CSO
US AI experts targeted in cyberespionage campaign using SugarGh0st RAT
Threat actors use phishing techniques to obtain non-public information about generative artificial intelligence.
Ars Technica
Arizona woman accused of helping North Koreans get remote IT jobs at 300 companies
Alleged $6.8M conspiracy involved "laptop farm," identity theft, and résumé coaching.
HACKRead
HP Reports Low-Effort, High-Impact Cat-Phishing Targeting Users
New HP report reveals cybercriminals are increasingly leveraging "cat-phishing" techniques, exploiting open redirects in legitimate websites to deceive users and deliver malware.
The Cyber Express
US Charged North Korean Job Fraud Nexus Amassing Funds for Nuclear Program
The U.S. federal prosecutors on Thursday revealed charges against a North Korean job fraud nexus that ran its fraudulent scheme
DarkReading
US AI Experts Targeted in SugarGh0st RAT Campaign
Researchers believe the attacker is likely China-affiliated, since a previous version of the malware was used by a China nation-state attack group.
CyberScoop
Arizona woman arrested and charged in North Korean IT worker scheme
Christina Chapman facilitated remote work and financial transfers for North Koreans tied to that nation’s weapons development programs, according to the U.S. government.
Bleeping Computer
Five charged for cyber schemes to benefit North Korea's weapons program
The U.S. Justice Department charged five individuals today, a U.S. Citizen woman, a Ukrainian man, and three foreign nationals, for their involvement in cyber schemes that generated revenue for North Korea's nuclear weapons program.
Infosecurity News
SugarGh0st RAT Variant Used in Targeted AI Industry Attacks
Proofpoint said the attackers modified registry key names for persistence
SecurityWeek
Alkira Raises $100 Million for Secure Network Infrastructure Platform
Network infrastructure as-a-service Alkira has raised $100 million in a Series C funding round led by Tiger Global Management.
DarkReading
FCC Reveals 'Royal Tiger' Robocall Campaign
In a first-ever move, the commission's enforcement bureau has high hopes that official classification will allow law enforcement partners to better combat these kinds of threats.
Bleeping Computer
How to manage the security risks of generative AI tools
Growth in AI use is widespread, evolving, and showing no signs of slowing, and with it comes risks ranging from competitive and legal concerns to a slew of security implications. Here's how Nudge Security can help you discover and manage AI security risks.
Infosecurity News
CISO Confidence in AI Security Grows as GenAI Adoption Rises
Nearly six out of ten surveyed ClubCISO members are confident AI is used securely in their organizations
Cyber Security News
Top 10 Best Managed Service Providers (MSP) for CISO, CTO & IT Managers - 2024
Best MSP for CISO, CTO & IT Managers - 1. Perimeter 812. Secureworks 3. IBM 4. Trustwave 5. Wipro 6. Verizon 7. Sophos 8. Symantec.
The Cyber Express
Beyond Borders: CISA Addresses the Global Influence on US Election Cybersecurity
During a recent Senate committee hearing, Director of National Intelligence Avril Haines emphasized state hackers' continued prominence as a threat,
SecurityWeek
Android 15 Brings Improved Fraud and Malware Protections
Google is boosting fraud and malware protections in Android 15 with live threat detection and expanded restricted settings.
SecurityWeek
Palo Alto Networks Teams Up With IBM, Acquires QRadar SaaS Assets
Palo Alto Networks and IBM have announced a significant partnership to jointly provide cybersecurity solutions.
Cyber Security News
Palo Alto Networks Buys IBM’s QRadar
In a major move to bolster its cloud security offerings, Palo Alto Networks announced today that it has agreed to purchase the QRadar .
Cyber Security News
LogRhythm and Exabeam to Merge to Boost SIEM & SOAR
LogRhythm and Exabeam, two leading cybersecurity companies to create a powerful force in the security operations and analytics market.
SecurityWeek
In First AI Dialogue, US Cites ‘Misuse’ of AI by China, Beijing Protests Washington’s Restrictions
US officials raised concerns on China’s “misuse of AI” while Beijing’s representatives rebuked the US over “restrictions and pressure” on AI.
