Proof-of-Concept (PoC) exploit code has been released for a severe security vulnerability in Progress Flowmon, a tool used to monitor network performance and support visibility. Progress Flowmon features performance tracking, diagnostics, and more. It is used by over 1,500 companies worldwide, including SEGA, KIA, TDK, Volkswagen, Orange, and Tietoevry. The security issue, discovered by researchers at Rhino Security Labs and tracked as CVE-2024-2389, has a maximum severity score of 10.

Researchers at the University of Illinois Urbana-Champaign discovered that feeding public security advisories to a GPT-4 Artificial Intelligence (AI) agent allows it to exploit unpatched "real-world" vulnerabilities even without precise technical information. The researchers fed AI agents descriptions of over a dozen disclosed but unpatched vulnerabilities (also called "one-day" flaws), including two "critical" bugs.

A team of researchers from Cornell Tech, the Israel Institute of Technology, and Intuit developed a novel type of malware dubbed the "Morris II" worm, which uses popular Artificial Intelligence (AI) services to spread itself, infect systems, and steal data. The worm further highlights the potential dangers of AI security threats and the need to secure AI models. The team used an "adversarial self-replicating prompt" to create the worm.

By grigby1 

By krahal

This Cyber Scene will discuss the complexity of defending against cyberattacks not only from domestic and foreign enemies, but also address current issues of how these cyber enemies--domestic AND foreign together--complicate the defense of the US from its cyber enemies.

By grigby1 

Cisco recently warned that nation-state backed hacking teams are exploiting at least two zero-day vulnerabilities in its ASA firewall platforms to plant malware on telecommunications and energy sector networks. According to Cisco Talos, the attackers are taking aim at software defects in certain devices running Cisco Adaptive Security Appliance (ASA) or Cisco Firepower Threat Defense (FTD) products to implant malware, execute commands, and potentially exfiltrate data from compromised devices.

According to a new Netacea report, most businesses have expressed concern regarding Artificial Intelligence (AI)-enabled cyber threats, with 93 percent of security leaders expecting daily AI-driven attacks by the end of 2024. About 65 percent expect offensive AI to become the norm for cybercriminals. Ransomware is the threat vector most likely to be powered by AI, according to 48 percent of the Chief Information Security Officers (CISOs) surveyed. Phishing, malware, bot attacks, and data exfiltration followed this.

Hackers have been using unpublished GitHub and GitLab comments to generate phishing links appearing to be from legitimate Open Source Software (OSS) projects. The trick enables anyone to impersonate any repository without the owner knowing. According to McAfee, hackers have already used this method to spread the Redline Stealer Trojan by using links associated with Microsoft's GitHub-hosted repositories. There have been additional cases involving the same loader used in that campaign.

Security researchers at RiverSafe have found that one in five UK companies have had potentially sensitive corporate data exposed via employee use of generative AI (GenAI). The researchers noted that the data leak risks of unmanaged GenAI use help to explain why three-quarters of surveyed CISOs (75%) claimed that insiders pose a greater risk to their organization than external threats. The researchers stated that UK CISOs are concerned not just about the risks associated with employee misuse of AI, but of the technology being used by threat actors.