darkreading

Attackers can use a zero- or one-click flaw to send a malicious image to targets — an image that can deanonymize a user within seconds, posing a threat to journalists, activists, hackers, and others whose locations are sensitive.

The threat actors are abusing the vulnerabilities to gain initial access, obtain credentials, and install malicious scripts on user devices.

While employees want to take advantage of the increased efficiency of GenAI and LLMs, CISOs and IT teams must be diligent and stay on top of the most up-to-date security regulations.

Such routers typically lack endpoint detection and response protection, are in front of a firewall, and don't run monitoring software like Sysmon, making the attacks harder to detect.

The AI-powered work platform helps organizations securely identify and access internal enterprise data as part of business processes and workflows.

The rush to say "yes" allows cybersecurity teams to avoid hard conversations with business stakeholders but also risks losing their ability to effectively protect organizations.

The new administration moved quickly to remove any constraints on AI development and collected $500 billion in investment pledges for an American-owned AI joint venture.

Advanced persistent threat group PlushDaemon, active since 2019, is using a sophisticated modular backdoor to collect data from infected systems in South Korea.

The pardon comes after 11 years in prison for Ross Ulbricht, who was sentenced to life without parole on several charges, including computer hacking, distribution of narcotics, and money laundering.

The flurry of non-human identity attacks at the end of 2024 demonstrates extremely strong momentum heading into the new year. That does not bode well.

Despite lagging in technology adoption, African and Middle Eastern organizations are catching up, driven by smartphone acceptance and national identity systems.

In a letter sent today, the acting DHS secretary terminated membership to all advisory boards, including the Cyber Safety Review Board (CSRB) tasked with investigating state-sponsored cyber threats against the US.

Sophos noted more than 15 attacks have been reported during the past three months.

The advanced persistent threat (APT) group is likely India-based and targeting individuals with connections to the country's intelligence community.

The company reports that it is not experiencing any operational issues within its business, so far.

Two separate campaigns are targeting flaws in various IoT devices globally, with the goal of compromising them and propagating malware worldwide.

Set for release in March, Cisco AI Defense will provide algorithmic red teaming of large language models with technology that came over as part of the Robust Intelligence acquisition last year.