CrowdStrike and Dell unleash an AI-powered, unified security vision

/in

By adding CrowdStrike’s Falcon XDR platform to its current Managed Detection and Response (MDR) service, Dell provides its global base of resellers with AI-based technologies their customers need to battle back against attacks.Read More

Security News | VentureBeat – ​Read More

American Express Discloses Data Breach

/in

American Express says names, card account numbers, and card expiration dates were compromised in a data breach.

The post American Express Discloses Data Breach appeared first on SecurityWeek.

SecurityWeek – ​Read More

Critical Vulnerability Exposes TeamCity Servers to Takeover

/in

A critical authentication bypass in TeamCity allows remote attackers to take full control of vulnerable servers.

The post Critical Vulnerability Exposes TeamCity Servers to Takeover appeared first on SecurityWeek.

SecurityWeek – ​Read More

Self-Propagating Worm Created to Target Generative AI Systems

/in

Researchers from Israel Institute of Technology, Intuit and Cornell Tech have developed a computer worm called “Morris II” that targets generative AI (GenAI) applications to spread malware and steal personal data.

Cyware News – Latest Cyber News – ​Read More

Securing Software Repositories Leads to Better OSS Security

/in

The OpenSSF has implemented various initiatives to improve open-source software security, including the creation of a Malicious Packages repository and partnering with CISA to develop a security maturity framework for package repositories.

Cyware News – Latest Cyber News – ​Read More

GitHub Push Protection Now on by Default for Public Repositories

/in

GitHub has implemented push protection as a default security feature for all public repositories to prevent accidental leaks of sensitive information such as API keys and tokens.

Cyware News – Latest Cyber News – ​Read More

Exploit Available for New Critical JetBrains TeamCity Authentication Bypass Bug, Patch Now

/in

The JetBrains TeamCity On-Premises CI/CD solution has been found to have two critical vulnerabilities (CVE-2024-27198 and CVE-2024-27199) that can allow remote attackers to take control of the server and modify system settings without authentication.

Cyware News – Latest Cyber News – ​Read More

Epic Games ‘hackers’ admit threat of leak was phony

/in

The “hacker” group that claimed to have breached Epic Games now says it was an elaborate con, and Epic says there was no legitimate threat.Read More

Security News | VentureBeat – ​Read More

Critical TeamCity Bugs Endanger Software Supply Chain

/in

Customers should immediately patch critical vulnerabilities in on-prem deployments of the CI/CD pipeline tool JetBrains TeamCity that could allow threat actors to gain admin control over servers.

darkreading – ​Read More

Zero-Click GenAI Worm Spreads Malware, Poisoning Models

/in

35 years after the Morris worm, we’re still dealing with a version of the same issue: data overlapping with control.

darkreading – ​Read More