software vulnerability

AI’s Expanding Role in Cyber Attacks

Mar 19, 2024 by iHash Leave a Comment

Mar 19, 2024NewsroomGenerative AI / Incident Response Large language models (LLMs) powering artificial intelligence (AI) tools today could be exploited to develop self-augmenting malware capable of bypassing YARA rules. "Generative AI can be used to evade string-based YARA rules by augmenting the source code of small malware variants, effectively lowering detection rates," … [Read more...] about AI’s Expanding Role in Cyber Attacks

Fortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool

Mar 18, 2024 by iHash Leave a Comment

Mar 18, 2024NewsroomVulnerability / Threat Mitigation Fortra has released details of a now-patched critical security flaw impacting its FileCatalyst file transfer solution that could allow unauthenticated attackers to gain remote code execution on susceptible servers. Tracked as CVE-2024-25153, the shortcoming carries a CVSS score of 9.8 out of a maximum of 10. "A directory … [Read more...] about Fortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool

Hackers Using Cracked Software on GitHub to Spread RisePro Info Stealer

Mar 16, 2024 by iHash Leave a Comment

Mar 16, 2024NewsroomMalware / Cybercrime Cybersecurity researchers have found a number of GitHub repositories offering cracked software that are used to deliver an information stealer called RisePro. The campaign, codenamed gitgub, includes 17 repositories associated with 11 different accounts, according to G DATA. The repositories in question have since been taken down by … [Read more...] about Hackers Using Cracked Software on GitHub to Spread RisePro Info Stealer

GhostRace – New Data Leak Vulnerability Affects Modern CPUs

Mar 15, 2024 by iHash Leave a Comment

Mar 15, 2024NewsroomHardware Security / Data Protection A group of researchers has discovered a new data leakage attack impacting modern CPU architectures supporting speculative execution. Dubbed GhostRace (CVE-2024-2193), it is a variation of the transient execution CPU vulnerability known as Spectre v1 (CVE-2017-5753). The approach combines speculative execution and race … [Read more...] about GhostRace – New Data Leak Vulnerability Affects Modern CPUs

Third-Party ChatGPT Plugins Could Lead to Account Takeovers

Mar 15, 2024 by iHash Leave a Comment

Mar 15, 2024NewsroomData Privacy / Artificial Intelligence Cybersecurity researchers have found that third-party plugins available for OpenAI ChatGPT could act as a new attack surface for threat actors looking to gain unauthorized access to sensitive data. According to new research published by Salt Labs, security flaws found directly in ChatGPT and within the ecosystem could … [Read more...] about Third-Party ChatGPT Plugins Could Lead to Account Takeovers

LockBit Ransomware Hacker Ordered to Pay $860,000 After Guilty Plea in Canada

Mar 14, 2024 by iHash Leave a Comment

Mar 14, 2024NewsroomRansomware / Cyber Crime A 34-year-old Russian-Canadian national has been sentenced to nearly four years in jail in Canada for his participation in the LockBit global ransomware operation. Mikhail Vasiliev, an Ontario resident, was originally arrested in November 2022 and charged by the U.S. Department of Justice (DoJ) with "conspiring with others to … [Read more...] about LockBit Ransomware Hacker Ordered to Pay $860,000 After Guilty Plea in Canada

Demystifying a Common Cybersecurity Myth

Mar 13, 2024 by iHash Leave a Comment

Mar 13, 2024The Hacker NewsApp Security / Cyber Security One of the most common misconceptions in file upload cybersecurity is that certain tools are "enough" on their own—this is simply not the case. In our latest whitepaper OPSWAT CEO and Founder, Benny Czarny, takes a comprehensive look at what it takes to prevent malware threats in today's ever-evolving file upload … [Read more...] about Demystifying a Common Cybersecurity Myth

These PyPI Python Packages Can Drain Your Crypto Wallets

Mar 12, 2024 by iHash Leave a Comment

Mar 12, 2024The Hacker NewsCryptocurrency / Cybercrime Threat hunters have discovered a set of seven packages on the Python Package Index (PyPI) repository that are designed to steal BIP39 mnemonic phrases used for recovering private keys of a cryptocurrency wallet. The software supply chain attack campaign has been codenamed BIPClip by ReversingLabs. The packages were … [Read more...] about These PyPI Python Packages Can Drain Your Crypto Wallets

New Banking Trojan CHAVECLOAK Targets Brazilian Users via Phishing Tactics

Mar 11, 2024 by iHash Leave a Comment

Users in Brazil are the target of a new banking trojan known as CHAVECLOAK that's propagated via phishing emails bearing PDF attachments. "This intricate attack involves the PDF downloading a ZIP file and subsequently utilizing DLL side-loading techniques to execute the final malware," Fortinet FortiGuard Labs researcher Cara Lin said. The attack chain involves the use of … [Read more...] about New Banking Trojan CHAVECLOAK Targets Brazilian Users via Phishing Tactics

Microsoft Confirms Russian Hackers Stole Source Code, Some Customer Secrets

Mar 9, 2024 by iHash Leave a Comment

Mar 09, 2024NewsroomCyber Attack / Threat Intelligence Microsoft on Friday revealed that the Kremlin-backed threat actor known as Midnight Blizzard (aka APT29 or Cozy Bear) managed to gain access to some of its source code repositories and internal systems following a hack that came to light in January 2024. "In recent weeks, we have seen evidence that Midnight Blizzard is … [Read more...] about Microsoft Confirms Russian Hackers Stole Source Code, Some Customer Secrets

« Previous Page

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54