Wed.Jan 24, 2024

article thumbnail

Poisoning AI Models

Schneier on Security

New research into poisoning AI models : The researchers first trained the AI models using supervised learning and then used additional “safety training” methods, including more supervised learning, reinforcement learning, and adversarial training. After this, they checked if the AI still had hidden behaviors. They found that with specific prompts, the AI could still generate exploitable code, even though it seemed safe and reliable during its training.

article thumbnail

National Cyber Security Centre Study: Generative AI May Increase Global Ransomware Threat

Tech Republic Security

See the National Cyber Security Centre's predictions for generative AI for cyber attack and defense through 2025.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

5379 GitLab servers vulnerable to zero-click account takeover attacks

Security Affairs

Thousands of GitLab servers are vulnerable to zero-click account takeover attacks exploiting the flaw CVE-2023-7028. GitLab has recently released security updates to address two critical vulnerabilities impacting both the Community and Enterprise Edition. The most critical vulnerability, tracked as CVE-2023-7028 (CVSS score 10), is an account takeover via Password Reset.

article thumbnail

Cyber League: UK’s NCSC Calls on Industry Experts to Join its Fight Against Cyber Threats

Tech Republic Security

The NCSC wants volunteers from the U.K.’s public and private sectors to join its new cybersecurity community.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Akira ransomware attack on Tietoevry disrupted the services of many Swedish organizations

Security Affairs

A ransomware attack against the Finnish IT services provider Tietoevry disrupted the services of some Swedish government agencies and shops. The online services of multiple Swedish government agencies, universities, and commercial activities were disrupted by an Akira ransomware attack that hit the Finnish IT services and enterprise cloud hosting Tietoevry.

article thumbnail

Update now! Apple releases patch for zero-day vulnerability

Malwarebytes

Apple has released new security updates for several products, including a patch for a zero-day vulnerability that could impact iPhones, iPad, Macs, and Apple TVs. Apple says it’s aware of a report that the bug may have been exploited already. Further details about the nature of the vulnerability were not disclosed to give users enough time to install the updates.

More Trending

article thumbnail

NSPX30: A sophisticated AitM-enabled implant evolving since 2005

We Live Security

ESET researchers have discovered NSPX30, a sophisticated implant used by a new China-aligned APT group we have named Blackwood

141
141
article thumbnail

How to lock out your ex-partner from your smart home

Malwarebytes

Stalkers can use all kinds of apps, gadgets, devices, and phones to spy on their targets, which are often their ex-partners. Unfortunately, while they no doubt have many positive uses, smart home devices give stalkers an array of tools to keep an eye on their targets. If you are the partner that stays in the house you shared together, you need to make sure that you lock out your ex-partner.

article thumbnail

Experts released PoC exploit for Fortra GoAnywhere MFT flaw CVE-2024-0204

Security Affairs

Researchers released PoC exploit code for a recently disclosed critical authentication bypass flaw in Fortra’s GoAnywhere MFT (Managed File Transfer). Researchers with cybersecurity firm Horizon3’s Attack Team published technical details of the recently disclosed vulnerability CVE-2024-0204 impacting Fortra GoAnywhere MFT. The security experts also published a proof-of-concept (PoC) exploit that allows the creation of new admin users on vulnerable instances exposed online. “

article thumbnail

Tesla hacked, 24 zero-days demoed at Pwn2Own Automotive 2024

Bleeping Computer

Security researchers hacked a Tesla Modem and collected awards of $722,500 on the first day of Pwn2Own Automotive 2024 for three bug collisions and 24 unique zero-day exploits.

Hacking 139
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

CISA adds Atlassian Confluence Data Center bug to its Known Exploited Vulnerabilities catalog

Security Affairs

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Atlassian Confluence Data Center and Server Template Injection bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Atlassian Confluence Data Center and Server Template Injection bug, tracked as CVE-2023-22527 , to its Known Exploited Vulnerabilities (KEV) catalog.

article thumbnail

Ring Will Stop Giving Cops a Free Pass on Warrantless Video Requests

WIRED Threat Level

The Amazon-owned home surveillance company says it is shuttering a feature in its Neighbors app that allows police to request footage from users. But it’s not shutting out the cops entirely.

article thumbnail

Google Pixel phones unusable after January 2024 system update

Bleeping Computer

Google Pixel smartphone owners report problems after installing the January 2024 Google Play system update, being unable to access their devices internal storage, open the camera, take screenshots, or even open apps. [.

Mobile 134
article thumbnail

2024 State of Ransomware in Education: 92% spike in K-12 attacks

Malwarebytes

This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, “known attacks” are those where the victim did not pay a ransom. This provides the best overall picture of ransomware activity, but the true number of attacks is far higher. 2023 was the worst ransomware year on record for Education: according to original ThreatDown research, the sector witnessed a staggering 70%

Education 132
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Over 200,000 Sites at Risk: Directory Traversal CVE-2024-0221 Vulnerability Hits Photo Gallery Plugin

Penetration Testing

A critical directory traversal vulnerability has been found in a popular WordPress plugin. The affected plugin, Photo Gallery by 10Web – Mobile-Friendly Image Gallery, has over 200,000 active installations. Photo Gallery is the leading... The post Over 200,000 Sites at Risk: Directory Traversal CVE-2024-0221 Vulnerability Hits Photo Gallery Plugin appeared first on Penetration Testing.

article thumbnail

What is Nudge Security and How Does it Work?

