Google recently announced the general availability of Duet AI for Developers and Duet AI in Security Operations, marking a significant advancement in the realm of artificial intelligence (AI) designed to bolster productivity for developers and security professionals. Let’s delve deeper into how these innovative AI tools can transform these respective fields. Duet AI for Developers:…
Read More
The Android banking trojan known as Vultur has resurfaced with a suite of new features and improved anti-analysis and detection evasion techniques, enabling its operators to remotely interact with a mobile device and harvest sensitive data. “Vultur has also started masquerading more of its malicious activity by encrypting its C2 communication, using multiple encrypted payloads…
Read MoreRoss Anderson Ross Anderson unexpectedly passed away Thursday night in, I believe, his home in Cambridge. I can’t remember when I first met Ross. Of course it was before 2008, when we created the Security and Human Behavior workshop. It was well before 2001, when we created the Workshop on Economics and Information Security. (Okay,…
Read More
Video Much has been written about the risks that poorly-secured RDP connections entail, but many organizations continue to leave themselves at risk and get hit by data breaches as a result 29 Mar 2024 Remote Desktop Protocol (RDP) turned out to be a lifeline for organizations around the world during the mass shift to remote…
Read More
In a digital era where cyber threats lurk behind every click, Endpoint Detection and Response (EDR) has become the guardian of enterprise security perimeters. As businesses increasingly rely on technology, the need for robust endpoint security measures grows exponentially. This comprehensive overview will delve into the intricate world of EDR, offering clarity on a topic…
Read More
Mar 30, 2024NewsroomMalware / Cryptocurrency Malicious ads and bogus websites are acting as a conduit to deliver two different stealer malware, including Atomic Stealer, targeting Apple macOS users. The ongoing infostealer attacks targeting macOS users may have adopted different methods to compromise victims’ Macs, but operate with the end goal of stealing sensitive data, Jamf…
Read More
Mar 30, 2024NewsroomLinux / Supply Chain Attack RedHat on Friday released an “urgent security alert” warning that two versions of a popular data compression library called XZ Utils (previously LZMA Utils) have been backdoored with malicious code designed to allow unauthorized remote access. The software supply chain compromise, tracked as CVE-2024-3094, has a CVSS score…
Read MoreMS-ISAC ADVISORY NUMBER: 2024-033 DATE(S) ISSUED: 03/29/2024 OVERVIEW: A vulnerability has been discovered in XZ Utils that could allow for remote code execution. XZ is a general-purpose data compression format present in nearly every Linux distribution, both community projects and commercial product distributions. Successful exploitation of this vulnerability could allow for remote code execution in…
Read MoreFriday Squid Blogging: The Geopolitics of Eating Squid New York Times op-ed on the Chinese dominance of the squid industry: China’s domination in seafood has raised deep concerns among American fishermen, policymakers and human rights activists. They warn that China is expanding its maritime reach in ways that are putting domestic fishermen around the world…
Read MoreCISA and the open source community are responding to reports of malicious code being embedded in XZ Utils versions 5.6.0 and 5.6.1. This activity was assigned CVE-2024-3094. XZ Utils is data compression software and may be present in Linux distributions. The malicious code may allow unauthorized access to affected systems. CISA recommends developers and users…
Read More