Microsoft on Thursday revealed that it's delaying the rollout of the controversial artificial intelligence (AI)-powered Recall feature for Copilot+ PCs.
To that end, the company said it intends to shift from general availability preview available first in the Windows Insider Program (WIP) in the coming weeks.
"We are adjusting the release model for Recall to leverage the expertise of the WindowsView the full article
The security risks posed by the Pickle format have once again come to the ***** with the discovery of a new "hybrid machine learning (ML) model exploitation technique" dubbed Sleepy Pickle.
The ******* method, per Trail of Bits, weaponizes the ubiquitous format used to package and distribute machine learning (ML) models to corrupt the model itself, posing a severe supply chain risk to anView the full article
The threat actor known as Arid Viper has been attributed to a mobile espionage campaign that leverages trojanized Android apps to deliver a spyware strain dubbed AridSpy.
"The malware is distributed through dedicated websites impersonating various messaging apps, a job opportunity app, and a ************ Civil Registry app," ESET researcher Lukáš Štefanko said in a report published today. "OftenView the full article
Recent supply chain cyber-attacks are prompting cyber security regulations in the financial sector to tighten compliance requirements, and other industries are expected to follow. Many companies still don’t have efficient methods to manage related time-sensitive SaaS security and compliance tasks. Free SaaS risk assessment tools are an easy and practical way to bring visibility and initialView the full article
Threat actors with ties to Pakistan have been linked to a long-running malware campaign dubbed Operation Celestial Force since at least 2018.
The activity, still ongoing, entails the use of an Android malware called GravityRAT and a Windows-based malware loader codenamed HeavyLift, according to Cisco Talos, which are administered using another standalone tool referred to as GravityAdmin.
TheView the full article
The nascent malware known as SSLoad is being delivered by means of a previously undocumented loader called PhantomLoader, according to findings from cybersecurity firm Intezer.
"The loader is added to a legitimate DLL, usually EDR or AV products, by binary patching the file and employing self-modifying techniques to evade detection," security researchers Nicole Fishbein and Ryan Robinson said inView the full article
The Cyber Police of Ukraine has announced the arrest of a local man who is suspected to have offered their services to LockBit and Conti ransomware groups.
The unnamed 28-year-old native of the Kharkiv region allegedly specialized in the development of crypters to encrypt and obfuscate malicious payloads in order to evade detection by security programs.
The product is believed to have beenView the full article
Google has warned that a security flaw impacting Pixel Firmware has been exploited in the wild as a zero-day.
The high-severity vulnerability, tagged as CVE-2024-32896, has been described as an elevation of privilege issue in Pixel Firmware.
The company did not share any additional details related to the nature of attacks exploiting it, but noted "there are indications that CVE-2024-32896 may beView the full article
A previously undocumented cross-platform malware codenamed Noodle RAT has been put to use by ********-speaking threat actors either for espionage or cybercrime for years.
While this ********* was previously categorized as a variant of Gh0st RAT and Rekoobe, Trend Micro security researcher Hara Hiroaki said "this ********* is not merely a variant of existing malware, but is a new type altogether."View the full article
Cybersecurity researchers have warned of an ongoing cryptojacking campaign targeting misconfigured Kubernetes clusters to mine Dero cryptocurrency.
Cloud security firm Wiz, which shed light on the activity, said it's an updated variant of a financially motivated operation that was first documented by CrowdStrike in March 2023.
"In this incident, the threat actor abused anonymous access to anView the full article
Last week, the notorious hacker gang, ShinyHunters, sent shockwaves across the globe by allegedly plundering 1.3 terabytes of data from 560 million Ticketmaster users. This colossal breach, with a price tag of $500,000, could expose the personal information of a massive swath of the live event company's clientele, igniting a firestorm of concern and outrage.
A massive data breach
Let’sView the full article
Threat actors linked to the ****** Basta ransomware may have exploited a recently disclosed privilege escalation flaw in the Microsoft Windows Error Reporting Service as zero-day, according to new findings from Symantec.
The security flaw in question is CVE-2024-26169 (CVSS score: 7.8), an elevation of privilege bug in the Windows Error Reporting Service that could be exploited to achieve SYSTEMView the full article
Cybersecurity researchers have disclosed details of an ongoing phishing campaign that leverages recruiting- and job-themed lures to deliver a Windows-based ********* named WARMCOOKIE.
