Apr 15, 2025Ravie LakshmananLinux / Malware The China-linked threat actor known as UNC5174 has been attributed to a new campaign that leverages a variant of a known malware dubbed SNOWLIGHT and a new open-source tool called VShell to infect Linux systems. "Threat actors are increasingly using open source tools in their arsenals for cost-effectiveness and obfuscation to save … [Read more...] about Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool
Securing AI-Generated Code with Multiple Self-Learning AI Agents
The novelty of this workflow relies on the self-learning processes that allow the system to not only identify similar situations and apply the best solution, but also to automatically adapt to new cases based on the interaction between all of the security roles that work together to reinforce each other's knowledge and actions. The Power of Mixology: Combining LLMs and … [Read more...] about Securing AI-Generated Code with Multiple Self-Learning AI Agents
Get active with Apple Watch
April 14, 2025 UPDATE Get active with Apple Watch On April 24, Apple Watch users are encouraged to close their Activity rings to earn a special Global Close Your Rings Day limited-edition award Apple Watch is the world’s most popular watch, and the ultimate fitness and health companion. Every day, Apple Watch offers fitness motivation to millions of people around the globe, … [Read more...] about Get active with Apple Watch
ResolverRAT Campaign Targets Healthcare, Pharma via Phishing and DLL Side-Loading
Cybersecurity researchers have discovered a new, sophisticated remote access trojan called ResolverRAT that has been observed in attacks targeting healthcare and pharmaceutical sectors. "The threat actor leverages fear-based lures delivered via phishing emails, designed to pressure recipients into clicking a malicious link," Morphisec Labs researcher Nadav Lorber said in a … [Read more...] about ResolverRAT Campaign Targets Healthcare, Pharma via Phishing and DLL Side-Loading
How financial services can balance AI innovation with compliance
How financial services firms can responsibly adopt AI while navigating growing regulatory complexityHow can financial services harness AI's power while managing an increasingly complex regulatory environment? This was the central question addressed by experts at our recent Elastic Financial Services Summit. Matt Minetola, CIO at Elastic, brought deep FinServ technology … [Read more...] about How financial services can balance AI innovation with compliance
The hidden costs of tool sprawl: An SRE’s guide to observability consolidation
An overview of the benefits, challenges, and philosophy behind consolidating your observability toolsPicture this: It's 3:00 a.m., and your phone is buzzing with alerts from what seems like a dozen different monitoring tools. As you blearily scroll through the notifications, you can't help but wonder, "How did we end up with so many tools, and why can't they just talk to each … [Read more...] about The hidden costs of tool sprawl: An SRE’s guide to observability consolidation
Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit
Apr 11, 2025Ravie LakshmananNetwork Security / Vulnerability Fortinet has revealed that threat actors have found a way to maintain read-only access to vulnerable FortiGate devices even after the initial access vector used to breach the devices was patched. The attackers are believed to have leveraged known and now-patched security flaws, including, but not limited to, … [Read more...] about Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit
Paper Werewolf Deploys PowerModul Implant in Targeted Cyberattacks on Russian Sectors
The threat actor known as Paper Werewolf has been observed exclusively targeting Russian entities with a new implant called PowerModul. The activity, which took place between July and December 2024, singled out organizations in the mass media, telecommunications, construction, government entities, and energy sectors, Kaspersky said in a new report published Thursday. Paper … [Read more...] about Paper Werewolf Deploys PowerModul Implant in Targeted Cyberattacks on Russian Sectors
Initial Access Brokers Shift Tactics, Selling More for Less
What are IABs? Initial Access Brokers (IABs) specialize in gaining unauthorized entry into computer systems and networks, then selling that access to other cybercriminals. This division of labor allows IABs to concentrate on their core expertise: exploiting vulnerabilities through methods like social engineering and brute-force attacks. By selling access, they significantly … [Read more...] about Initial Access Brokers Shift Tactics, Selling More for Less
Incomplete Patch in NVIDIA Toolkit Leaves CVE-2024-0132 Open to Container Escapes
Apr 10, 2025Ravie LakshmananContainer Security / Vulnerability Cybersecurity researchers have detailed a case of an incomplete patch for a previously addressed security flaw impacting the NVIDIA Container Toolkit that, if successfully exploited, could put sensitive data at risk. The original vulnerability CVE-2024-0132 (CVSS score: 9.0) is a Time-of-Check Time-of-Use (TOCTOU) … [Read more...] about Incomplete Patch in NVIDIA Toolkit Leaves CVE-2024-0132 Open to Container Escapes