Infostealer malware developers released updates claiming to bypass Google Chrome’s recently introduced feature App-Bound Encryption to protect sensitive data such as cookies. […]
Automatic Tank Gauges Used in Critical Infrastructure Plagued by Critical Vulnerabilities
Bitsight finds critical vulnerabilities in several automatic tank gauge (ATG) products used in various critical infrastructure sectors.
The post Automatic Tank Gauges Used in Critical Infrastructure Plagued by Critical Vulnerabilities appeared first on SecurityWeek.
Critical Ivanti vTM auth bypass bug now exploited in attacks
CISA has tagged another critical Ivanti security vulnerability, which can let threat actors create rogue admin users on vulnerable Virtual Traffic Manager (vTM) appliances, as actively exploited in attacks. […]
Hackers deploy AI-written malware in targeted attacks
While cybercriminals have used generative AI technology to create convincing emails, government agencies have warned about the potential abuse of AI tools to creating malicious software, despite the safeguards and restrictions that vendors implemented. […]
AI-Generated Malware Found in the Wild
HP has intercepted an email campaign comprising a standard malware payload delivered by an AI-generated dropper.
The post AI-Generated Malware Found in the Wild appeared first on SecurityWeek.
Necro Android Malware Found in Popular Camera and Browser Apps on Play Store
Altered versions of legitimate Android apps associated with Spotify, WhatsApp, and Minecraft have been used to deliver a new version of a known malware loader called Necro.
Kaspersky said some of the malicious apps have also been found on the Google Play Store. They have been cumulatively downloaded 11 million times. They include –
Kaspersky said some of the malicious apps have also been found on the Google Play Store. They have been cumulatively downloaded 11 million times. They include –
Wuta Camera – Nice Shot Always (com.benqu.wuta) – 10+ million
Microsoft Names Deputy CISOs, Governance Council to Manage Security Push
Microsoft says each Deputy CISO will oversee specific domains, ranging from gaming and cloud security to AI and government systems.
The post Microsoft Names Deputy CISOs, Governance Council to Manage Security Push appeared first on SecurityWeek.
Iranian APT Operating as Initial Access Provider to Networks in the Middle East
Iranian state-sponsored threat actor UNC1860 is operating as an initial access provider to high-profile networks in the Middle East.
The post Iranian APT Operating as Initial Access Provider to Networks in the Middle East appeared first on SecurityWeek.
Generative AI Security: Getting ready for Salesforce Einstein Copilot
Salesforce’s Einstein Copilot can provide insights and perform tasks help streamline daily processes. However, it also comes with risks that you should takes steps to mitigate. Learn more from Varonis on how to prepare for Salesforce Einstein Copilot, […]
U.S. Proposes Ban on Connected Vehicles Using Chinese and Russian Tech
The U.S. Department of Commerce (DoC) said it’s proposing a ban on the import or sale of connected vehicles that integrate software and hardware made by foreign adversaries, particularly that of the People’s Republic of China (PRC) and Russia.
“The proposed rule focuses on hardware and software integrated into the Vehicle Connectivity System (VCS) and software integrated into the Automated
“The proposed rule focuses on hardware and software integrated into the Vehicle Connectivity System (VCS) and software integrated into the Automated