The Hacker News
Microsoft Patches 61 Flaws, Including Two Actively Exploited Zero-Days
Microsoft has patched 61 new security flaws, including two zero-days actively exploited in the wild.
The Hacker News
Microsoft has patched 61 new security flaws, including two zero-days actively exploited in the wild.
SecurityWeek
European Parliament application breached, DocGo hacked, VMware advisories moved to Broadcom support portal.
SecurityWeek
Hundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco.
Bleeping Computer
A desktop can be a powerful and effective upgrade for remote work, personal projects, and much more. This near-mint refurbished Dell Precision tower has all the power you need for $269.99, $414 off the $684 MSRP.
SecurityWeek
Hundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco.
SC Magazine
AI and “secure by design” will be crucial to defend against ransomware, CI attacks and AI threats in the coming years.
Ars Technica
In project headed by former Inflection chief, MAI-1 may have 500B parameters.
Cyber Security News
NVIDIA, a leading technology company, has recently released a security update regarding its Windows ChatRTX application.
SC Magazine
Security pros advise teams to use demo apps such as ChatRTX mainly in a test environment.
SecurityWeek
4,000 take part in Locked Shields 2024 exercise, Qantas and JP Morgan hit by data exposure bugs, NVIDIA patches critical flaw.
The Record
Researchers at Bitsight asked whether organizations remediate software and hardware vulnerabilities faster if they're on the federal government's list. The resulting data added up to a resounding "yes."
SecurityWeek
Technology and critical Infrastructure executives join new DHS Artificial Intelligence Safety and Security Board
Ars Technica
CEO-heavy board to tackle elusive AI safety concept and apply it to US infrastructure.
The Record
The Artificial Intelligence Safety and Security Board will include representatives of tech companies, critical infrastructure entities, academia, government agencies and “leaders in the civil rights, civil liberties, and privacy communities,” said Homeland Security Secretary Alejandro Mayorkas.
The Record
Kaiser Permanente said the affected information could "indicate a member or patient was signed into a Kaiser Permanente account or service," show how "a member or patient interacted with and navigated through the website and mobile applications" or reveal "search terms used in the health encyclopedia.”
SecurityWeek
Hive Systems conducts another study on cracking passwords via brute-force attacks, but it’s no longer targeting MD5.
Cyber Security News
Hackers abuse Windows Print Spooler vulnerabilities because it runs with elevated SYSTEM privileges which allows privilege escalation.
Ars Technica
Microsoft didn't disclose the in-the-wild exploits by Kremlin-backed group until now.
CyberNews
“We believe these are the best open source models of their class, period,” Meta said.
SecurityWeek
Cisco announces Hypershield, an AI-native and cloud-native enterprise security solution with a wide range of capabilities.
Cyber Security News
Cisco introduced its latest innovation, Cisco Hypershield, marking a significant milestone in the evolution of cybersecurity.
CSO
AI-based capability is part of Cisco’s Security Cloud platform for hyperscalers.
Ars Technica
Intel claims 50% more speed when running AI language models vs. the market leader.
SecurityWeek
Google adds AI to cloud security features and announces several other security capabilities for cloud customers.
The Hacker News
Microsoft releases a massive patch for April 2024, fixing a record 149 flaws. Two vulnerabilities are ALREADY under attack.
Ars Technica
While Musk says superintelligence is coming soon, one critic says prediction is "batsh*t crazy."
SecurityWeek
CISA hack could impact 100,000 people, Microsoft AI Copilot banned by US House, UK nuclear site prosecution.
Ars Technica
TSMC makes most high-end chips for Apple, Nvidia, AMD, and others.
Cyber Security News
This weekly cybersecurity news recap keeps you informed about the latest threats, exposures, mitigation techniques, and emerging malicious tactics that could compromise systems.
Cyber Security News
A security update released by ChatRTX on March 26th, 2024, addresses two vulnerabilities (CVE-2024-0082 and CVE-2024-0083) that could allow
SecurityWeek
Artificial intelligence computing giant NVIDIA patches two security bugs in ChatRTX for Windows, warning of risk of code execution attacks.
SecurityWeek
Los Angeles firmware and software supply chain firm banks $10.5 million in seed-stage venture capital funding led by Two Bear Capital.
Ars Technica
As companies race to pair AI with general-purpose humanoid robots, Nvidia's GR00T emerges.
Ars Technica
208B transistor chip can reportedly reduce AI cost and energy consumption by up to 25x.
CyberNews
Nvidia’s lifelike avatars are being used by industries for commercial applications and dynamic game characters. The company’s stocks are skyrocketing.
