The maker of software used by thousands of car dealerships has reportedly been in negotiations with threat actors over a ransom payment worth tens of millions of dollars. CDK Global has begun to restore its systems and has been in negotiations with threat actors over a ransom payment, purportedly worth tens of millions of dollars,…
Read More
Jun 24, 2024NewsroomVulnerability / Artificial Intelligence Google has developed a new framework called Project Naptime that it says enables a large language model (LLM) to carry out vulnerability research with an aim to improve automated discovery approaches. “The Naptime architecture is centered around the interaction between an AI agent and a target codebase,” Google Project…
Read More
An open-source Android malware named ‘Rafel RAT’ is widely deployed by multiple cybercriminals to attack outdated devices, some aiming to lock them down with a ransomware module that demands payment on Telegram. Researchers Antonis Terefos and Bohdan Melnykov at Check Point report detecting over 120 campaigns using the Rafel RAT malware. Known threat actors conduct some…
Read More
‘As enterprises go through their normal storage refresh, they should be able to uplevel it so instead of having to build specialized environments for AI, they’re able to have their workload data, their existing data that’s sitting in existing environments, accessible for analytics and AI,’ Pure Storage CEO Charles Giancarlo tells CRN. At its recently…
Read More
CoinStats suffered a massive security breach that compromised 1,590 cryptocurrency wallets, with the attack suspected to have been carried out by North Korean threat actors. CoinStats is a comprehensive cryptocurrency portfolio management app with 1,500,000 users. It is used for investment tracking, real-time data, news aggregation, and custom alerts. It also allows users to create…
Read MoreActiontec–WCB6200Q Actiontec WCB6200Q uh_tcp_recv_content Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Actiontec WCB6200Q routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP server. The issue results from the lack of proper validation of the length of…
Read More
Jun 24, 2024NewsroomArtificial Intelligence / Cloud Security Cybersecurity researchers have detailed a now-patch security flaw affecting the Ollama open-source artificial intelligence (AI) infrastructure platform that could be exploited to achieve remote code execution. Tracked as CVE-2024-37032, the vulnerability has been codenamed Probllama by cloud security firm Wiz. Following responsible disclosure on May 5, 2024, the…
Read More
From Amazon Q Business and AI Agents to new cloud storage and Amazon Bedrock tools, here are the 10 coolest new AWS products launched in 2024 so far. From its new Amazon Q Developer and Business products to new cloud storage and Amazon Bedrock offerings, Amazon Web Services’ product innovation engine has been on fire…
Read More
Organized Cybercrime Groups There are different categories of cybercriminals that can come together to form organized cybercrime groups. These include bored teenagers getting involved in petty online crimes, individual actors primarily motivated by financial gain, politically or ideologically motivated hackers, and fully fledged organized crime syndicates. However, the most sophisticated and damaging cybercrime operations tend…
Read More
Car dealerships across North America are facing ongoing disruptions as software provider CDK Global grapples with the aftermath of a cyberattack Wednesday. The company began restoring its systems Sunday, but the process is expected to take “several days,” reported Bloomberg citing a company statement. “We are continuing to actively engage with our customers and provide…
Read More