CISA Report Finds Critical Open-Source Memory Safety Risks

/in

CISA urges manufacturers to reduce memory safety vulnerabilities by ditching memory-unsafe languages, implementing secure coding practices, and adopting routine security testing measures.

Cyware News – Latest Cyber News – ​Read More

‘The Acolyte’ and the Long-Awaited Death of Review-Bombing

/in

Leslye Headland’s new Star Wars show is getting positive reviews from critics and being trashed by audiences. Some are calling it review-bombing—but it’s more complicated than that.

Wired – ​Read More

New Ransomware, Infostealers Pose Growing Risk in 2024

/in

In Q1 2024, BlackBerry detected and stopped 3.1 million cyberattacks, averaging 37,000 per day. They also detected 630,000 malicious hashes, a 40% increase from the previous reporting period.

Cyware News – Latest Cyber News – ​Read More

B+ Security Rating Masks Healthcare Supply Chain Risks

/in

The healthcare sector received a “B+” security rating for the first half of 2024, indicating a decent level of security. However, it faces a significant vulnerability in the form of supply chain cyber risk.

Cyware News – Latest Cyber News – ​Read More

Russian APT Reportedly Behind New TeamViewer Hack

/in

TeamViewer’s corporate network was hacked and some reports say the Russian group APT29 is behind the attack.

The post Russian APT Reportedly Behind New TeamViewer Hack appeared first on SecurityWeek.

SecurityWeek – ​Read More

This Viral AI Chatbot Will Lie and Say It’s Human

/in

Bland AI’s customer services and sales bot is the latest example of “human-washing” in AI. Experts warn against the consequences of blurred reality.

Wired – ​Read More

Cyber Insurance Terms Drive Companies To Invest More in Security, Report Finds

/in

Approximately three-quarters of companies have made investments in cyber defense in order to qualify for cyber insurance, according to a report by Sophos and Vanson Bourne.

Cyware News – Latest Cyber News – ​Read More

Polyfill Domain Shut Down as Owner Disputes Accusations of Malicious Activity

/in

Namecheap shut down polyfill.io amid reports of malicious activity, but the Chinese owner claims it has good intentions.

The post Polyfill Domain Shut Down as Owner Disputes Accusations of Malicious Activity appeared first on SecurityWeek.

SecurityWeek – ​Read More

CISA Adds GeoServer, Linux Kernel, and Roundcube Webmail Bugs to its Known Exploited Vulnerabilities Catalog

/in

The US cybersecurity agency CISA has issued a warning about cyber threat actors exploiting vulnerabilities in GeoServer (CVE-2022-24816), the Linux kernel (CVE-2022-2586), and Roundcube Webmail (CVE-2020-13965).

Cyware News – Latest Cyber News – ​Read More

Mitigating Skeleton Key, a New Type of Generative AI Jailbreak Technique

/in

Microsoft has discovered a new type of jailbreak attack called Skeleton Key. This technique uses a multi-turn strategy to make the model ignore its guardrails, allowing it to generate forbidden content or override its decision-making rules.

Cyware News – Latest Cyber News – ​Read More