The Hacker News

In today’s highly distributed workplace, every employee has the ability to act as their own CIO, adopting new cloud and SaaS technologies whenever and wherever they need. While this has been a critical boon to productivity and innovation in the digital enterprise, it has upended traditional approaches to IT security and governance.

article thumbnail

Ransomware Attack Targets Major North American Water Company

Security Boulevard

A ransomware attack last week hit the North American operations of massive water and wastewater systems operator Veolia, illustrating the ongoing threat to the critical infrastructure sector by cybercrime groups. Veolia officials said in a note this week that the attack affected software and systems in their North America Municipal Water division. They also wrote.

article thumbnail

HPE: Russian hackers breached its security team’s email accounts

Bleeping Computer

Hewlett Packard Enterprise (HPE) disclosed today that suspected Russian hackers known as Midnight Blizzard gained access to the company's Microsoft Office 365 email environment to steal data from its cybersecurity team and other departments. [.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Protect AI Unveils Gateway to Secure AI Models

Security Boulevard

Protect AI's Guardian gateway enforces security policies to prevent malicious code from executing within an artificial intelligence (AI) model. The post Protect AI Unveils Gateway to Secure AI Models appeared first on Security Boulevard.

article thumbnail

APT10’s Latest Weapon: Unveiling the LODEINFO Malware Menace

Penetration Testing

In the shadowy corners of the digital world, where the battle between cybersecurity defenders and attackers unfolds with relentless intensity, a new adversary has emerged, wielding the sophisticated tool of deception and evasion: LODEINFO... The post APT10’s Latest Weapon: Unveiling the LODEINFO Malware Menace appeared first on Penetration Testing.

article thumbnail

Over 5,300 GitLab servers exposed to zero-click account takeover attacks

Bleeping Computer

Over 5,300 internet-exposed GitLab instances are vulnerable to CVE-2023-7028, a zero-click account takeover flaw GitLab warned about earlier this month. [.

article thumbnail

Arctic Wolf Labs Exposes CherryLoader: A New Go-based Malware

Penetration Testing

Arctic Wolf Labs has recently shed light on a sophisticated Go-based malware downloader, dubbed “CherryLoader,” which uses the legitimate CherryTree note-taking application to trick the victims. At first glance, CherryLoader deceives with a veneer... The post Arctic Wolf Labs Exposes CherryLoader: A New Go-based Malware appeared first on Penetration Testing.

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

SEC Twitter hack blamed on SIM swap attack

Graham Cluley

The US Securities & Exchange Comission (SEC) has confirmed that hackers managed to seize control of a phone number associated with its Twitter account, and used it to post an unauthorised message. Read more in my article on the Hot for Security blog.

Hacking 115
article thumbnail

CVE-2023-49657: Apache Superset Hit by High-Risk Stored XSS Vulnerability

Penetration Testing

The maintainers of the Apache Superset open-source data visualization software have released fixes to fix a critical vulnerability that could lead to stored cross-site scripting attacks. Dubbed CVE-2023-49657, this stored cross-site scripting (XSS) vulnerability has... The post CVE-2023-49657: Apache Superset Hit by High-Risk Stored XSS Vulnerability appeared first on Penetration Testing.

article thumbnail

Windows 11 KB5034204 update fixes Bluetooth audio issues, 24 bugs

Bleeping Computer

Microsoft released the January 2024 preview update for Windows 11 versions 22H2 and 23H2, which comes with Bluetooth audio bug fixes and addresses 24 known issues. [.

111
111
article thumbnail

CVE-2024-23897 (CVSS 9.8): Critical Jenkins Security Vulnerability, RCE Possible

Penetration Testing

Jenkins – a popular open-source automation server software – published an advisory on Wednesday concerning a critical vulnerability that could result in remote code execution. Tracked as CVE-2024-23897, a critical vulnerability within Jenkins’ built-in... The post CVE-2024-23897 (CVSS 9.8): Critical Jenkins Security Vulnerability, RCE Possible appeared first on Penetration Testing.

article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Google Kubernetes Misconfig Lets Any Gmail Account Control Your Clusters

The Hacker News

Cybersecurity researchers have discovered a loophole impacting Google Kubernetes Engine (GKE) that could be potentially exploited by threat actors with a Google account to take control of a Kubernetes cluster. The critical shortcoming has been codenamed Sys:All by cloud security firm Orca. As many as 250,000 active GKE clusters in the wild are estimated to be susceptible to the attack vector.

article thumbnail

RemoteTLSCallbackInjection: execute a payload without spawning any threads in a remote process

Penetration Testing

Maldev Academy – RemoteTLSCallbackInjection This method utilizes TLS callbacks to execute a payload without spawning any threads in a remote process. This method is inspired by Threadless Injection as RemoteTLSCallbackInjection does not invoke any API calls... The post RemoteTLSCallbackInjection: execute a payload without spawning any threads in a remote process appeared first on Penetration Testing.

article thumbnail

Microsoft: Recent updates cause Sysprep Windows validation errors

Bleeping Computer

Microsoft says admins are seeing 0x80073cf2 errors when using the System Preparation (Sysprep) tool to validate Windows installations for deployment after installing recent Windows 10 updates. [.

110
110
article thumbnail

Kasseika Ransomware Using BYOVD Trick to Disarms Security Pre-Encryption

The Hacker News

The ransomware group known as Kasseika has become the latest to leverage the Bring Your Own Vulnerable Driver (BYOVD) attack to disarm security-related processes on compromised Windows hosts, joining the likes of other groups like Akira, AvosLocker, BlackByte, and RobbinHood.

article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.