Tech Titans Promise Watermarks to Expose AI Creations
The White House said Friday that OpenAI and others in the artificial intelligence race have committed to making their technology safer with features such as watermarks…
Category: SecurityWeek
GitHub Warns of North Korean Social Engineering Attacks Targeting Tech Firm Employees
A North Korean threat actor has been observed targeting employees at technology firms in a new low-volume social engineering campaign, Microsoft-owned code hosting platform GitHub…
Citrix Zero-Day Exploited Against Critical Infrastructure Organization
The US Cybersecurity and Infrastructure Security Agency (CISA) revealed on Thursday that the recently disclosed Citrix zero-day vulnerability tracked as CVE-2023-3519 has been exploited against…
New Ransomware With RAT Capabilities Impersonating Sophos
A Rust-based file-encrypting ransomware was found this week to be impersonating the cybersecurity firm Sophos as part of its operation. Dubbed ‘SophosEncrypt’, the malware is…
New AMI BMC Flaws Allowing Takeover and Physical Damage Could Impact Millions of Devices
Firmware and hardware security company Eclypsium has disclosed information on two new vulnerabilities found by its researchers in the American Megatrends (AMI) MegaRAC Baseboard Management…
10 Steps to Help Secure Your APIs
APIs have certainly changed the way in which businesses operate. APIs allow businesses to push forward technologically with greater ease. This allows for more rapid innovation, which…
Multiple DDoS Botnets Exploiting Recent Zyxel Vulnerability
Multiple distributed denial-of-service (DDoS) botnets are targeting a vulnerability in Zyxel firewalls for which patches have been available since April, cybersecurity firm Fortinet reports. Tracked…
Cosmetics Giant Estée Lauder Targeted by Two Ransomware Groups
Cosmetics giant Estée Lauder has disclosed a data breach just as two ransomware groups made claims about stealing vast amounts of information from the company.…
JumpCloud Cyberattack Linked to North Korean Hackers
The cyberattack that directory, identity, and access management company JumpCloud fell victim to in late June can be attributed to North Korean advanced persistent threat…
Human Cyber-Risk Can Be Demonstrably Mitigated by Behavior Changing Training: Analysis
The process of encouraging secure cyber habits in end users is evolving from traditional awareness training toward changing end user behavior. It reflects a growing…
P2PInfect: New Peer-to-Peer Worm Targeting Redis Servers
A newly discovered peer-to-peer (P2P) worm is targeting Redis servers that are vulnerable to a year-old Lua sandbox escape bug, cybersecurity firm Palo Alto Networks…
Adobe Releases New Patches for Exploited ColdFusion Vulnerabilities
Adobe has released a second round of patches for some recently disclosed ColdFusion vulnerabilities, including flaws that appear to have been exploited in attacks. On…