SC Magazine
AI-generated code top cloud security concern amid 100% use rate in survey
GenAI, API and identity risks are key concerns, as well as conflicts between DevOps and SecOps.
The Record
US offers $5 million for info on North Korean IT workers involved in job fraud
According to the State Department, a U.S. national named Christina Chapman helped four people fraudulently obtain work as remote software and applications developers with companies in a range of sectors and industries, earning millions of dollars for the North Korean regime.
Ars Technica
Google unveils Veo, a high-definition AI video generator that may rival Sora
Google's video synthesis model creates minute-long 1080p videos from written prompts.
Bleeping Computer
Android to add new anti-theft and data protection features
Google is introducing multiple anti-theft and data protection features later this year, some available only for Android 15+ devices, while others will roll out to billions of devices running Android 10 and later.
Bleeping Computer
Android 15, Google Play get new anti-malware and anti-fraud features
Today, Google announced new security features coming to Android 15 and Google Play that will help block scams, fraud, and malware apps on users' devices.
Bleeping Computer
Android 15, Google Play Protect get new anti-malware and anti-fraud features
Today, Google announced new security features coming to Android 15 and Google Play Protect that will help block scams, fraud, and malware apps on users' devices.
SecurityWeek
Thoma Bravo-owned LogRhythm Announces Merger with Rival Exabeam
Financial terms were not released but it's likely a hefty price tag with Exabeam’s most recent valuation pegged at $2.5 billion.
The Hacker News
Google Launches AI-Powered Theft and Data Protection Features for Android Devices
Google just unveiled new "private space" feature lets you keep your sensitive apps hidden and locked with a separate PIN.
The Hacker News
Android 15 Rolls Out Advanced Features to Protect Users from Scams and Malicious Apps
Android 15 introduces new features to prevent malicious apps from capturing your sensitive data. Find out more about these crucial updates:
DarkReading
D-Link Routers Vulnerable to Takeover Via Exploit for Zero-Day
A vulnerability in the HNAP login request protocol that affects a family of devices gives unauthenticated users root access for command execution.
The Cyber Express
The Cybersecurity Guardians: Meet the Top 30 cybersecurity Influencers to Follow in 2024
The ever-evolving landscape of cybersecurity is shaped by a dedicated group of individuals. These pioneers, through their research, entrepreneurship, and
SecurityWeek
Threat Actors Abuse GitHub to Distribute Multiple Information Stealers
Russian-speaking threat actors are caught abusing a GitHub profile to distribute information stealers posing as legitimate software.
SecurityWeek
Intel Publishes 41 Security Advisories for Over 90 Vulnerabilities
Intel has published 41 new May 2024 Patch Tuesday advisories covering a total of more than 90 vulnerabilities.
.webp)
Cyber Security News
Turla APT Group Attacking European Ministry of Foreign Affairs
The well-known advanced persistent threat (APT) group Turla, which is based in Russia, is said to be going after the European Ministry.
Infosecurity News
Google Expands Content Watermarking Tool to AI-Generated Text
Google DeepMind’s SynthID can now be used to watermark AI-generated images, audio, text and video
SecurityWeek
Santander Data Breach Impacts Customers, Employees
The Spanish bank Santander said customers in Chile, Spain and Uruguay are affected by a data breach at a third-party provider.
The Hacker News
Ebury Botnet Malware Compromises 400,000 Linux Servers Over Past 14 Years
Ebury malware botnet has compromised an estimated 400,000 servers since 2009. Learn how to protect your systems from this advanced threat.
SecurityWeek
Senators Urge $32 Billion in Emergency Spending on AI After Finishing Yearlong Review
Senators are recommending that Congress spend at least $32 billion over the next three years to develop AI and place safeguards around it.
Cyber Security News
10 Best Network Security Providers for Healthcare Industry in 2024
Best Network Security Providers for the Healthcare Industry - 1. Perimeter 81, 2. Palo Alto Networks, 3. Fortinet, 4. Cisco, 5. Trend Micro
Cyber Security News
How To Reduce The Alert Triage Time In Security Operations: SOC Analyst Guide
Alert Triage is a process of recognizing the important alerts from a huge pool of security alerts and allocating the resources accurately.
