Open source repositories are critical to running and writing modern applications, but be careful: carelessness could detonate landmines and inject backdoors and vulnerabilities into software infrastructures. IT departments and project…
Category: Cyber Security
Creating safety through randomness
When you walk into Cloudflare’s San Francisco office, the first thing you notice is a wall of lava lamps. Visitors often stop to take selfies, but the peculiar installation is…
Microsoft confirms that Russian hackers stole source code and some customer secrets
09 March 2024PressroomCyber attack/threat intelligence Microsoft on Friday revealed that the Kremlin-backed threat actor known as Midnight storm (also known as APT29 or Cozy Bear) managed to access some of…
South Korean police use deepfake detection tool ahead of election
Amid the sharp rise in politically motivated deepfakes, South Korea’s National Police Agency (KNPA) has developed and implemented a tool to detect AI-generated content for use in potential criminal investigations.…
Broke Cyber professionals flock to the cybercrime side
Cyber security professionals find it more interesting to take their talents to the Dark Web and earn money working on the offensive side of cybercrime. This puts businesses in a…
A Google engineer steals AI trade secrets for Chinese companies
The US Department of Justice has accused a former Google software engineer of stealing AI-related trade secrets from the company, with the aim of using them in two AI-related companies…
Atlassian Confluence exploits drop Web Shell in memory
New proof-of-concept (PoC) exploits are circulating for a widely targeted flaw in Atlassian Confluence Data Center and Confluence Server. New attack vectors could allow an attacker to stealthily execute arbitrary…
CISA warns of actively exploited JetBrains TeamCity vulnerability
08 March 2024PressroomVulnerabilities/Threat Intelligence The US Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting JetBrains TeamCity On-Premises software to its catalog of known exploited…
Russian-sponsored cyber attackers infiltrate Microsoft’s code base
The Russian state-sponsored Advanced Persistent Threat (APT) group known as Midnight Blizzard stole Microsoft’s source code after accessing internal repositories and systems, as part of an ongoing series of attacks…
QEMU emulator exploited as a tunneling tool to breach the corporate network
08 March 2024PressroomEndpoint Security/Network Security Threat actors have been observed leveraging the open source hardware emulator QEMU as tunneling software during a cyberattack against an unnamed “large enterprise” to connect…