AI systems trained to excel at tasks can learn to lie and deceive in order to gain an advantage, posing serious risks to society such as fraud, election tampering, and even the potential loss of human control over AI.
Cyware News – Latest Cyber News – Read More
The NIST issued new guidelines to help federal agencies and their private sector contractors better protect sensitive unclassified information, known as Controlled Unclassified Information (CUI), from cyber threats, particularly supply chain risks.
Cyware News – Latest Cyber News – Read More
Ubuntu 24.04 LTS has addressed several security vulnerabilities, including issues in less, Glibc, Curl, GnuTLS, libvirt, and Pillow, which could potentially lead to denial of service or arbitrary code execution.
Cyware News – Latest Cyber News – Read More
CISOs are now considered part of the organizational executive leadership and have both the responsibility and the opportunity to drive not just security but business success.
darkreading – Read More
Here’s How to Enhance Your Cyber Resilience with CVSS
In late 2023, the Common Vulnerability Scoring System (CVSS) v4.0 was unveiled, succeeding the eight-year-old CVSS v3.0, with the aim to enhance vulnerability assessment for both industry and the public. This latest version introduces additional metrics like safety and automation to address criticism of lacking granularity
The Hacker News – Read More
An unnamed European Ministry of Foreign Affairs (MFA) and its three diplomatic missions in the Middle East were targeted by two previously undocumented backdoors tracked as LunarWeb and LunarMail.
ESET, which identified the activity, attributed it with medium confidence to the Russia-aligned cyberespionage group Turla (aka Iron Hunter, Pensive Ursa, Secret Blizzard, Snake, Uroburos, and Venomous
The Hacker News – Read More
The Spanish bank Santander said customers in Chile, Spain and Uruguay are affected by a data breach at a third-party provider.
The post Santander Data Breach Impacts Customers, Employees appeared first on SecurityWeek.
SecurityWeek – Read More
The Avast Q1 2024 Threat Report highlighted a massive surge in social engineering scams, with a staggering 90% of all mobile and 87% of desktop threats falling into this category.
Cyware News – Latest Cyber News – Read More
Apple patched a zero-day vulnerability (CVE-2024-27834) in Safari that was exploited at the Pwn2Own hacking competition. The vulnerability allowed an attacker to bypass Pointer Authentication Codes (PACs) and potentially execute remote code.
Cyware News – Latest Cyber News – Read More
The Ebury Linux botnet has ensnared over 400,000 Linux systems in 15 years, with roughly 100,000 still infected.
The post 400,000 Linux Servers Hit by Ebury Botnet appeared first on SecurityWeek.
SecurityWeek – Read More