Ars Technica
Chief Scientist Ilya Sutskever leaves OpenAI six months after Altman ouster
CEO Altman: "OpenAI would not be what it is without him."
DarkReading
Singapore Cybersecurity Update Puts Cloud Providers on Notice
The nation amends its Cybersecurity Act, giving its primary cybersecurity agency more power to regulate critical infrastructure and third parties, and requiring cyber incidents be reported.
CSO
FBI warns Black Basta ransomware impacted over 500 organizations worldwide
CISA advisory includes indicators of compromise and TTPs that can be used for threat hunting.
Bleeping Computer
PoC exploit released for RCE zero-day in D-Link EXO AX4800 routers
The D-Link EXO AX4800 (DIR-X4860) router is vulnerable to remote unauthenticated command execution that could lead to complete device takeovers by attackers with access to the HNAP port.
Cyber Security News
Let's AI Search for You! Google Search Now Gets Advanced AI-Powered Capabilities
Google revealed its plans to integrate advanced generative AI capabilities into its flagship Search product. This move promises to transform the way users interact with and leverage information on the internet.
Ars Technica
Google strikes back at OpenAI with “Project Astra” AI agent prototype
AI model updates galore at Google I/O, including 2m context window, Imagen 3, Veo, and more.
Infosecurity News
CISA and Partners Unveil Cybersecurity Guide For Civil Society Groups
The guide is designed to provide high-risk communities with actionable steps to bolster their cybersecurity defenses
Security Magazine
72% of consumers worry daily about being fooled by a deepfake
A global consumer research study reveals consumer attitudes about generative AI, showing that many are concerned about being fooled by deepfakes.
Infosecurity News
NIST Confusion Continues as Cyber Pros Complain CVE Uploads Stopped
Several software security experts have told Infosecurity that no new vulnerabilities have been added to the US NVD since May 9
Infosecurity News
China Presents Defining Challenge to Global Cybersecurity, Says GCHQ
GCHQ chief warns China's cyber actions threaten global internet security, while Russia and Iran pose immediate risks
The Cyber Express
Cybersecurity Concerns Surround ChatGPT 4o’s Launch; Open AI Assures Beefed up Safety Measure
The field of Artificial Intelligence is rapidly evolving, and OpenAI's ChatGPT is a leader in this revolution. This groundbreaking large
SecurityWeek
MITRE EMB3D Threat Model Officially Released
MITRE announced the public availability of the EMB3D threat model for embedded devices used in critical infrastructure.
Infosecurity News
FCC Names and Shames First Robocall Threat Actor
In a first, the FCC has designated “Royal Tiger” as a malicious robocall threat group
The Cyber Express
The Cyber Express Sets the Stage to Host World CyberCon META Edition 2024 in Dubai
This May, the heartbeat of the cybersecurity industry will resonate through Dubai, where The Cyber Express is set to host
Latest Hacking News
Criminal IP and Quad9 Collaborate to Exchange Domain and IP Threat Intelligence
Torrance, California, May 13th, 2024, CyberNewsWireCriminal IP, a renowned Cyber Threat Intelligence (CTI) search engine developed by AI SPERA, has recently signed a technology partnership to exchange threat intelligence data based on domains and potentially
.webp)
Cyber Security News
Royal Tiger Group With Spoofed Phone Numbers Stealing Credit Card Data: FCC
According to the FCC, the Royal Tiger Group and the people who work with it are a C-Communications Information Services Threat (C-CIST).
CSO
Equipped with AI tools, hackers make apps riskier than ever
The odds of attacks are growing as attackers can now easily access code modification and reverse engineering tools.
Cyber Security News
OpenAI Releases GPT-4o, Faster Model & Free For All ChatGPT Users
OpenAI, which is the leading artificial intelligence research lab, recently announced its latest breakthrough in AI technology called GPT-4o.
The Record
Is this Iowa congressman the next House Republican point man on cyber?
Rep. Zach Nunn arrived in Congress with arguably more cyber experience than any other new member in history. Can he fill the shoes of Rep. Mike Gallagher, the party's longtime House leader on cybersecurity issues?
