Sticky Werewolf Expands Cyber Attack Targets in Russia and Belarus

/in

Cybersecurity researchers have disclosed details of a threat actor known as Sticky Werewolf that has been linked to cyber attacks targeting entities in Russia and Belarus.
The phishing attacks were aimed at a pharmaceutical company, a Russian research institute dealing with microbiology and vaccine development, and the aviation sector, expanding beyond their initial focus of government

The Hacker News – ​Read More

Governments, Businesses Tighten Cybersecurity Around Hajj Season

/in

While cyberattacks drop slightly during the week of the Islamic pilgrimage, organizations in Saudi Arabia and other countries with large Muslim populations see attacks on the rise.

darkreading – ​Read More

Apple Is Coming for Your Password Manager

/in

Plus: A media executive is charged in an alleged money-laundering scheme, a ransomware attack disrupts care at London hospitals, and Google’s former CEO has a secretive drone project up his sleeve.

Security Latest – ​Read More

New PHP Vulnerability Exposes Windows Servers to Remote Code Execution

/in

Details have emerged about a new critical security flaw impacting PHP that could be exploited to achieve remote code execution under certain circumstances.
The vulnerability, tracked as CVE-2024-4577, has been described as a CGI argument injection vulnerability affecting all versions of PHP installed on the Windows operating system.
According to DEVCORE security researcher, the shortcoming makes

The Hacker News – ​Read More

Microsoft Revamps Controversial AI-Powered Recall Feature Amid Privacy Concerns

/in

Microsoft on Friday said it will disable its much-criticized artificial intelligence (AI)-powered Recall feature by default and make it an opt-in.
Recall, currently in preview and coming exclusively to Copilot+ PCs on June 18, 2024, functions as an “explorable visual timeline” by capturing screenshots of what appears on users’ screens every five seconds, which are subsequently analyzed and

The Hacker News – ​Read More

Harvard, MIT, and Wharton research reveals pitfalls of relying on junior staff for AI training

/in

New study by Harvard, MIT, Wharton, and BCG researchers finds that relying on junior employees to train seniors on generative AI risks is ineffective, highlighting the need for top-down governance and expertise at all levels.Read More

Security News | VentureBeat – ​Read More

New Phishing Campaign Uses Stealthy JPGs to Drop Agent Tesla

/in

Spanish speakers beware! A new campaign using the Agent Tesla RAT targets Spanish-speaking individuals. Learn how to protect…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

GitHub Repos Targeted in Cyber-Extortion Attacks

/in

Since at least February, a threat actor has been attempting to extort victims by stealing or wiping data in their GitHub repositories.

darkreading – ​Read More

OpenAI, Anthropic Research Reveals More About How LLMs Affect Security and Bias

/in

Anthropic opened a window into the ‘black box’ where ‘features’ steer a large language model’s output. OpenAI dug into the same concept two weeks later with a deep dive into sparse autoencoders.

Security | TechRepublic – ​Read More

CISO Corner: Red Sox CloudSec; Deepfake Biz Risk; Ticketmaster Takeaways

/in

Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: Proactive playbooks, a US-Kenya partnership, and the trouble with shadow engineering.

darkreading – ​Read More