AI for application security: Balancing automation with human oversight
In this Help Net Security interview, Kyle Wickert, Worldwide Strategic Architect at AlgoSec, discusses the role of AI in application security, exploring how it’s transforming…
Author: Cybernoz
Windows driver zero-day exploited by Lazarus hackers to install rootkit
Image: Midjourney The notorious North Korean Lazarus hacking group exploited a zero-day flaw in the Windows AFD.sys driver to elevate privileges and install the FUDModule rootkit…
Organizations turn to biometrics to counter deepfakes
The risk of deepfakes is rising with 47% of organizations having encountered a deepfake and 70% of them believing deepfake attacks which are created using…
Microsoft Azure Kubernetes Services Vulnerability Let Attackers Escalate Privileges
Mandiant recently disclosed a critical vulnerability in Microsoft Azure Kubernetes Services (AKS) that could have allowed attackers to escalate privileges and access sensitive credentials within…
Toyota confirms breach after stolen data leaks on hacking forum
Toyota confirmed that its network was breached after a threat actor leaked an archive of 240GB of data stolen from the company’s systems on a…
GovERP axed as reuse review finds demand only for artifacts, patterns – Software
A $341 million project to set up a common ERP across the federal government produced little of functional value, but there is “strong demand” for…
The 4 Components of Top AI Model Ecosystems
Table of Contents I have been thinking a lot about the competition between OpenAI, Anthropic, Meta, and Google for who has the best pinnacle AI…
Ransomware rakes in record-breaking $450 million in first half of 2024
Ransomware victims have paid $459,800,000 to cybercriminals in the first half of 2024, setting the stage for a new record this year if ransom payments…
The Next Strike Might Be Linux Due to eBPF
On July 19, 2024, a flawed update in CrowdStrike Falcon’s channel file 291 led to a logic error that caused Windows systems to crash, resulting…
CISA warns of Jenkins RCE bug exploited in ransomware attacks
CISA has added a critical Jenkins vulnerability that can be exploited to gain remote code execution to its catalog of security bugs, warning that it’s actively…
Styx Stealer Malware Stealing Browser And Instant Messenger Data
Recently cybersecurity researchers at Check Point discovered a new malware dubbed “Styx Stealer,” capable of stealing browser and instant messenger data. Threat actors often exploit…
Stolen, locked payment cards can be used with digital wallet apps
Fraudsters can add stolen payment cards to digital wallet apps and continue making online purchases even after victims’ report the card stolen and the bank…