SC Magazine
Royal Tiger robocall gang impersonated feds, banks, utilities, FCC says
The FCC has smacked the group with a first-of-its-kind threat classification for its persistent, fraudulent activity.
Ars Technica
Before launching, GPT-4o broke records on chatbot leaderboard under a secret name
Anonymous chatbot that mystified and frustrated experts was OpenAI's latest model.
SecurityWeek
China and US Envoys Will Hold First Top-Level Dialogue on Artificial Intelligence
Envoys from the United States and China will meet in Geneva for talks about artificial intelligence, including the risks of the fast-evolving technology.
Ars Technica
ChatGPT-4o allows real-time audio-video conversations with an “emotional” AI chatbot
GPT-4o demo shows new AI model singing a bedtime story, detecting user's facial expressions.
%20(1).webp)
Cyber Security News
Criminal IP and Quad9 Collaborate to Exchange Domain and IP Threat Intelligence
"Our partnership with Quad9 is a recognition of the accuracy of Criminal IP's data," stated Byungtak Kang, CEO of AI SPERA.
CyberNews
Smart dog collars might help predict earthquakes
A study on dogs in Lima, Peru, wants to find out whether IoT devices on pets can indicate seismic activity.
Bleeping Computer
Criminal IP Teams with Quad9 for Advanced Threat Intelligence Sharing
The Criminal IP Threat Intelligence (CTI) search engine to integrate with Quad9's threat-blocking service. Learn more from Criminal IP about how this integration can help you.
HACKRead
Criminal IP and Quad9 Collaborate to Exchange Domain and IP Threat Intelligence
Torrance, California, May 13th, 2024, CyberNewsWire
CyberNews
Russia-linked group incorporating AI in its new automated propaganda machine
A Russia-linked group is automating fake news fabrication and publishing with AI.
The Cyber Express
CBSE Results 2024 Under Threat: Database Vulnerability Could Compromise Student Scores
As the Central Board of Secondary Education (CBSE) in India released the CBSE results 2024 for its class 10th and
The Hacker News
The 2024 Browser Security Report Uncovers How Every Web Session Could be a Security Minefield
Are your browser extensions safe? 33% in most orgs aren't! Learn to protect your data with insights from the 2024 Browser Security Report.
The Hacker News
SHQ Response Platform and Risk Centre to Enable Management and Analysts Alike
Overcoming cybersecurity challenges means smarter collaboration. Explore how SecurityHQ's Risk Register can bridge the gap between tech and strategy.
CyberSecurity Dive
Only one-third of firms deploy safeguards against generative AI threats, report finds
Generative AI gives attackers an edge over cyber defenders, according to a Splunk survey of security experts.
CyberNews
AI abused to clone voices, FBI warns
The San Francisco division of the FBI is warning individuals and organizations to be aware of AI used by cybercriminals.
The Cyber Express
TCE Cyberwatch: Weekly Wrap on AI, Deepfakes, Cybersecurity Challenges Affecting Nations Worldwide
This week on TCE Cyberwatch we’re covering the different data breaches and vulnerabilities faced by different companies. Along with this,
CyberSecurity Dive
Don’t be afraid of GenAI code, but do be wary
Don’t fall for scare headlines about GenAI code—it offers multiple benefits—but also be aware of its limits and risks.
The Record
FCC designates first robocall threat actor under new classification system
A robocall group labeled Royal Tiger is the first classified as a Consumer Communications Information Services Threat (C-CIST) by the FCC.
Security Affairs
Security Affairs newsletter Round 471 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
.png)
Cyber Security News
Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)
Staying informed is the key in this dynamic battle of cybersecurity, and due to this, the weekly news recap provides you with the newest trends, weaknesses, infringements found, and some possible defense mechanisms.
HACKRead
Latvian TV Channels Hacked to Broadcast Russian Victory Day Parade
On Thursday, someone hacked into the system and switched the channels to show the Russian Victory Day parade instead of Latvian programs.
