Posted inNews
From Dark Reading – Skynet Ahoy? What to Expect for Next-Gen AI Security Risks
The innovation that ChatGPT and other LLMs demonstrate is a good thing, but safeguards and other security frameworks must keep pace. Read More
Posted inNews
From Cyber Security News – Yakult Confirms Cyber Attack: Over 95 GB of data Leaked on Dark Web
The biggest producer of probiotic drinks in the world, Yakult, was the target of a significant that exposed private data and corporate records on the dark web. The threat actor…
Posted inNews
From The Hacker News – Google Cloud Resolves Privilege Escalation Flaw Impacting Kubernetes Service
Google Cloud has addressed a medium-severity security flaw in its platform that could be abused by an attacker who already has access to a Kubernetes cluster to escalate their privileges.
"An attacker who has compromised the Fluent Bit logging container could combine that access with high privileges required by Anthos Service Mesh (on clusters that have enabled it) to
Posted inToolkit
From Security Week – The Emerging Landscape of AI-Driven Cybersecurity Threats: A Look Ahead
While AI can significantly bolster defense mechanisms, it also equips adversaries with powerful tools to launch sophisticated cyberattacks. The post The Emerging Landscape of AI-Driven Cybersecurity Threats: A Look Ahead…
Posted inResearch
From Schneier on Security – AI and Lossy Bottlenecks
Artificial intelligence is poised to upend much of society, removing human limitations inherent in many systems. One such limitation is information and logistical bottlenecks in decision-making. Traditionally, people have been…
Posted inBreaches
From Security Week – LoanCare Notifying 1.3 Million of Data Breach Following Cyberattack on Parent Company
LoanCare is informing 1.3 million individuals that their personal information was compromised in a data breach. The post LoanCare Notifying 1.3 Million of Data Breach Following Cyberattack on Parent Company …
Posted inBreaches
From Dark Reading – Saudi Arabia Strengthens Its Cybersecurity Posture
The country is facing a skills shortage and increased attacks, but its cyber plans are rapidly developing. Read More
Posted inNews
From Security Week – Ohio Lottery Hit by Ransomware, Hackers Claim Theft of Employee and Player Data
The DragonForce ransomware group has taken credit for the Ohio Lottery hack, claiming to have stolen millions of data records. The post Ohio Lottery Hit by Ransomware, Hackers Claim Theft…
Posted inNews
From The Hacker News – Most Sophisticated iPhone Hack Ever Exploited Apple’s Hidden Hardware Feature
The Operation Triangulation spyware attacks targeting Apple iOS devices leveraged never-before-seen exploits that made it possible to even bypass pivotal hardware-based security protections erected by the company.
Russian cybersecurity firm Kaspersky, which discovered the campaign at the beginning of 2023 after becoming one of the targets, described it as
Posted inNews
From Security Week – Mysterious Apple SoC Feature Exploited to Hack Kaspersky Employee iPhones
iOS zero-click attack targeting Kaspersky iPhones bypassed hardware-based security protections to take over devices. The post Mysterious Apple SoC Feature Exploited to Hack Kaspersky Employee iPhones appeared first on SecurityWeek. Read…
Posted inNews
From Cyber Security News – Hackers’ Leaksmas Darkweb Event Exposes Massive Hacked Data
As carols resonated in the air and families convened, the cyber underworld ushered in a chilling twist to Christmas – ‘Leaksmas,’ a season marked by rampant data dumps targeting individuals…
Posted inNews
From Security Week – Barracuda Zero-Day Used to Target Government, Tech Organizations in US, APJ
The new Barracuda ESG zero-day CVE-2023-7102 has been used by Chinese hackers to target organizations in the US and APJ region. The post Barracuda Zero-Day Used to Target Government, Tech…
Posted inNews
From Cyber Security News – Top 10 Vulnerabilities That Were Exploited the Most In 2023
Several vulnerabilities have been identified and exploited by threat actors in the wild this year for several malicious purposes, such as Ransomware, cyber espionage, data theft, cyberterrorism, and many nation-state-sponsored…
Posted inNews
From The Hacker News – New Rugmi Malware Loader Surges with Hundreds of Daily Detections
A new malware loader is being used by threat actors to deliver a wide range of information stealers such as Lumma Stealer (aka LummaC2), Vidar, RecordBreaker (aka Raccoon Stealer V2), and Rescoms.
Cybersecurity firm ESET is tracking the trojan under the name Win/TrojanDownloader.Rugmi.
"This malware is a loader with three types of components: a downloader that downloads an
Posted inNews
From The Hacker News – Critical Zero-Day in Apache OfBiz ERP System Exposes Businesses to Attack
A new zero-day security flaw has been discovered in the Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system that could be exploited to bypass authentication protections.
The vulnerability, tracked as CVE-2023-51467, resides in the login functionality and is the result of an incomplete patch for another critical vulnerability (CVE-2023-49070, CVSS score: 9.8) that was