Nov 04, 2024Ravie LakshmananVulnerability / Cyber Threat Cybersecurity researchers have disclosed six security flaws in the Ollama artificial intelligence (AI) framework that could be exploited by a malicious actor to perform various actions, including denial-of-service, model poisoning, and model theft. "Collectively, the vulnerabilities could allow an attacker to carry out … [Read more...] about Critical Flaws in Ollama AI Framework Could Enable DoS, Model Theft, and Poisoning
Framework
Gophish Framework Used in Phishing Campaigns to Deploy Remote Access Trojans
Russian-speaking users have become the target of a new phishing campaign that leverages an open-source phishing toolkit called Gophish to deliver DarkCrystal RAT (aka DCRat) and a previously undocumented remote access trojan dubbed PowerRAT. "The campaign involves modular infection chains that are either Maldoc or HTML-based infections and require the victim's intervention to … [Read more...] about Gophish Framework Used in Phishing Campaigns to Deploy Remote Access Trojans
Operational resilience framework for success | Elastic
No organization is immune to disruptions. Whether it’s a flawed update, a targeted cyber attack, or even a global pandemic responsible for a massive supply chain upheaval, most companies will, at some point, hit a speed bump. That’s the price of growth. But successful companies know how to respond, recover, and learn from disruptions with the help of a sound operational … [Read more...] about Operational resilience framework for success | Elastic
A Threat-Modeling Framework for Embedded Devices
May 13, 2024Newsroom The MITRE Corporation has officially made available a new threat-modeling framework called EMB3D for makers of embedded devices used in critical infrastructure environments. "The model provides a cultivated knowledge base of cyber threats to embedded devices, providing a common understanding of these threats with the security mechanisms required to … [Read more...] about A Threat-Modeling Framework for Embedded Devices
3 Recommendations for a Next-Gen Cybersecurity Framework
Cyberattacks evolve daily, and defenders are forced to adapt at the same rate. Cybersecurity best practices, however, are updated and codified much less frequently. There is broad experimentation in the field, and it takes some time for authoritative working groups to sort out which new practices and controls are practical and consistently effective for a large cross-section of … [Read more...] about 3 Recommendations for a Next-Gen Cybersecurity Framework
Critical OAuth Vulnerability in Expo Framework Allows Account Hijacking
May 27, 2023Ravie LakshmananAPI Security / Vulnerability A critical security vulnerability has been disclosed in the Open Authorization (OAuth) implementation of the application development framework Expo.io. The shortcoming, assigned the CVE identifier CVE-2023-28131, has a severity rating of 9.6 on the CVSS scoring system. API security firm Salt Labs said the issue rendered … [Read more...] about Critical OAuth Vulnerability in Expo Framework Allows Account Hijacking
Sharp Panda Using New Soul Framework Version to Target Southeast Asian Governments
Mar 08, 2023Ravie LakshmananAdvanced Persistent Threat High-profile government entities in Southeast Asia are the target of a cyber espionage campaign undertaken by a Chinese threat actor known as Sharp Panda since late last year. The intrusions are characterized by the use of a new version of the Soul modular framework, marking a departure from the group's attack chains … [Read more...] about Sharp Panda Using New Soul Framework Version to Target Southeast Asian Governments
CISA Issues Warning on Active Exploitation of ZK Java Web Framework Vulnerability
Feb 28, 2023Ravie LakshmananSoftware Security / Cyber Attack The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity flaw affecting the ZK Framework to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation. Tracked as CVE-2022-36537 (CVSS score: 7.5), the issue impacts ZK Framework versions 9.6.1, … [Read more...] about CISA Issues Warning on Active Exploitation of ZK Java Web Framework Vulnerability
Threat Actors Adopt Havoc Framework for Post-Exploitation in Targeted Attacks
Feb 22, 2023Ravie LakshmananExploitation Framework / Cyber Threat An open source command-and-control (C2) framework known as Havoc is being adopted by threat actors as an alternative to other well-known legitimate toolkits like Cobalt Strike, Sliver, and Brute Ratel. Cybersecurity firm Zscaler said it observed a new campaign in the beginning of January 2023 targeting an … [Read more...] about Threat Actors Adopt Havoc Framework for Post-Exploitation in Targeted Attacks
New Chinese Malware Attack Framework Targets Windows, macOS, and Linux Systems
A previously undocumented command-and-control (C2) framework dubbed Alchimist is likely being used in the wild to target Windows, macOS, and Linux systems. "Alchimist C2 has a web interface written in Simplified Chinese and can generate a configured payload, establish remote sessions, deploy payload to the remote machines, capture screenshots, perform remote shellcode … [Read more...] about New Chinese Malware Attack Framework Targets Windows, macOS, and Linux Systems