS) operation whose affiliates have targeted public and private organizations since July 2023, including Yamaha Motor Philippines, the U.S. division of Xerox Business Solutions(XBS), and, more recently, Scotland’s National Health…

Read More

‘AI and machine learning will drive more automation in incident management,’ says Chellasamy Jamburajan, CEO of AlertOps. ‘This means that many mundane tasks, such as closing tickets or turning off servers, will become automated reducing the need for human intervention in repetitive processes.’ With a clear focus on enhancing incident management through technology and partnerships,…

Read More

An X account hacking spree has fueled a successful pump-and-dump scheme for the $HACKED Solana token, with people rushing to buy the coin. The hacked accounts include MoneyControl (1.4 million followers), People Magazine (7.8 million), and even EUinmyRegion (an account operated by the European Commission), with close to 100K followers. The hacking spree started at approximately 2:00…

Read More

Image: Midjourney​Microsoft says a ransomware affiliate it tracks as Vanilla Tempest now targets U.S. healthcare organizations in INC ransomware attacks. INC Ransom is a ransomware-as-a-service (RaaS) operation whose affiliates have targeted public and private organizations since July 2023, including Yamaha Motor Philippines, the U.S. division of Xerox Business Solutions(XBS), and, more recently, Scotland’s National Health…

Read More