https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-11 12:07:532024-06-11 12:07:53Dangerous Liaisons: The Interaction Between Threat Actors and High-Risk Devices
Apple has announced the launch of a “groundbreaking cloud intelligence system” called Private Cloud Compute (PCC) that’s designed for processing artificial intelligence (AI) tasks in a privacy-preserving manner in the cloud.
The tech giant described PCC as the “most advanced security architecture ever deployed for cloud AI compute at scale.”
PCC coincides with the arrival of new generative AI (
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-11 11:08:342024-06-11 11:08:34Apple Integrates OpenAI’s ChatGPT into Siri for iOS, iPadOS, and macOS
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-11 10:09:022024-06-11 10:09:02Xona Raises $18 Million for OT Remote Access Platform
Cybersecurity researchers have uncovered an updated version of malware called ValleyRAT that’s being distributed as part of a new campaign.
“In the latest version, ValleyRAT introduced new commands, such as capturing screenshots, process filtering, forced shutdown, and clearing Windows event logs,” Zscaler ThreatLabz researchers Muhammed Irfan V A and Manisha Ramcharan Prajapati said.
ValleyRAT
As many as 165 customers of Snowflake are said to have had their information potentially exposed as part of an ongoing campaign designed to facilitate data theft and extortion, indicating the operation has broader implications than previously thought.
Google-owned Mandiant, which is assisting the cloud data warehousing platform in its incident response efforts, is tracking the
Arm is warning of a security vulnerability impacting Mali GPU Kernel Driver that it said has been actively exploited in the wild.
Tracked as CVE-2024-4610, the use-after-free issue impacts the following products –
Bifrost GPU Kernel Driver (all versions from r34p0 to r40p0)
Valhall GPU Kernel Driver (all versions from r34p0 to r40p0)
“A local non-privileged user can make improper GPU memory
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-11 08:08:142024-06-11 08:08:14Arm Warns of Actively Exploited Zero-Day Vulnerability in Mali GPU Drivers
These issues highlight the need for a new approach to privacy in cloud AI, one that goes beyond simple trust and provides users with robust, verifiable privacy guarantees.Read More
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-06-11 02:07:332024-06-11 02:07:33Apple’s PCC an ambitious attempt at AI privacy revolution
A threat actor has accessed data belonging to at least 165 organizations using valid credentials to their Snowflake accounts, thanks to no MFA and poor password hygiene.
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
SAP Patches High-Severity Vulnerabilities in Financial Consolidation, NetWeaver
/in General NewsSAP has released 10 new security notes on June 2024 Security Patch Day, including two addressing high-severity vulnerabilities.
The post SAP Patches High-Severity Vulnerabilities in Financial Consolidation, NetWeaver appeared first on SecurityWeek.
SecurityWeek – Read More
Dangerous Liaisons: The Interaction Between Threat Actors and High-Risk Devices
/in General NewsForescout’s 2024 analysis of the riskiest devices highlights vulnerabilities and threat actor interactions across IT, IoT, OT, and IoMT.
The post Dangerous Liaisons: The Interaction Between Threat Actors and High-Risk Devices appeared first on SecurityWeek.
SecurityWeek – Read More
Apple Integrates OpenAI’s ChatGPT into Siri for iOS, iPadOS, and macOS
/in General NewsApple has announced the launch of a “groundbreaking cloud intelligence system” called Private Cloud Compute (PCC) that’s designed for processing artificial intelligence (AI) tasks in a privacy-preserving manner in the cloud.
The tech giant described PCC as the “most advanced security architecture ever deployed for cloud AI compute at scale.”
PCC coincides with the arrival of new generative AI (
The Hacker News – Read More
Xona Raises $18 Million for OT Remote Access Platform
/in General NewsOT zero trust user access platform provider Xona has raised $18 million, which brings its total investment to $32 million.
The post Xona Raises $18 Million for OT Remote Access Platform appeared first on SecurityWeek.
SecurityWeek – Read More
Arm Warns of Exploited Kernel Driver Vulnerability
/in General NewsArm warns that CVE-2024-4610, a Mali GPU kernel driver vulnerability addressed two years ago, is exploited in attacks.
The post Arm Warns of Exploited Kernel Driver Vulnerability appeared first on SecurityWeek.
SecurityWeek – Read More
China-Linked ValleyRAT Malware Resurfaces with Advanced Data Theft Tactics
/in General NewsCybersecurity researchers have uncovered an updated version of malware called ValleyRAT that’s being distributed as part of a new campaign.
“In the latest version, ValleyRAT introduced new commands, such as capturing screenshots, process filtering, forced shutdown, and clearing Windows event logs,” Zscaler ThreatLabz researchers Muhammed Irfan V A and Manisha Ramcharan Prajapati said.
ValleyRAT
The Hacker News – Read More
Snowflake Breach Exposes 165 Customers’ Data in Ongoing Extortion Campaign
/in General NewsAs many as 165 customers of Snowflake are said to have had their information potentially exposed as part of an ongoing campaign designed to facilitate data theft and extortion, indicating the operation has broader implications than previously thought.
Google-owned Mandiant, which is assisting the cloud data warehousing platform in its incident response efforts, is tracking the
The Hacker News – Read More
Arm Warns of Actively Exploited Zero-Day Vulnerability in Mali GPU Drivers
/in General NewsArm is warning of a security vulnerability impacting Mali GPU Kernel Driver that it said has been actively exploited in the wild.
Tracked as CVE-2024-4610, the use-after-free issue impacts the following products –
Bifrost GPU Kernel Driver (all versions from r34p0 to r40p0)
Valhall GPU Kernel Driver (all versions from r34p0 to r40p0)
“A local non-privileged user can make improper GPU memory
The Hacker News – Read More
Apple’s PCC an ambitious attempt at AI privacy revolution
/in General NewsThese issues highlight the need for a new approach to privacy in cloud AI, one that goes beyond simple trust and provides users with robust, verifiable privacy guarantees.Read More
Security News | VentureBeat – Read More
Snowflake Cloud Accounts Felled by Rampant Credential Issues
/in General NewsA threat actor has accessed data belonging to at least 165 organizations using valid credentials to their Snowflake accounts, thanks to no MFA and poor password hygiene.
darkreading – Read More