Zoom patches critical privilege elevation flaw in Windows apps
The Zoom desktop and VDI clients and the Meeting SDK for Windows are vulnerable to an improper input validation flaw that could allow an unauthenticated…
Month: February 2024
ChatGPT Down? Anonymous Sudan Claims Responsibility for DDoS Attacks
Is your ChatGPT down? Or, are you experiencing issues accessing ChatGPT? If so, you’re not alone. ChatGPT has been encountering service disruptions and numerous errors…
Microsoft: Nation-state hackers are exploiting ChatGPT
Nation-state threat actors backed by the governments of China, Iran, North Korea and Russia are exploiting the large language models (LLMs) used by generative AI…
Services Australia hits Java, Angular dev pool shortage – Software
A limited pool of Java and Angular developers led to the long-running health delivery modernisation program at Services Australia drifting “outside of tolerances”, but the…
German battery maker Varta halts production after cyberattack
Battery maker VARTA AG announced yesterday that it was targeted by a cyberattack that forced it to shut down IT systems, causing production to stop…
Overworld secures $10M for cross-platform ARPG development
LOS ANGELES – Feb. 14, 2024 – Game studio Overworld, building high-quality, cross-platform multiplayer RPGs, has closed a seed round of $10M, led by Hashed…
Met Police to scrap and replace ‘racist’ Gangs Violence Matrix
The Metropolitan Police is scrapping its controversial Gangs Violence Matrix (GVM) database after long-standing concerns over the tool’s racial disproportionality, but human rights groups have…
Microsoft Exchange update enables Extended Protection by default
Microsoft is automatically enabling Windows Extended Protection on Exchange servers after installing this month’s 2024 H1 Cumulative Update (aka CU14). Extended Protection (EP) will automatically…
U.S. Internet Leaked Years of Internal, Customer Emails – Krebs on Security
The Minnesota-based Internet provider U.S. Internet Corp. has a business unit called Securence, which specializes in providing filtered, secure email services to businesses, educational institutions…
How to interpret the MITRE Engenuity ATT&CK® Evaluations: Enterprise
Thorough, independent tests are vital as cybersecurity leaders and their teams evaluate vendors’ abilities to guard against increasingly sophisticated threats to their organizations. And perhaps…
5 Ways to Maximize the Impact of IaC Scans
Infrastructure-as-code (IaC) continues to gain traction and is even hailed for having changed software development towards greater efficiency and shared responsibilities between the development and…
How are state-sponsored threat actors leveraging AI?
Microsoft and OpenAI have identified attempts by various state-affiliated threat actors to use large language models (LLMs) to enhance their cyber operations. Threat actors use…