Cisco has released patches for multiple vulnerabilities, including two critical-severity flaws in Smart Licensing Utility.
The post Cisco Patches Critical Vulnerabilities in Smart Licensing Utility appeared first on SecurityWeek.
Two Nigerians Sentenced to Prison in US for BEC Fraud
Franklin Ifeanyichukwu Okwonna and Ebuka Raphael Umeti were sentenced to prison in the US for business email compromise (BEC) fraud.
The post Two Nigerians Sentenced to Prison in US for BEC Fraud appeared first on SecurityWeek.
Microchip Technology Confirms Personal Information Stolen in Ransomware Attack
Microchip Technology says employee contact information and other types of data was stolen in an August ransomware attack.
The post Microchip Technology Confirms Personal Information Stolen in Ransomware Attack appeared first on SecurityWeek.
How Do You Know When AI is Powerful Enough to be Dangerous? Regulators Try to Do the Math
An AI model trained on 10 to the 26th floating-point operations per second must now be reported to the U.S. government and could soon trigger even stricter requirements in California.
The post How Do You Know When AI is Powerful Enough to be Dangerous? Regulators Try to Do the Math appeared first on SecurityWeek.
DrayTek Vulnerabilities Added to CISA KEV Catalog Exploited in Global Campaign
Two DrayTek vulnerabilities added by CISA to its KEV catalog have been exploited by multiple threat groups to steal data from organizations worldwide.
The post DrayTek Vulnerabilities Added to CISA KEV Catalog Exploited in Global Campaign appeared first on SecurityWeek.
NIST Cybersecurity Framework (CSF) and CTEM – Better Together
It’s been a decade since the National Institute of Standards and Technology (NIST) introduced its Cybersecurity Framework (CSF) 1.0. Created following a 2013 Executive Order, NIST was tasked with designing a voluntary cybersecurity framework that would help organizations manage cyber risk, providing guidance based on established standards and best practices. While this version was originally
Fake OnlyFans cybercrime tool infects hackers with malware
Hackers are targeting other hackers with a fake OnlyFans tool that claims to help steal accounts but instead infects threat actors with the Lumma stealer information-stealing malware. […]
US Targets Russian Election Influence Operation With Charges, Sanctions, Domain Seizures
The US has cracked down on an influence operation sponsored by the Russian government, announcing charges, sanctions and domain seizures.
The post US Targets Russian Election Influence Operation With Charges, Sanctions, Domain Seizures appeared first on SecurityWeek.
Malware Attackers Using MacroPack to Deliver Havoc, Brute Ratel, and PhantomCore
Threat actors are likely employing a tool designated for red teaming exercises to serve malware, according to new findings from Cisco Talos.
The program in question is a payload generation framework called MacroPack, which is used to generate Office documents, Visual Basic scripts, Windows shortcuts, and other formats for penetration testing and social engineering assessments. It was developed
Planned Parenthood confirms cyberattack as RansomHub claims breach
Planned Parenthood has confirmed it suffered a cyberattack affecting its IT systems, forcing it to take parts of its infrastructure offline to contain the damage. […]