Critical Nvidia Security Flaw Exposes Cloud AI Systems to Host Takeover
A stark warning from researchers at Wiz after discovering a TOCTOU (Time-of-check Time-of-Use) vulnerability that exposes enterprise cloud environments to code execution, information disclosure and data tampering attacks. Read More
Over a Third of Employees Secretly Sharing Work Info with AI
Around half (46%) of Gen Z and 43% of millennials surveyed admitted sharing sensitive work information with such tools without their employer’s knowledge. Read More
JPCERT shares Windows Event Log tips to detect ransomware attacks
Japan's Computer Emergency Response Center (JPCERT/CC) has shared tips on detecting different ransomware gang's attacks based on entries in Windows Event Logs, providing timely detection of ongoing attacks before they spread too far into a network. Read More
Multiple Vulnerabilities Discovered in PHP, Prompting Urgent Security Updates
These vulnerabilities range from potential log tampering to arbitrary file inclusion and data integrity violations. Read More
Storm-0501: Ransomware attacks expanding to hybrid cloud environments
Microsoft has observed the threat actor Storm-0501 launching a multi-staged attack where they compromised hybrid cloud environments and performed lateral movement from on-premises to cloud environment, leading to data exfiltration, credential theft, tampering, persistent backdoor access, and ransomware deployment. Read More
First Mobile Crypto Drainer Found on Google Play
WalletConnect, accrued over 10,000 downloads and stole around $70,000 in cryptocurrency from victims. Read More
NIST proposes barring some of the most nonsensical password rules
Proposed guidelines aim to inject badly needed common sense into password hygiene. Read More
Kia dealer portal flaw could let attackers hack millions of cars
A group of security researchers discovered critical flaws in Kia's dealer portal that could let hackers locate and steal millions of Kia cars made after 2013 using just the targeted vehicle's license plate. Read More
Louisiana accounting firm breach affects 127,000 customers
A breach of a mid-sized accounting firm in Louisiana that impacted 127,431 of its customers offers some insight into how average businesses find reporting data breaches in a timely manner very challenging. Read More
Five ways to beef up network security and reduce data theft
With the risks escalating, let’s look at five ways to improve the network’s data security with defenses and technologies that can proactively stand up to today’s sophisticated threats. Read More