Is There Value in Being a Certified Ethical Hacker? Research Says Yes
A new report provides a comprehensive look at the value of Certified Ethical Hacker (CEH) credentials.
Microsoft Boosts .NET Bounty Program Rewards to $40,000
Valid, complete reports detailing remote code execution or elevation of privilege bugs in .NET qualify for the maximum rewards. The post Microsoft Boosts .NET Bounty Program Rewards to $40,000 appeared first on SecurityWeek.
Russian Cyberspies Target Foreign Embassies in Moscow via AitM Attacks: Microsoft
Russian state-sponsored APT Secret Blizzard has used ISP-level AitM attacks to infect diplomatic devices with malware. The post Russian Cyberspies Target Foreign Embassies in Moscow via AitM Attacks: Microsoft appeared first on SecurityWeek.
AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown
Cybersecurity researchers have flagged a malicious npm package that was generated using artificial intelligence (AI) and concealed a cryptocurrency wallet drainer. The package, @kodane/patch-manager, claims to offer “advanced license validation and registry optimization utilities for high-performance Node.js applications.” It was uploaded to npm by a user named “Kodane” on JulyRead More »AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown
Spying on People Through Airportr Luggage Delivery Service
Airportr is a service that allows passengers to have their luggage picked up, checked, and delivered to their destinations. As you might expect, it’s used by wealthy or important people. So if the company’s website is insecure, you’d be able to spy on lots of wealthy or important people. AndRead More »Spying on People Through Airportr Luggage Delivery Service
You Are What You Eat: Why Your AI Security Tools Are Only as Strong as the Data You Feed Them
Just as triathletes know that peak performance requires more than expensive gear, cybersecurity teams are discovering that AI success depends less on the tools they deploy and more on the data that powers them The junk food problem in cybersecurity Imagine a triathlete who spares no expense on equipment—carbon fiberRead More »You Are What You Eat: Why Your AI Security Tools Are Only as Strong as the Data You Feed Them
Cyber Risk Management Firm Safe Raises $70 Million
Safe has raised $70 million in Series C funding to advance cyber risk management through specialized AI agents. The post Cyber Risk Management Firm Safe Raises $70 Million appeared first on SecurityWeek.
Echo Raises $15M in Seed Funding for Vulnerability-Free Container Images
Echo received funding for creating thousands of container images that are not affected by any CVE, for enterprise-grade software infrastructure. The post Echo Raises $15M in Seed Funding for Vulnerability-Free Container Images appeared first on SecurityWeek.
Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacks
The threat actor linked to the exploitation of the recently disclosed security flaws in Microsoft SharePoint Server is using a bespoke command-and-control (C2) framework called AK47 C2 (also spelled ak47c2) in its operations. The framework includes at least two different types of clients, HTTP-based and Domain Name System (DNS)-based, whichRead More »Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacks
Bill Aims to Create National Strategy for Quantum Cybersecurity Migration
Two US senators introduced a bipartisan bill to help prepare federal government agencies for quantum computing threats. The post Bill Aims to Create National Strategy for Quantum Cybersecurity Migration appeared first on SecurityWeek.