News
-
"Internet Researchers Reach Beyond Academia to Close Major Security Loophole"A potential disaster loomed in the Internet's encryption system for years, posing a threat to the security of organizations and individuals. -
"Embargo Ransomware Analysis Exposes Developing Toolkit of New Group"The "Embargo" ransomware group is a new Ransomware-as-a-Service (RaaS) gang that uses a custom Rust-based toolkit. It includes a variant that disables security processes through the abuse of Windows Safe Mode. -
"Researchers Discover Command Injection Flaw in Wi-Fi Alliance's Test Suite"A security flaw in the Wi-Fi Test Suite, an integrated platform developed by the Wi-Fi Alliance, enables unauthenticated local attackers to execute arbitrary commands with root privileges on affected routers. -
"Apple Creates Private Cloud Compute VM to Let Researchers Find Bugs"Apple has created a "Virtual Research Environment" (VRE) that welcomes the research community to inspect and verify the security of its Private Cloud Compute (PCC) system. -
"US, Australia Release New Security Guide for Software Makers"New joint guidance from the US Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Australian Cyber Security Centre (ACSC) recommends software manufacturers implement a safe software deployment pr -
"Change Healthcare Breach Affects 100 Million Americans"The Change Healthcare ransomware attack affected the personal information of 100 million US citizens, according to updated information from the US Department of Health and Human Services (HHS). -
"'Prometei' Botnet Spreads Its Cryptojacker Worldwide"The 8-year-old modular botnet "Prometei" is still active, spreading a cryptojacker and web shell on machines. Prometei was discovered in 2020, but later evidence suggested it has been around since 2016. -
"New Qilin.B Ransomware Variant Emerges with Improved Encryption and Evasion Tactics"Researchers at Halcyon have found an advanced variant of the "Qilin" ransomware with more sophisticated and evasive tactics. -
"White House Issues AI National Security Memo"The White House released a National Security Memorandum (NSM) on Artificial Intelligence (AI), outlining important actions that the federal government should take to ensure the safe, secure, and trustworthy development of the technology. -
"Exploit Released for New Windows Server 'WinReg' NTLM Relay Attack"Publicly available Proof-of-Concept (PoC) exploit code for a vulnerability in Microsoft's Remote Registry client can be used to take over a Windows domain by downgrading the security of the authentication process. -
"AI and Deepfakes Fuel Phishing Scams, Making Detection Harder"According to Teleport, Artificial Intelligence (AI) impersonation has become the most difficult vector for cybersecurity professionals to protect companies against. -
"Researchers Reveal 'Deceptive Delight' Method to Jailbreak AI Models"Palo Alto Networks' Unit 42 researchers have revealed a new adversarial technique they call "Deceptive Delight" that can jailbreak Large Language Models (LLMs) during an interactive conversation by sneaking in a malicious instruction between harmless o