Attacker Targets Hadoop YARN, Flint Servers in Stealthy Campaign

The adversary is exploiting two known misconfigurations in the big data technologies to drop a Monero cryptominer.

darkreading – ​Read More

CES 2024: Will the Coolest New AI Gadgets Protect Your Privacy?

Consumer electronics manufacturers are innovating fast. Regulators are slow to keep up. Data privacy is in the balance.

darkreading – ​Read More

Mandiant’s X Account Was Hacked Using Brute-Force Attack

The compromise of Mandiant’s X (formerly Twitter) account last week was likely the result of a “brute-force password attack,” attributing the hack to a drainer-as-a-service (DaaS) group.
“Normally, [two-factor authentication] would have mitigated this, but due to some team transitions and a change in X’s 2FA policy, we were not adequately protected,” the threat intelligence firm said 

The Hacker News – ​Read More

Chinese Hackers Exploit Zero-Day Flaws in Ivanti Connect Secure and Policy Secure

A pair of zero-day flaws identified in Ivanti Connect Secure (ICS) and Policy Secure have been chained by suspected China-linked nation-state actors to breach less than 10 customers.
Cybersecurity firm Volexity, which identified the activity on the network of one of its customers in the second week of December 2023, attributed it to a hacking group it tracks under the name UTA0178

The Hacker News – ​Read More

Mullvad VPN Review (2023): Features, Pricing, Security & Speed

While its small server suite may be a dealbreaker, Mullvad VPN’s strong focus on privacy sets it apart from other VPNs on the market. Read more below.

Security | TechRepublic – ​Read More

Job hunter’s guide to the top cybersecurity companies hiring in 2024

There’s a growing disconnect between the reality of finding a new job in cybersecurity and the double-digit growth rates that typify cybersecurity job forecasts that predict a hiring crisis.Read More

Security News | VentureBeat – ​Read More

Bitcoin Prices Spike After SEC X Account Hack

A fraudulent post was taken down in less than 20 minutes, but that didn’t stop it from gaining over 1 million views in that short period of time.

darkreading – ​Read More

ExtraHop Banks $100M in Growth Funding, Adds New Execs

Seattle network detection and response firm secures $100 million in growth funding and adds to its executive team.

The post ExtraHop Banks $100M in Growth Funding, Adds New Execs appeared first on SecurityWeek.

SecurityWeek – ​Read More

Adapting Security to Protect AI/ML Systems

AI/ML libraries create much larger attack surfaces, and traditional IT security lacks several key capabilities for protecting them.

darkreading – ​Read More

DDoS Attack Traffic Surged in 2023, Cloudflare Finds

Distributed denial of service (DDoS) attacks reached an all-time high in 2023, with a significant increase in the number and intensity of attacks, driven by the exploitation of vulnerabilities like the HTTP/2 Rapid Reset.

Cyware News – Latest Cyber News – ​Read More