The flaws allow attackers to execute arbitrary code remotely and elevate their privileges to root on an affected system. The post Cisco Patches Critical Vulnerabilities in Contact Center Appliance appeared first on SecurityWeek.
The threat actor stole the firewall configuration files of all SonicWall customers who used the cloud backup service. The post State-Sponsored Hackers Stole SonicWall Cloud Backups in Recent Attack appeared first on SecurityWeek.
The threat actor known as Curly COMrades has been observed exploiting virtualization technologies as a way to bypass security solutions and execute custom malware. According to a new report from Bitdefender, the adversary is said to have enabled the Hyper-V role on selected victim systems to deploy a minimalistic, AlpineRead More »Hackers Weaponize Windows Hyper-V to Hide Linux VM and Evade EDR Detection
SonicWall has formally implicated state-sponsored threat actors as behind the September security breach that led to the unauthorized exposure of firewall configuration backup files. “The malicious activity – carried out by a state-sponsored threat actor – was isolated to the unauthorized access of cloud backup files from a specific cloudRead More »SonicWall Confirms State-Sponsored Hackers Behind September Cloud Backup Breach
For the past week, domains associated with the massive Aisuru botnet have repeatedly usurped Amazon, Apple, Google and Microsoft in Cloudflare’s public ranking of the most frequently requested websites. Cloudflare responded by redacting Aisuru domain names from their top websites list. The chief executive at Cloudflare says Aisuru’s overlords areRead More »Cloudflare Scrubs Aisuru Botnet from Top Domains List
Google on Wednesday said it discovered an unknown threat actor using an experimental Visual Basic Script (VB Script) malware dubbed PROMPTFLUX that interacts with its Gemini artificial intelligence (AI) model API to write its own source code for improved obfuscation and evasion. “PROMPTFLUX is written in VBScript and interacts withRead More »Google Uncovers PROMPTFLUX Malware That Uses Gemini AI to Rewrite Its Code Hourly
Google has released a report describing the novel ways in which malware has been using AI to adapt and evade detection. The post Malware Now Uses AI During Execution to Mutate and Collect Data, Google Warns appeared first on SecurityWeek.
Get practical strategies to help minimize your risk exposure, including the need for identity threat detection and mitigation. The post Webinar Today: Scattered Spider Exposed – Critical Takeaways for Cyber Defenders appeared first on SecurityWeek.
Cybersecurity researchers have disclosed a new set of vulnerabilities impacting OpenAI’s ChatGPT artificial intelligence (AI) chatbot that could be exploited by an attacker to steal personal information from users’ memories and chat histories without their knowledge. The seven vulnerabilities and attack techniques, according to Tenable, were found in OpenAI’s GPT-4oRead More »Researchers Find ChatGPT Vulnerabilities That Let Attackers Trick AI Into Leaking Data
The company plans to advance its identity exposure management capabilities and pursue M&A opportunities. The post Flare Raises $30 Million for Threat Exposure Management Platform appeared first on SecurityWeek.
