News
-
"Microsoft's 'AI Watchdog' Defends Against New LLM Jailbreak Method"Microsoft has discovered a new method for jailbreaking Large Language Model (LLM) Artificial Intelligence (AI) tools and has revealed its continued efforts to improve LLM safety and security.
-
"The Future of Online Security Safeguarded by AI and Metasurfaces"A team of researchers at Pohang University of Science and Technology (POSTECH) significantly advanced online security by integrating an Artificial Intelligence (AI)-based metasurface with oblique helicoidal cholesteric liquid crystals.
-
"Cisco Duo's Multifactor Authentication Service Breached"A social engineering attack has compromised a third-party provider responsible for handling telephony for Cisco's Duo Multi-Factor Authentication (MFA) service. Cisco Duo customers have been warned to be on the lookout for follow-on phishing attacks.
-
"New Open-Source Project Takeover Attacks Spotted, Stymied"The OpenJS Foundation has thwarted a "credible takeover attempt" similar to the one that resulted in a backdoor being put in the open source XZ Utils package by someone called "Jia Tan." The malicious maintainer achieved that position through a success
-
"TA558 Hackers Weaponize Images for Wide-Scale Malware Attacks"The threat actor known as "TA558" has been using steganography as an obfuscation method in the delivery of a variety of malware, including Agent Tesla, FormBook, Remcos RAT, LokiBot, GuLoader, Snake Keylogger, XWorm, and more.
-
"PuTTY SSH Client Flaw Allows Recovery of Cryptographic Private Keys"Fabian Baumer and Marcus Brinkmann from Ruhr University Bochum discovered a vulnerability in PuTTY 0.68 through 0.80 that enables attackers with access to 60 cryptographic signatures to recover the private key used to generate them.
-
"Ransomware Group Starts Leaking Data Allegedly Stolen From Change Healthcare"The "RansomHub" ransomware group is now publishing data allegedly stolen from the healthcare transaction processor Change Healthcare in February. The incident disrupted Change Healthcare's operations and caused healthcare system outages.
-
"Report Suggests 93% of Breaches Lead to Downtime and Data Loss"According to security researchers at Pentera, a substantial 93% of enterprises admitting to a breach have suffered significant consequences, ranging from unplanned downtime to data exposure or financial loss.
-
"LeakyCLI Flaw Exposes AWS and Google Cloud Credentials"A new security flaw, dubbed "LeakyCLI" by the Orca Security team, impacts command-line tools used in cloud environments.
-
"Former Security Engineer Sentenced to Prison for Hacking Crypto Exchanges"Recently, Shakeeb Ahmed, a former senior security engineer, was sentenced to three years in prison for hacking and defrauding two cryptocurrency exchanges.
-
"Security Vulnerability in Browser Interface Allows Computer Access via Graphics Card"Researchers from the Institute of Applied Information Processing and Communications at Graz University of Technology (TU Graz) successfully demonstrated three side-channel attacks on graphics cards via the WebGPU browser interface.
-
"Web3 Game Developers Targeted in Crypto Theft Scheme"A Russian threat actor is targeting game developers with fraudulent Web3 gaming projects that install multiple variants of infostealers on macOS and Windows devices.