CyberSecurity Dive
The analyst firm said efforts to mitigate intellectual property leaks and copyright infringement will diminish ROI.
SC Magazine
“AI-driven” cybersecurity solutions must prove up their worth to buyers and analysts, experts say.
SecurityWeek
Researchers demonstrate remote GPU cache side-channel attack from within browsers against AMD and NVIDIA graphics cards.
Security Affairs
Researchers recently uncovered a DarkGate campaign in mid-January 2024, which exploited Microsoft zero-day vulnerability
The Hacker News
RedCurl cybercrime group found exploiting Windows Program Compatibility Assistant for malicious activities. This sophisticated method allows attackers
The Hacker News
A new DarkGate malware campaign uses a recently patched #MicrosoftWindows flaw (CVE-2024-21412) to deploy malicious software via bogus installers.
Bleeping Computer
A new wave of attacks by the DarkGate malware operation exploits a now-fixed Windows Defender SmartScreen vulnerability to bypass security checks and automatically install fake software installers.
Bleeping Computer
A new wave of attacks by the DarkGate malware operation exploits a now-fixed Windows Defender SmartScreen vulnerability to bypass security checks and automatically install fake software installers.
The Hacker News
Microsoft releases Patch Tuesday updates to patch 61 new vulnerabilities, including privilege escalation flaws in Azure, Windows, & Authenticator.
Trend Micro
In addition to our Water Hydra APT zero day analysis, the Zero Day Initiative (ZDI) observed a DarkGate campaign which we discovered in mid-January 2024 where DarkGate operators exploited CVE-2024-21412.
Ars Technica
Midjourney pins blame for 24-hour outage on "bot-net like" activity from Stability AI employee.
Ars Technica
Claude: "This pizza topping 'fact' may have been inserted as a joke or to test if I was paying attention."
Bleeping Computer
Sony subsidiary Insomniac Games is sending data breach notification letters to employees whose personal information was stolen and leaked online following a Rhysida ransomware attack in November.
Cyber Security News
Recently, Cisco announced On February 14, 2024, that they are laying off more than 4000 (approx 4200) employees which is 5% of the workforce.
Ars Technica
Nvidia's local private AI chatbot is a high-profile step toward cloud independence.
The Hacker News
Microsoft's latest Patch Tuesday tackles 73 vulnerabilities, including actively exploited zero-days.
Ars Technica
Driven by AI boom, the two companies are neck-and-neck behind Apple, Microsoft, and Google.
Ars Technica
WSJ: Audacious $5-$7 trillion investment would aim to expand global AI chip supply.
SecurityWeek
The Linux Foundation, AWS, Cisco, IBM, and other tech companies establish the Post-Quantum Cryptography Alliance.
Cyber Security News
Bazel, an open-source software used for automation of building and testing has been discovered with a critical supply chain vulnerability.
The Record
After a four-day outage caused by a cyberattack, the popular remote monitoring and management software company said there is "no evidence that any customer data has been exfiltrated."
PCMag
The company says the incident is not a ransomware attack.
HACKRead
AnyDesk, a remote desktop software maker, has reportedly become a victim of a cyberattack that compromised its production systems.
Bleeping Computer
AnyDesk confirmed today that it suffered a recent cyberattack that allowed hackers to gain access to the company's production systems. BleepingComputer has learned that source code and private code signing keys were stolen during the attack.
Bleeping Computer
AnyDesk confirmed today that it suffered a recent cyberattack that allowed hackers to gain access to the company's production systems. BleepingComputer has learned that source code and private code signing keys were stolen during the attack.
Cyber Security News
A new variant of VileRAT is being distributed through fake software pirate websites to infect Windows systems on a large scale.
SC Magazine
A GitHub Actions workflow could have been used for a command injection vulnerability in Bazel, which had the potential for threat actors to add malicious code into the production environment for projects using the Google open-source product.
Infosecurity News
Cycode stressed securing software supply chains amid complex dependencies and third-party actions
SecurityWeek
AI testing platform RagaAI raises $4.7 million in seed funding to help identify AI issues and improve security and reliability.
Cyber Security News
The incredible capabilities of LLM (Large Language Models) enable organizations to engage in various useful activities.
Ars Technica
Zuckeberg and Altman both tamp down fear and hype with casual statements about AGI.
Cyber Security News
Researchers Tyler Sorensen and Heidy Khlaaf of Trail of Bits found the vulnerability, which they named LeftoverLocals.
