SurePath AI has raised $5.2 million in seed funding for a solution that helps enterprises securely use generative AI.
The post SurePath AI Raises $5.2 Million for Gen-AI Governance Solution appeared first on SecurityWeek.
Glove Stealer Malware Bypasses Chrome’s App-Bound Encryption
The Glove Stealer malware leverages a recently disclosed App-Bound encryption bypass method in attacks.
The post Glove Stealer Malware Bypasses Chrome’s App-Bound Encryption appeared first on SecurityWeek.
In Other News: TSA Wants New Cyber Rules, Scam Call Detection in Android, SIM Swappers Arrested
Noteworthy stories that might have slipped under the radar: TSA proposes new cyber rules for pipelines and railroads, Google adds scam call detection to Android, SIM swappers arrested in US.
The post In Other News: TSA Wants New Cyber Rules, Scam Call Detection in Android, SIM Swappers Arrested appeared first on SecurityWeek.
Researchers Warn of Privilege Escalation Risks in Google’s Vertex AI ML Platform
Cybersecurity researchers have disclosed two security flaws in Google’s Vertex machine learning (ML) platform that, if successfully exploited, could allow malicious actors to escalate privileges and exfiltrate models from the cloud.
“By exploiting custom job permissions, we were able to escalate our privileges and gain unauthorized access to all data services in the project,” Palo Alto Networks
“By exploiting custom job permissions, we were able to escalate our privileges and gain unauthorized access to all data services in the project,” Palo Alto Networks
Known Brand, Government Domains Hijacked via Sitting Ducks Attacks
Threat actors have hijacked over 70,000 domains, including known brands and government entities, because of failed domain ownership verification.
The post Known Brand, Government Domains Hijacked via Sitting Ducks Attacks appeared first on SecurityWeek.
CISO Forum Virtual Summit: Full Session List On Demand
All sessions from the 2024 CISO Forum Virtual Summit are now available to watch on demand.
The post CISO Forum Virtual Summit: Full Session List On Demand appeared first on SecurityWeek.
Master Certificate Management: Join This Webinar on Crypto Agility and Best Practices
In the fast-paced digital world, trust is everything—but what happens when that trust is disrupted? Certificate revocations, though rare, can send shockwaves through your operations, impacting security, customer confidence, and business continuity. Are you prepared to act swiftly when the unexpected happens?
Join DigiCert’s exclusive webinar, “When Shift Happens: Are You Ready for Rapid
Join DigiCert’s exclusive webinar, “When Shift Happens: Are You Ready for Rapid
Man Who Stole and Laundered Roughly $1B in Bitcoin Is Sentenced to 5 Years in Prison
Bitfinex hacker Ilya Lichtenstein, who stole bitcoin worth billions of dollars at current prices, has been sentenced to five years in prison.
The post Man Who Stole and Laundered Roughly $1B in Bitcoin Is Sentenced to 5 Years in Prison appeared first on SecurityWeek.
Vietnamese Hacker Group Deploys New PXA Stealer Targeting Europe and Asia
A Vietnamese-speaking threat actor has been linked to an information-stealing campaign targeting government and education entities in Europe and Asia with a new Python-based malware called PXA Stealer.
The malware “targets victims’ sensitive information, including credentials for various online accounts, VPN and FTP clients, financial information, browser cookies, and data from gaming software,”
The malware “targets victims’ sensitive information, including credentials for various online accounts, VPN and FTP clients, financial information, browser cookies, and data from gaming software,”
CISA Warns of Two More Palo Alto Expedition Flaws Exploited in Attacks
CISA has added two more Palo Alto Networks Expedition flaws, CVE-2024-9463 and CVE-2024-9465, to its KEV catalog.
The post CISA Warns of Two More Palo Alto Expedition Flaws Exploited in Attacks appeared first on SecurityWeek.