THE Government Accountability Office (GAO) recently conducted a study on operational technology (OT) products and services provided by CISA and found that some teams were inadequately staffed. CISA is the…
Category: Cyber Security
“Magnet Goblin” exploits Ivanti’s one-day bug in just a few hours
While threat actors focused on Ivanti edge devices earlier this year, one of them moved faster than the others, deploying a one-day exploit the day after its public disclosure. Of…
AI models take off, leaving security behind
As companies rush to develop and test artificial intelligence and machine learning (AI/ML) models in their products and daily operations, model security is often an afterthought, leaving companies at risk…
A cyber attack targets regulators’ database in South Africa
Sensitive data on businesses and individuals in South Africa remains at risk following a recent cyber attack on the Companies and Intellectual Property Commission (CIPC). The CIPC, which manages the…
South Korean citizen detained in Russia on charges of cyber espionage
March 12, 2024PressroomEspionage/cyber threat Russia has arrested a South Korean citizen for the first time on charges of cyber espionage and transferred him from Vladivostok to Moscow for further investigation.…
How to Identify a Cyber Adversary: Standards of Evidence
COMMENT Part one of a two-part article. In cybersecurity, attribution refers to identifying an adversary (not just the person) likely responsible for malicious activity. It typically results from the collection…
These PyPI Python packages can drain your crypto wallets dry
March 12, 2024News about hackersCryptocurrency/Cybercrime Threat hunters have discovered a set of seven packages in the Python Package Index (PyPI) repository designed to steal BIP39 mnemonic phrases used to recover…
CTEM 101 – Go beyond vulnerability management with continuous threat exposure management
March 12, 2024News about hackersCTEM/Vulnerability Management In a world of ever-expanding jargon, adding another FLA (four-letter acronym) to your glossary might seem like the last thing you want to do.…
Google’s Gemini AI is vulnerable to content manipulation
For all its guardrails and security protocols, Google’s Gemini Large Language Model (LLM) is as susceptible as its counterparts to attacks that could cause it to generate malicious content, disclose…
A malware campaign uses the WordPress pop-up plugin to infect over 3,900 sites
March 12, 2024PressroomWordPress/Website Security A new malware campaign is exploiting a high-severity security flaw in the Popup Builder plugin for WordPress to inject malicious JavaScript code. According to Sucuri, the…