Feb 27, 2024NewsroomSupply Chain Attack / Data Security Cybersecurity researchers have found that it’s possible to compromise the Hugging Face Safetensors conversion service to ultimately hijack the models submitted by users and result in supply chain attacks. “It’s possible to send malicious pull requests with attacker-controlled data from the Hugging Face service to any repository…
Read MoreAfter two years of work, the US National Institute of Standards and Technology (NIST) has issued the 2.0 version of its widely referenced Cybersecurity Framework (CSF), expanding upon the draft 2.0 version it issued in September. The CSF 2.0, cited in President Biden’s National Cybersecurity Strategy and several emerging government cybersecurity policy statements, has shifted…
Read MoreProcessing alerts quickly and efficiently is the cornerstone of a Security Operations Center (SOC) professional’s role. Threat intelligence platforms can significantly enhance their ability to do so. Let’s find out what these platforms are and how they can empower analysts. The Challenge: Alert Overload The modern SOC faces a relentless barrage of security alerts generated…
Read MoreFeb 27, 2024NewsroomCloud Security / Threat Intelligence Cybersecurity and intelligence agencies from the Five Eyes nations have released a joint advisory detailing the evolving tactics of the Russian state-sponsored threat actor known as APT29. The hacking outfit, also known as BlueBravo, Cloaked Ursa, Cozy Bear, Midnight Blizzard (formerly Nobelium), and The Dukes, is assessed to…
Read MoreFollow this user-friendly guide for installing SSL on Nginx. Get your SSL certificate ready and use our easy instructions for SSL installation on NGINX web server. Ensuring the safety of your Nginx web server is extremely important for protecting sensitive data. You can boost your site’s trustworthiness and ensure user data confidentiality through robust security…
Read MoreFeb 27, 2024NewsroomWebsite Security / Cryptojacking A critical security flaw has been disclosed in a popular WordPress plugin called Ultimate Member that has more than 200,000 active installations. The vulnerability, tracked as CVE-2024-1071, carries a CVSS score of 9.8 out of a maximum of 10. Security researcher Christiaan Swiers has been credited with discovering and…
Read MoreCost to join: Annual individual membership, $1,250. FirstBoard.io bills itself as a “curated collective of female tech founders, CXOs, and operating leaders working together to increase female representation on company boards” in a variety of industries, including cybersecurity, cloud, enterprise software, artificial intelligence, robotics, and internet of things. Founded in 2020 by Rita Scroggin, an…
Read MoreMalware, a term encompassing harmful software, poses threats from viruses to ransomware. It extends beyond desktops to mobile devices, emphasizing the need for robust protection. From spyware to adware, different malware types exploit vulnerabilities differently. Detection involves visible symptoms and antivirus software, while removal strategies include disconnecting from the internet, running a malware scanner, and…
Read MoreA group of attackers targeting Ukraine-affiliated organizations has been delivering malicious payloads hidden within the pixels of image files. Known as steganography, it is just one of many advanced techniques the group uses to evade detection as part of a malware loader known as IDAT. Tracked as UAC-0184 by several security firms, as well as…
Read MoreAlways be wary of opening unsolicited attachments – they might harbour malware. That’s a message that is being strongly underlined once again, following the discovery of a cybercrime campaign that is using the cover of travel service providers. Security researchers at Forcepoint say that they have uncovered evidence that malicious hackers are sending out poisoned…
Read More