SecOps Need to Tackle AI Hallucinations to Improve Accuracy

/in

AI is increasingly embedded into threat detection and response tools, but hallucinations can lead to false positive and inaccurate guidance. The AI-associated risk can’t be completely eradicated, but SecOps teams can take steps to at least limit the effects.

darkreading – ​Read More

‘PathWiper’ Attack Hits Critical Infrastructure In Ukraine

/in

Cisco Talos researchers observed the new wiper malware in a destructive attack against an unnamed critical infrastructure organization.

darkreading – ​Read More

Digital Forensics Firm Cellebrite to Acquire Corellium

/in

Cellebrite, a controversial digital forensics firm, is set to acquire virtualization vendor Corellium in a $170 million deal.

darkreading – ​Read More

Cisco Warns of Credential Vuln on AWS, Azure, Oracle Cloud

/in

The vulnerability, with a 9.9 CVSS score on a 10-point scale, results in different Cisco ISE deployments all sharing the same credentials as long as the software release and cloud platform remain the same.

darkreading – ​Read More

Misconfigured HMIs Expose US Water Systems to Anyone with a Browser

/in

Censys researchers follow some clues and find hundreds of control-room dashboards for US water utilities on the public internet.

The post Misconfigured HMIs Expose US Water Systems to Anyone with a Browser appeared first on SecurityWeek.

SecurityWeek – ​Read More

Ross Ulbricht Got a $31 Million Donation From a Dark Web Dealer, Crypto Tracers Suspect

/in

Crypto-tracing firm Chainalysis says the mysterious 300-bitcoin donation to the pardoned Silk Road creator appears to have come from someone associated with a different defunct black market: AlphaBay.

Security Latest – ​Read More

Backdoored Malware Reels in Newbie Cybercriminals

/in

Sophos researchers found this operation has similarities or connections to many other campaigns targeting GitHub repositories dating back to August 2022.

darkreading – ​Read More

Unsecured Database Exposes Data of 3.6 Million Passion.io Creators

/in

A massive data leak has put the personal information of over 3.6 million app creators, influencers, and entrepreneurs…

Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – ​Read More

Iran-linked hackers target Kurdish and Iraqi officials in long-running cyberespionage campaign

/in

The group has been operating since at least 2017, initially breaching systems belonging to the Kurdistan Regional Government and have expanded their reach to the Central Government of Iraq as well as a telecommunications provider in Uzbekistan.

The Record from Recorded Future News – ​Read More

Popular Chrome Extensions Leak API Keys, User Data via HTTP and Hardcoded Credentials

/in

Cybersecurity researchers have flagged several popular Google Chrome extensions that have been found to transmit data in HTTP and hard-code secrets in their code, exposing users to privacy and security risks.

“Several widely used extensions […] unintentionally transmit sensitive data over simple HTTP,” Yuanjing Guo, a security researcher in the Symantec’s Security Technology and Response

The Hacker News – ​Read More