Apple has created a "Virtual Research Environment" (VRE) that welcomes the research community to inspect and verify the security of its Private Cloud Compute (PCC) system. The company released source code for some "key components" to help researchers analyze the architecture's privacy and safety features. PCC is a cloud intelligence system designed for complex Artificial Intelligence (AI) processing of data from user devices that does not compromise privacy. This article continues to discuss Apple's VRE created to enable public access to PCC system security testing.

New joint guidance from the US Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Australian Cyber Security Centre (ACSC) recommends software manufacturers implement a safe software deployment program to improve product and deployment environment security and quality.

The Change Healthcare ransomware attack affected the personal information of 100 million US citizens, according to updated information from the US Department of Health and Human Services (HHS). Therefore, the attack, which began in February 2024, is the largest known data breach of US healthcare records ever documented. This article continues to discuss the occurrence and impact of the Change Healthcare ransomware attack.

The 8-year-old modular botnet "Prometei" is still active, spreading a cryptojacker and web shell on machines. Prometei was discovered in 2020, but later evidence suggested it has been around since 2016. Over the years, it has spread to over 10,000 computers in Brazil, Indonesia, Turkey, Germany, and more. Weak configurations and unpatched systems spread the botnet to cybersecurity-poor regions. This article continues to discuss findings regarding the Prometei botnet.

Researchers at Halcyon have found an advanced variant of the "Qilin" ransomware with more sophisticated and evasive tactics. According to the researchers, the variant tracked as "Qilin.B" now supports AES-256-CTR encryption for systems with AESNI capabilities, while still maintaining Chacha20 for systems lacking this support. This article continues to discuss findings regarding the new Qilin.B ransomware variant.

The White House released a National Security Memorandum (NSM) on Artificial Intelligence (AI), outlining important actions that the federal government should take to ensure the safe, secure, and trustworthy development of the technology. Key actions relate to tracking and countering adversary AI development and use. This article continues to discuss the new AI NSM.

Infosecurity Magazine reports "White House Issues AI National Security Memo"

Publicly available Proof-of-Concept (PoC) exploit code for a vulnerability in Microsoft's Remote Registry client can be used to take over a Windows domain by downgrading the security of the authentication process. The vulnerability stems from a fallback mechanism in the Windows Registry (WinReg) client implementation that relies on old transport protocols if the Server Message Block (SMB) transport is absent.

According to Teleport, Artificial Intelligence (AI) impersonation has become the most difficult vector for cybersecurity professionals to protect companies against. Based on the study, which surveyed 250 senior US and UK decision-makers, social engineering remains one of the most common tactics used by cybercriminals to install malware and steal sensitive data, with advances in AI and deepfakes increasing the effectiveness of phishing scams.

Palo Alto Networks' Unit 42 researchers have revealed a new adversarial technique they call "Deceptive Delight" that can jailbreak Large Language Models (LLMs) during an interactive conversation by sneaking in a malicious instruction between harmless ones. The simple yet effective method achieves an average 64.6 percent Attack Success Rate (ASR) in three interaction turns. This article continues to discuss observations regarding the Deceptive Delight multi-turn technique.

Anti-malware vendor Avast recently published a free decryption tool to help victims to recover from the Mallox ransomware attacks.  Mallox ransomware was fisrt observed in 2021, and is also known as Fargo, TargetCompany, and Tohnichi.  Mallox has been operating under the ransomware-as-a-service (RaaS) business model and is known for targeting Microsoft SQL servers for initial compromise.