Aggregator

Don't let AI CoPilots be the source of your first data breach. Learn more from Varonis about the challengers of securing your data in the era of gen AI. [...]

Vulnerability / Hardware SecurityA team of researchers from the CISPA Helmholtz Center for Informa

A team of researchers from the CISPA Helmholtz Center for Information Security in Germany has disclosed an architectural bug impacting Chinese chip company T-Head's XuanTie C910 and C920 RISC-V CPUs that could allow attackers to gain unrestricted access to susceptible devices. The vulnerability has been codenamed GhostWrite. It has been described as a direct CPU bug embedded in the hardware, as

The traffic graphs on Cloudflare Radar have been enhanced to include HTTP request traffic. This new metric complements the existing bytes-based “HTTP traffic” view, and the new graphs can be found on Radar’s Overview and Traffic pages.

CERT-UA has warned that a mass phishing campaign impersonating Ukraine’s Security Services has infected more than 100 government devices

AI's proficiency at creating software code won't put developers out of a job, but the job will change to one focused on security, collaboration, and "mentoring" AI models.

A report published today by Cato Networks finds three years after its discovery in 2021 there was a

A report published today by Cato Networks finds three years after its discovery in 2021 there was a 61% increase in attempts to exploit Log4j vulnerabilities in inbound traffic and a 79% increase in the attempted use of Log4j in WANbound traffic in the first half of this year.

The post Cato Network Reports Spike in Attempts to Exploit Log4j Vulnerabilities appeared first on Security Boulevard.

error code: 1106

Самый быстрый за 15 лет спидран по Diablo оказался фальшивкой.

In this blog post we describe how the MSC file format can be leveraged to execute arbitrary code v

Belarusian-Ukrainian national Maksim Silnikau was arrested in Spain and is now extradited to the USA to face charges for creating the Ransom Cartel ransomware operation in 2021 and running a malvertising operation from 2013 to 2022. [...]

Morphisec researchers have recently uncovered a critical vulnerability in Microsoft Outlook, identified as CVE-2024-30103. It can execute malicious code as soon as an email is opened. We will explore the technical aspects of CVE-2024-30103, examining how this vulnerability can be exploited and assessing its potential impact on your systems. This vulnerability presents a significant security […]

The post 0-Click Outlook Vulnerability Triggered RCE When Email is Opened – Technical Analysis appeared first on Cyber Security News.

Belarusian national Maksim Silnikau, who was operating under the ‘J.P. Morgan’ moniker, is believed to be one of the world’s most prolific Russian-speaking cybercriminals

保障新型电力系统稳步建设！

As digital currencies have grown, so have cryptocurrency scams, posing significant user risks. The rise of AI and deepfake technology has intensified scams exploiting famous personalities and events by creating realistic fake videos. Platforms like X and YouTube have been especially targeted, with scammers hijacking high-profile accounts to distribute fraudulent content. This report delves into the CryptoCore group's complex scam operations, analyzing their use of deepfakes, hijacked accounts, and fraudulent websites to deceive victims and profit millions of dollars.

The post CryptoCore: Unmasking the Sophisticated Cryptocurrency Scam Operations appeared first on Avast Threat Labs.

Ukrainian researchers have discovered a phishing campaign targeting local state agencies with remot