Jul 18, 2024NewsroomOpen-Source / Cybercrime Unknown threat actors have been observed leveraging open-source tools as part of a suspected cyber espionage campaign targeting global government and private sector organizations. Recorded Future’s Insikt Group is tracking the activity under the temporary moniker TAG-100, noting that the adversary likely compromised organizations in at least ten countries across…

Read More

Jul 18, 2024NewsroomCloud Security / Enterprise Security Cybersecurity researchers have uncovered security shortcomings in SAP AI Core cloud-based platform for creating and deploying predictive artificial intelligence (AI) workflows that could be exploited to get hold of access tokens and customer data. The five vulnerabilities have been collectively dubbed SAPwned by cloud security firm Wiz. “The…

Read More

We’re now more than halfway through 2024, and it’s clear that the year is already shaping up to set new records for ransomware, with a wide range of high-profile organizations coming under attack. Therefore, it’s more important than ever for businesses to ensure they have the right tools in place to protect against these threats.…

Read More

Tenable®, the Exposure Management company, today announced that it has launched a Public Sector Advisory Board (PSAB) for the U.S. market. Inaugural members include Rob Joyce, former Director of Cybersecurity at the National Security Agency (NSA) and Mark Weatherford, former first Deputy Under Secretary for Cybersecurity at the Department of Homeland Security (DHS). They will…

Read More

When users then click on the rewritten link, the server runs a check to see if the link points to a known phishing or malware website and based on the result, either blocks access to it or redirects the request to the final destination. The benefit is that if a website is flagged as malicious…

Read More

Jul 18, 2024NewsroomArtificial Intelligence / Data Protection Meta has suspended the use of generative artificial intelligence (GenAI) in Brazil after the country’s data protection authority issued a preliminary ban objecting to its new privacy policy. The development was first reported by news agency Reuters. The company said it has decided to suspend the tools while…

Read More

Jul 18, 2024Newsroom Cisco has released patches to address a maximum-severity security flaw impacting Smart Software Manager On-Prem (Cisco SSM On-Prem) that could enable a remote, unauthenticated attacker to change the password of any users, including those belonging to administrative users. The vulnerability, tracked as CVE-2024-20419, carries a CVSS score of 10.0. “This vulnerability is…

Read More

Limit access and federation between on-prem and cloud One should limit access and federation between on-premises and cloud assets where one can. Yes, we’ve built up reliance on this ability to share data and authentication between cloud assets and on-premises, but too often it’s also introducing weaknesses. A recent ProPublica article claims that a whistleblower…

Read More

Social media fuels conspiracies galore after Donald Trump is shot at a rally, cryptocurrency websites are hijacked after a screw-up at Squarespace, and our guest takes a close look at bottoms on Instagram. All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley…

Read More

The latest startup acquired by Nvidia is Brev.dev, which helps AI developers find the most cost-effective GPU compute across cloud providers. This comes after Nvidia acquired two other startups with the explicit purpose of expanding the capabilities of its DGX Cloud service. Nvidia has bought a startup that helps AI developers find the most cost-effective…

Read More