From Misuse to Abuse: AI Risks and Attacks
AI from the attacker’s perspective: See how cybercriminals are leveraging AI and exploiting its vulnerabilities to compromise systems, users, and even other AI applications
Cybercriminals and AI: The Reality vs. Hype
“AI will not replace humans in the near future. But humans who know how to use AI are going to replace those humans who don’t know how to use AI,” says Etay Maor, Chief Security
Cybercriminals and AI: The Reality vs. Hype
“AI will not replace humans in the near future. But humans who know how to use AI are going to replace those humans who don’t know how to use AI,” says Etay Maor, Chief Security
Google Pays Out $36,000 for Severe Chrome Vulnerability
Google has released Chrome 130 in the stable channel to resolve 17 vulnerabilities, including 13 reported by external researchers.
The post Google Pays Out $36,000 for Severe Chrome Vulnerability appeared first on SecurityWeek.
AI Models in Cybersecurity: From Misuse to Abuse
Exploring differences in AI models on security measures and unveiling threat actor tactics.
The post AI Models in Cybersecurity: From Misuse to Abuse appeared first on SecurityWeek.
North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware
The North Korean threat actor known as ScarCruft has been linked to the zero-day exploitation of a now-patched security flaw in Windows to infect devices with malware known as RokRAT.
The vulnerability in question is CVE-2024-38178 (CVSS score: 7.5), a memory corruption bug in the Scripting Engine that could result in remote code execution when using the Edge browser in Internet Explorer Mode.
The vulnerability in question is CVE-2024-38178 (CVSS score: 7.5), a memory corruption bug in the Scripting Engine that could result in remote code execution when using the Edge browser in Internet Explorer Mode.
CISA Flags Critical SolarWinds Web Help Desk Bug for In-the-Wild Exploitation
CISA warns that a critical-severity hardcoded credentials vulnerability in SolarWinds Web Help Desk is exploited in attacks.
The post CISA Flags Critical SolarWinds Web Help Desk Bug for In-the-Wild Exploitation appeared first on SecurityWeek.
Oracle Patches Over 200 Vulnerabilities With October 2024 CPU
Oracle has released 334 new security patches to address roughly 220 unique CVEs as part of its October 2024 Critical Patch Update.
The post Oracle Patches Over 200 Vulnerabilities With October 2024 CPU appeared first on SecurityWeek.
5 Techniques for Collecting Cyber Threat Intelligence
To defend your organization against cyber threats, you need a clear picture of the current threat landscape. This means constantly expanding your knowledge about new and ongoing threats.
There are many techniques analysts can use to collect crucial cyber threat intelligence. Let’s consider five that can greatly improve your threat investigations.
Pivoting on С2 IP addresses to pinpoint malware
There are many techniques analysts can use to collect crucial cyber threat intelligence. Let’s consider five that can greatly improve your threat investigations.
Pivoting on С2 IP addresses to pinpoint malware
Passkey News: FIDO Unveils New Specifications, Amazon Announces 175 Million Users
FIDO Alliance has published new specifications for securely moving passkeys across providers, as Amazon announced 175 million passkey users.
The post Passkey News: FIDO Unveils New Specifications, Amazon Announces 175 Million Users appeared first on SecurityWeek.
Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack
A new spear-phishing campaign targeting Brazil has been found delivering a banking malware called Astaroth (aka Guildma) by making use of obfuscated JavaScript to slip past security guardrails.
“The spear-phishing campaign’s impact has targeted various industries, with manufacturing companies, retail firms, and government agencies being the most affected,” Trend Micro said in a new analysis.
“
“The spear-phishing campaign’s impact has targeted various industries, with manufacturing companies, retail firms, and government agencies being the most affected,” Trend Micro said in a new analysis.
“