Generative AI in cybersecurity presents both significant benefits and serious risks. Popular AI tools like ChatGPT and DALL-E2 enhance data analytics, customer service, and threat detection, simplifying complex tasks and addressing talent shortages. However, they also empower hackers to automate attacks, create advanced malware, and evade traditional defenses. Experts stress the need for robust data…
Read More
Russian cybersecurity company and antivirus software provider Kaspersky Lab will start shutting down operations in the United States on July 20. In a statement to BleepingComputer, the company also confirmed that it will lay off its U.S.-based employees. Independent cybersecurity journalist Kim Zetter first reported that this will affect “less than 50 employees in the…
Read More
‘The more willingness to have conversations and to do research, [that will] help sellers down the line as they think about the right fit for them,’ says Sydney Hockett, vice president of Evergreen Services Group. When it comes to selling an MSP business, owners have a lot of options. Merging or selling to a holding…
Read More
The Iranian-backed MuddyWatter hacking group has partially switched to using a new custom-tailored malware implant to steal files and run commands on compromised systems. Dubbed BugSleep, this new backdoor is still actively being developed and was discovered by analysts at Check Point Research while being distributed via well-crafted phishing lures. The campaign pushes the malware…
Read MoreHacking Scientific Citations Some scholars are inflating their reference counts by sneaking them into metadata: Citations of scientific work abide by a standardized referencing system: Each reference explicitly mentions at least the title, authors’ names, publication year, journal or conference name, and page numbers of the cited publication. These details are stored as metadata, not…
Read MoreAdobe–Bridge Bridge versions 14.0.4, 13.0.7, 14.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. 2024-07-09 7.8 CVE-2024-34139psirt@adobe.com Adobe–InDesign Desktop InDesign Desktop versions…
Read More
Jul 15, 2024NewsroomSupply Chain Attack / Cyber Threat Cybersecurity researchers said they discovered an accidentally leaked GitHub token that could have granted elevated access to the GitHub repositories of the Python language, Python Package Index (PyPI), and the Python Software Foundation (PSF) repositories. JFrog, which found the GitHub Personal Access Token, said the secret was…
Read More
‘For Google, this would be a shot across the bow at Microsoft and Amazon, making a major bet on the cybersecurity space to complement its flagship GCP offering in the cloud,’ says Wedbush Securities analyst Dan Ives. Here are five key things to know about Google’s potential $23 billion bid for red-hot security startup Wiz.…
Read More
Microsoft has provided a temporary workaround for a known issue preventing the Microsoft Photos app from launching on some Windows 11 systems. The company says this bug impacts devices running Windows 11 22H2 and 23H2, on which the “Prevent non-admin users from installing packaged Windows apps” or the BlockNonAdminUserInstall Configuration Service provider (CSP) policies are…
Read MoreCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog…
Read More