The Cyber Express
The Top 10 Cybersecurity Unicorns in The World
The ever-evolving digital landscape presents a constant challenge for businesses and individuals alike: staying secure in the face of increasingly
The Cyber Express
Cybersecurity Startup Treacle Raises About 40 million in Pre-Seeding Round
Treacle, a cybersecurity startup founded in 2021 by Subhasis Mukhopadhyay, Subhajit Manna, and Partha Das, has raised about 40 million
HACKRead
New LLMjacking Attack Lets Hackers Hijack AI Models for Profit
Researchers have discovered a novel cyberattack scheme, dubbed, LLMjacking, in which, threat actors gain access to the cloud environment.
Bleeping Computer
Dell API abused to steal 49 million customer records in data breach
The threat actor behind the recent Dell data breach revealed they scraped information of 49 million customer records using an partner portal API they accessed as a fake company.
Infosecurity News
UK's AI Safety Institute Unveils Platform to Accelerate Safe AI Develo
The UK's open source AI safety evaluation platform, Inspect, is set to empower global collaboration for safer AI development
CyberNews
Google maps out tiny portion of brain
One cubic millimeter of the human brain has been shown to have 50,000 cells and 150 million neural connections.
DarkReading
Cybersecurity Races to Unmask New Wave of AI Deepfakes
Kevin Mandia, CEO of Mandiant at Google Cloud, calls for watermarks as the industry braces for a barrage of mind-bending AI-generated fake audio and video.
The Hacker News
CensysGPT: AI-Powered Threat Hunting for Cybersecurity Pros (Webinar)
Join us as we unveil CensysGPT and learn how it's changing the game in threat hunting.
Infosecurity News
#RSAC: Experts Highlight Novel Cyber Threats and Tactics
Well-funded cybercriminals are adopting more sophisticated techniques, creating a need for defenders to stay informed about the evolving threat landscape
SecurityWeek
In Other News: European Parliament Breach, DocGo Hack, VMware Advisories Moved
European Parliament application breached, DocGo hacked, VMware advisories moved to Broadcom support portal.
Security Affairs
Russia-linked APT28 targets government Polish institutions
CERT Polska warns of a large-scale malware campaign against Polish government institutions conducted by Russia-linked APT28.
SecurityWeek
RSA Conference 2024 – Announcements Summary (Day 4)
Hundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco.
The Hacker News
Researchers Uncover 'LLMjacking' Scheme Targeting Cloud-Hosted AI Models
Researchers have uncovered a new attack called "LLMjacking" that targets large language models (LLMs) hosted on cloud services.
The Cyber Express
Dell Warns Customers of Data Breach: Threat Actor Claims 49M Records Compromised
Dell has issued a warning to its customers regarding a data breach following claims by a threat actor of pilfering
The Record
Okta’s security chief on the company’s own cyberattack and how the ‘battleground’ has shifted
Okta Chief Security Officer David Bradbury discusses lessons from the incident, how nation-state threats are evolving, and how AI is already influencing identity-based attacks.
The Record
As White House preps new cyber rules for healthcare, Neuberger says backlash is unwarranted
The current cybersecurity situation in the healthcare industry is at least a decade in the making, White House official Anne Neuberger said at the RSA Conference.
Ars Technica
Stack Overflow users sabotage their posts after OpenAI deal
Anti-AI users who change or delete answers in protest are being punished.
Infosecurity News
Why Cybersecurity Professionals Have a Duty to Secure AI
Experts at the RSA Conference urged cyber professionals to lead the way in securing AI systems today and pave the way for AI to solve huge societal challenges
Infosecurity News
New 'LLMjacking' Attack Exploits Stolen Cloud Credentials
Sysdig said the attackers gained access to these credentials from a vulnerable version of Laravel
SecurityWeek
Criminal Use of AI Growing, But Lags Behind Defenders
Despite the current lack of large-scale criminal exploitation of gen-AI, researchers highlight indications that this may change.
CyberNews
Police using facial recognition tech in Germany of all places
Memories of the Stasi, the secret police, are still alive in the eastern part of Germany – but that’s where live facial recognition technology has now been deployed.
Infosecurity News
AI-Powered Russian Network Pushes Fake Political News
Researchers discover large-scale Russian influence operation using GenAI to influence voters
Loading more articles....