As many as 165 customers of Snowflake are said to have had their information potentially exposed as part of an ongoing campaign designed to facilitate data theft and extortion, indicating the operation has broader implications than previously thought.
Google-owned Mandiant, which is assisting the cloud data warehousing platform in its incident response efforts, is tracking the
Arm is warning of a security vulnerability impacting Mali GPU Kernel Driver that it said has been actively exploited in the wild.
Tracked as CVE-2024-4610, the use-after-free issue impacts the following products –
Bifrost GPU Kernel Driver (all versions from r34p0 to r40p0)
Valhall GPU Kernel Driver (all versions from r34p0 to r40p0)
“A local non-privileged user can make improper GPU memory
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-11 08:08:142024-06-11 08:08:14Arm Warns of Actively Exploited Zero-Day Vulnerability in Mali GPU Drivers
These issues highlight the need for a new approach to privacy in cloud AI, one that goes beyond simple trust and provides users with robust, verifiable privacy guarantees.Read More
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-11 02:07:332024-06-11 02:07:33Apple’s PCC an ambitious attempt at AI privacy revolution
A threat actor has accessed data belonging to at least 165 organizations using valid credentials to their Snowflake accounts, thanks to no MFA and poor password hygiene.
VoIP gear, hypervisors, medical equipment, building automation, printers, and more pose broad risk to organizations, with many facing danger from a combo of IT, IoT, and OT all at once. This listicle breaks it down.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-10 22:09:222024-06-10 22:09:22A Look at the Riskiest Connected Devices of 2024
Elon Musk threatens to ban Apple devices at his companies over OpenAI integration, as cybersecurity experts warn of potential security risks in the tech giants’ AI arms race.Read More
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-10 22:09:212024-06-10 22:09:21Elon Musk threatens Apple ban over OpenAI integration, cybersecurity experts raise alarms
Apple’s new partnership with OpenAI brings advanced AI to iOS, but Microsoft’s strategic moves with OpenAI suggest a complex power struggle in the tech industry.Read More
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-10 21:08:062024-06-10 21:08:06Apple’s OpenAI partnership: A boost for Siri or a trojan horse for Microsoft?
Pseudonymous masking has made credit card transactions more secure, but Visa has even greater plans for tokenization: giving users control of their data.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-10 20:09:082024-06-10 20:09:08Tokenization Moves Beyond Payments to Personal Privacy
The tranche of data, lifted from underprotected GitHub repositories, reportedly includes source code, though the country’s paper of record has not yet confirmed the nature of the data accessed.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-10 20:09:082024-06-10 20:09:08New York Times Internal Data Nabbed From GitHub
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Snowflake Breach Exposes 165 Customers’ Data in Ongoing Extortion Campaign
/in General NewsAs many as 165 customers of Snowflake are said to have had their information potentially exposed as part of an ongoing campaign designed to facilitate data theft and extortion, indicating the operation has broader implications than previously thought.
Google-owned Mandiant, which is assisting the cloud data warehousing platform in its incident response efforts, is tracking the
The Hacker News – Read More
Arm Warns of Actively Exploited Zero-Day Vulnerability in Mali GPU Drivers
/in General NewsArm is warning of a security vulnerability impacting Mali GPU Kernel Driver that it said has been actively exploited in the wild.
Tracked as CVE-2024-4610, the use-after-free issue impacts the following products –
Bifrost GPU Kernel Driver (all versions from r34p0 to r40p0)
Valhall GPU Kernel Driver (all versions from r34p0 to r40p0)
“A local non-privileged user can make improper GPU memory
The Hacker News – Read More
Apple’s PCC an ambitious attempt at AI privacy revolution
/in General NewsThese issues highlight the need for a new approach to privacy in cloud AI, one that goes beyond simple trust and provides users with robust, verifiable privacy guarantees.Read More
Security News | VentureBeat – Read More
Snowflake Cloud Accounts Felled by Rampant Credential Issues
/in General NewsA threat actor has accessed data belonging to at least 165 organizations using valid credentials to their Snowflake accounts, thanks to no MFA and poor password hygiene.
darkreading – Read More
A Look at the Riskiest Connected Devices of 2024
/in General NewsVoIP gear, hypervisors, medical equipment, building automation, printers, and more pose broad risk to organizations, with many facing danger from a combo of IT, IoT, and OT all at once. This listicle breaks it down.
darkreading – Read More
Microsoft Modifies ‘Recall’ AI Feature Amid Privacy, Security Failings
/in General NewsIn response to recent public outcry, Recall is getting new security accouterments. Will that be enough to quell concerns?
darkreading – Read More
Elon Musk threatens Apple ban over OpenAI integration, cybersecurity experts raise alarms
/in General NewsElon Musk threatens to ban Apple devices at his companies over OpenAI integration, as cybersecurity experts warn of potential security risks in the tech giants’ AI arms race.Read More
Security News | VentureBeat – Read More
Apple’s OpenAI partnership: A boost for Siri or a trojan horse for Microsoft?
/in General NewsApple’s new partnership with OpenAI brings advanced AI to iOS, but Microsoft’s strategic moves with OpenAI suggest a complex power struggle in the tech industry.Read More
Security News | VentureBeat – Read More
Tokenization Moves Beyond Payments to Personal Privacy
/in General NewsPseudonymous masking has made credit card transactions more secure, but Visa has even greater plans for tokenization: giving users control of their data.
darkreading – Read More
New York Times Internal Data Nabbed From GitHub
/in General NewsThe tranche of data, lifted from underprotected GitHub repositories, reportedly includes source code, though the country’s paper of record has not yet confirmed the nature of the data accessed.
darkreading – Read More