News
-
"Vast Majority of xIoT Devices Out of Compliance With Industry Best Practices"Phosphorus Labs reported that 99 percent of Extended Internet of Things (xIoT) device passwords violate industry best practices. The study discovered that 68 percent of xIoT devices have high-risk or CVSS scores of 8-10. According to the report, 80…
-
"ChatGPT Shows Promise of Using AI to Write Malware"It can take at least an hour for even the most skilled hackers to write a script to exploit a software vulnerability and infiltrate their target. However, a machine may soon be able to do it in seconds. Brendan Dolan-Gavitt, a computer security…
-
"Over 75 Vulnerabilities Patched in Android With December 2022 Security Updates"Google recently announced the December 2022 Android updates with patches for over 75 vulnerabilities, including multiple critical remote code execution (RCE) flaws. The most severe of the RCE bugs is CVE-2022-20411, an issue in Android’s System…
-
"New Corvus Insurance Data Reveals Ransomware and Fraudulent Funds Transfer Represent More Than Half of All Claims"Corvus Insurance published the findings of its third Corvus Risk Insights Index, which is a compilation of industry trends and data analysis. The findings of the report are drawn from data sources used by Corvus to power its underwriting and risk…
-
"Antwerp's City Services Down After Hackers Attack Digital Partner"Antwerp, Belgium, is working to restore digital services that were disrupted by a cyberattack on its digital provider. The outage has impacted services used by citizens, schools, daycare centers, and law enforcement, all of which have been operating…
-
"Open-Source Tool for Security Engineers Helps Automate Access Reviews"ConductorOne made their identity connectors open-source in a project called Baton, which is available on GitHub. Each connector enables developers to extract, normalize, and interact with workforce identity data such as user accounts, permissions, roles…
-
"Russia's Second-Largest Bank VTB Bank Under DDoS Attack"The state-owned VTB Bank, Russia's second-largest financial institution, has reported the largest Distributed Denial-of-Service (DDoS) attack in its history. The pro-Ukraine collective IT Army of Ukraine has claimed responsibility for the DDoS attacks as…
-
"Russian Hackers Spotted Targeting US Military Weapons and Hardware Supplier"A Russia-connected state-sponsored hacking group has been linked to attack infrastructure that spoofs the Microsoft login page of Global Ordnance, a legitimate US-based military weapons and hardware supplier. Recorded Future attributed the new…
-
"For Cyberattackers, Popular EDR Tools Can Turn into Destructive Data Wipers"Many trusted Endpoint Detection and Response (EDR) technologies may contain a flaw that allows attackers to cause products to erase almost all data on installed systems. Or Yair, a SafeBreach security researcher who discovered the flaw, tested 11 EDR…
-
"Applying AI Techniques in Cybersecurity, Counterterrorism, and International Security"Artificial Intelligence (AI) has shown promise as a valuable tool for protecting against malicious actors. AI has been used to help predict terrorist attacks, destabilize terrorist networks, and mitigate cyberattacks in real-time. A newly established…
-
"Flaw in Aged Boa Web Server Threatens Supply Chain"Microsoft retired the Boa web server in 2005, but it is still widely used. The company recently revealed that malicious actors in attacks against the energy industry have exploited a vulnerability in the server's open-source component. This development…
-
"Georgia Tech and PNNL Launch Joint Cybersecurity Institute"The Georgia Institute of Technology (Georgia Tech) and the Pacific Northwest National Laboratory (PNNL) announced the formation of a joint institute, the Institute for Cybersecurity and Resilient Infrastructure Studies (ICARIS), to focus on critical…