"WARMCOOKIE appears to be an initial ********* tool used to scout out victim networks and deploy additional payloads," Elastic Security Labs researcher Daniel Stepanic said in a new analysis. "Each sample is compiledView the full article
State-sponsored threat actors backed by China gained access to 20,000 Fortinet FortiGate systems worldwide by exploiting a known critical security flaw between 2022 and 2023, indicating that the operation had a broader impact than previously known.
"The state actor behind this campaign was already aware of this vulnerability in FortiGate systems at least two months before Fortinet disclosed theView the full article
Microsoft has released security updates to address 51 flaws as part of its Patch Tuesday updates for June 2024.
Of the 51 vulnerabilities, one is rated Critical and 50 are rated Important. This is in addition to 17 vulnerabilities resolved in the Chromium-based Edge browser over the past month.
None of the security flaws have been actively exploited in the wild, with one of them listed asView the full article
Managed service providers (MSPs) are on the front lines of soaring demand for cybersecurity services as cyberattacks increase in volume and sophistication. Cynet has emerged as the security vendor of choice for MSPs to capitalize on existing relationships with SMB clients and profitably expand their client base. By unifying a full suite of cybersecurity capabilities in a simple, cost-effectiveView the full article
Cybersecurity researchers have shed more light on a ******** actor codenamed SecShow that has been observed conducting Domain Name System (DNS) on a global scale since at least June 2023.
The adversary, according to Infoblox security researchers Dr. Renée Burton and Dave Mitchell, operates from the China Education and Research Network (CERNET), a project funded by the ******** government.
"TheseView the full article
One of the most effective ways for information technology (IT) professionals to uncover a company’s weaknesses before the bad guys do is ************ testing. By simulating real-world cyberattacks, ************ testing, sometimes called pentests, provides invaluable insights into an organization’s security posture, revealing weaknesses that could potentially lead to data breaches or other securityView the full article
Apple has announced the launch of a "groundbreaking cloud intelligence system" called Private Cloud Compute (PCC) that's designed for processing artificial intelligence (AI) tasks in a privacy-preserving manner in the cloud.
The tech giant described PCC as the "most advanced security architecture ever deployed for cloud AI compute at scale."
PCC coincides with the arrival of new generative AI (View the full article
Cybersecurity researchers have uncovered an updated version of malware called ValleyRAT that's being distributed as part of a new campaign.
"In the latest version, ValleyRAT introduced new commands, such as capturing screenshots, process filtering, forced shutdown, and clearing Windows event logs," Zscaler ThreatLabz researchers Muhammed Irfan V A and Manisha Ramcharan Prajapati said.
ValleyRATView the full article
As many as 165 customers of Snowflake are said to have had their information potentially exposed as part of an ongoing campaign designed to facilitate data theft and extortion, indicating the operation has broader implications than previously thought.
Google-owned Mandiant, which is assisting the cloud data warehousing platform in its incident response efforts, is tracking theView the full article
Arm is warning of a security vulnerability impacting Mali GPU Kernel Driver that it said has been actively exploited in the wild.
Tracked as CVE-2024-4610, the use-after-free issue impacts the following products -
Bifrost GPU Kernel Driver (all versions from r34p0 to r40p0)
Valhall GPU Kernel Driver (all versions from r34p0 to r40p0)
"A local non-privileged user can make improper GPU memoryView the full article
Cybersecurity researchers have spotted a phishing ******* distributing the More_eggs malware by masquerading it as a resume, a technique originally detected more than two years ago.
The *******, which was unsuccessful, targeted an unnamed company in the industrial services industry in May 2024, ********* cybersecurity firm eSentire disclosed last week.
"Specifically, the targeted individual was aView the full article
Staying Sharp: Cybersecurity CPEs Explained
Perhaps even more so than in other professional domains, cybersecurity professionals constantly face new threats. To ensure you stay on top of your game, many certification programs require earning Continuing Professional Education (CPE) credits. CPEs are essentially units of measurement used to quantify the time and effort professionals spend onView the full article
Microsoft is warning about the potential ****** of Azure Service Tags by malicious actors to forge requests from a trusted service and get around firewall rules, thereby allowing them to gain unauthorized access to cloud resources.
"This case does highlight an inherent risk in using service tags as a single mechanism for vetting incoming network traffic," the Microsoft Security Response Center (View the full article
Privacy Notice: We utilize cookies to optimize your browsing experience and analyze website traffic. By consenting, you acknowledge and agree to our Cookie Policy, ensuring your privacy preferences are respected.
