Microsoft disrupts cybercrime operation that hid behind legitimate software
The Fox Tempest malware-signing-as-a-service operation was linked to numerous ransomware attacks. Source link
Category: CyberSecurityDive
7-Eleven hit by data breach
The retailer confirmed that an unauthorized third party gained access to certain systems used to store franchisee documents earlier this spring. Source link
Patch bypass allows hackers to exploit prior flaw in SonicWall SSL-VPN
Researchers said a wave of attacks began in February targeting firewalls that appeared to be protected. Source link
How a government contest launched a revolution in AI-based bug hunting
Security researchers have spent months honing AI systems that can find and fix serious vulnerabilities. Critical infrastructure everywhere could benefit. Source link
Grafana Labs says hacker gained access to codebase through leaked token
The company, which operates a widely used observability platform, is refusing to pay an extortion demand. Source link
MSPs need AI to fight AI-fueled cyberthreats: Guardz
Entry points haven’t changed, but the speed and scale of attacks have intensified, the security vendor found. Source link
Attackers exploit critical flaw in Cisco Catalyst SD-WAN Controller
Researchers discovered the authentication bypass vulnerability while investigating a prior issue in the same service. Source link
West Pharmaceutical starts restoring operations after ransomware attack
The company confirmed data was stolen and encrypted by the attackers. Source link
Frontier AI models reap rapid discovery of security vulnerabilities
Security teams have just a few months before AI-driven exploitation becomes the norm, researchers warn. Source link
More money is going to physical security, but it’s often CISOs that oversee it: EY
Organizations should centralize physical security and cybersecurity so both are adequately prepared for, the consulting firm says in a survey report. Source link
Canvas owner reaches ‘agreement’ with threat actors after data breach
Cybersecurity experts suggest that Instructure appears to have made a ransomware payment, which the FBI highly discourages. Source link
OpenAI launches Daybreak to combat cyber threats
The cybersecurity initiative uses AI to detect software vulnerabilities, partnering with Cloudflare, Cisco and CrowdStrike to counter threats. Source link