SC Magazine
A simple 10-line program could allow an attacker to “listen” to private machine learning processes, according to researchers from Trail of Bits.
Bleeping Computer
A new vulnerability dubbed 'LeftoverLocals' affecting graphics processing units from AMD, Apple, Qualcomm, and Imagination Technologies allows retrieving data from the local memory space.
SecurityWeek
Researchers show how a new attack named LeftoverLocals, which impacts GPUs from AMD, Apple and Qualcomm, can be used to obtain AI data.
CyberNews
Microsoft has eclipsed Apple to become the world's largest company by market capitalization.
DarkReading
The Middle Eastern developers claim to be building a new version of the antivirus-bypassing remote access Trojan (RAT) attack tool.
The Cyber Express
The year 2023 witnessed a surge in high-profile cyberattacks, leaving organizations shattered and the world in chaos. This digital turmoil
Bleeping Computer
The source code for Grand Theft Auto 5 was reportedly leaked on Christmas Eve, a little over a year after the Lapsus$ threat actors hacked Rockstar games and stole corporate data.
The Hacker News
Two British teens, part of the LAPSUS$ cybercrime gang, sentenced for orchestrating high-profile attacks against companies.
HACKRead
Arion Kurtaj, a 17-year-old from the United Kingdom, faced accusations of being part of the Lapsus$ gang, hacking industry giants, including Uber, Rockstar Games, Nvidia, BT, Samsung, and others.
SecurityWeek
A British teenage hacker has been sentenced to an indefinite hospital stay to be treated for his inability to control himself online.
Security Affairs
A member of the Lapsus$ cyber extortion group, Arion Kurtaj, has been sentenced to an indefinite hospital order.
The Cyber Express
The 18-year-old GTA 6 hacker, Arion Kurtaj, has been sentenced to life in a hospital prison for his role in
Bleeping Computer
Lapsus$ cybercrime and extortion group member, Arion Kurtaj has been sentenced to life in a 'secure hospital' by a UK judge. Kurtaj who is 18 years of age and autistic is among the primary Lapsus$ threat actors, and was involved in the leak of assets associated with the video game, Grand Theft Auto VI.
The Hacker News
Microsoft's final Patch Tuesday of 2023 is here, addressing 33 software flaws. This release includes 4 Critical and 29 Important fixes.
Computerworld
The Purple Llama project aims to help developers build generative AI models responsibly.
Ars Technica
China's flagship smartphone maker pulled off the feat despite sanctions.
Ars Technica
Even at home, SDXL Turbo can create detailed images with startling speed.
Ars Technica
Given GPU and patience, SVD can turn any image into a 2-second video clip.
Ars Technica
Amid GPU shortages, Microsoft reaches for custom silicon to run its AI language models.
The Hacker News
Microsoft has released fixes to address 63 security bugs in its software for the month of November 2023.
Ars Technica
The H200 will likely power the next generation of AI chatbots and art generators.
CSO
The guide offers supply chain risk intelligence for IT infrastructure including endpoints, servers, network devices, and cloud infrastructure products.
Ars Technica
xAI positions sarcastic AI assistant to counterbalance buttoned-up ChatGPT.
Ars Technica
"Bletchley Declaration" sums up first day of UK's international AI Safety Summit.
Ars Technica
Nvidia tried to end-run restrictions with new designs, but US govt said not so fast.
Ars Technica
GPU-based physics simulator speeds up reality by "1,000x" while GPT-4 calls the shots.
Ars Technica
At an estimated 4 cents per ChatGPT query, OpenAI looks for cheaper AI chip solutions.
Cyber Security News
The maker of ChatGPT, OpenAI, is looking at making its own artificial intelligence chips, which are necessary for operating the highly popular chatbot.
The Record
Researchers at EclecticIQ attributed the campaign to a China-based group known as Budworm or APT27. The hacking campaign involved lures citing a major Taiwan microchip manufacturer.
Cyber Security News
A new research paper has been published that mentions a side-channel attack to leak sensitive visual data from modern GPU cards when visiting a malicious website.
Bleeping Computer
Researchers from four American universities have developed a new GPU side-channel attack that leverages data compression to leak sensitive visual data from modern graphics cards when visiting web pages.
The Hacker News
Your GPU might be leaking data. GPU Side-Channel Vulnerability Exposes Modern GPUs to Data Leakage. Learn how this could impact your online privacy.
SecurityWeek
GPUs from AMD, Apple, Arm, Intel, Nvidia and Qualcomm are vulnerable to a new type of side-channel attack named GPU.zip.
Loading more articles....