China-Linked ValleyRAT Malware Resurfaces with Advanced Data Theft Tactics

/in

Cybersecurity researchers have uncovered an updated version of malware called ValleyRAT that’s being distributed as part of a new campaign.
“In the latest version, ValleyRAT introduced new commands, such as capturing screenshots, process filtering, forced shutdown, and clearing Windows event logs,” Zscaler ThreatLabz researchers Muhammed Irfan V A and Manisha Ramcharan Prajapati said.
ValleyRAT

The Hacker News – ​Read More

Snowflake Breach Exposes 165 Customers’ Data in Ongoing Extortion Campaign

/in

As many as 165 customers of Snowflake are said to have had their information potentially exposed as part of an ongoing campaign designed to facilitate data theft and extortion, indicating the operation has broader implications than previously thought.
Google-owned Mandiant, which is assisting the cloud data warehousing platform in its incident response efforts, is tracking the

The Hacker News – ​Read More

Arm Warns of Actively Exploited Zero-Day Vulnerability in Mali GPU Drivers

/in

Arm is warning of a security vulnerability impacting Mali GPU Kernel Driver that it said has been actively exploited in the wild.
Tracked as CVE-2024-4610, the use-after-free issue impacts the following products –

Bifrost GPU Kernel Driver (all versions from r34p0 to r40p0)
Valhall GPU Kernel Driver (all versions from r34p0 to r40p0)

“A local non-privileged user can make improper GPU memory

The Hacker News – ​Read More

Apple’s PCC an ambitious attempt at AI privacy revolution

/in

These issues highlight the need for a new approach to privacy in cloud AI, one that goes beyond simple trust and provides users with robust, verifiable privacy guarantees.Read More

Security News | VentureBeat – ​Read More

Snowflake Cloud Accounts Felled by Rampant Credential Issues

/in

A threat actor has accessed data belonging to at least 165 organizations using valid credentials to their Snowflake accounts, thanks to no MFA and poor password hygiene.

darkreading – ​Read More

A Look at the Riskiest Connected Devices of 2024

/in

VoIP gear, hypervisors, medical equipment, building automation, printers, and more pose broad risk to organizations, with many facing danger from a combo of IT, IoT, and OT all at once. This listicle breaks it down.

darkreading – ​Read More

Microsoft Modifies ‘Recall’ AI Feature Amid Privacy, Security Failings

/in

In response to recent public outcry, Recall is getting new security accouterments. Will that be enough to quell concerns?

darkreading – ​Read More

Elon Musk threatens Apple ban over OpenAI integration, cybersecurity experts raise alarms

/in

Elon Musk threatens to ban Apple devices at his companies over OpenAI integration, as cybersecurity experts warn of potential security risks in the tech giants’ AI arms race.Read More

Security News | VentureBeat – ​Read More

Apple’s OpenAI partnership: A boost for Siri or a trojan horse for Microsoft?

/in

Apple’s new partnership with OpenAI brings advanced AI to iOS, but Microsoft’s strategic moves with OpenAI suggest a complex power struggle in the tech industry.Read More

Security News | VentureBeat – ​Read More

Tokenization Moves Beyond Payments to Personal Privacy

/in

Pseudonymous masking has made credit card transactions more secure, but Visa has even greater plans for tokenization: giving users control of their data.

darkreading – ​Read More