Security News > 2023 > December
The Chinese-speaking threat actors behind Smishing Triad have been observed masquerading as the United Arab Emirates Federal Authority for Identity and Citizenship to send malicious SMS messages...
A six-month-long international police operation codenamed HAECHI-IV has resulted in the arrests of nearly 3,500 individuals and seizures worth $300 million across 34 countries. The exercise, which...
This isn't one to panic over, because someone will need to man-in-the-middle your vulnerable connection rather than directly attack your server; it's a downgrade attack primarily rather than a decryption or command injection issue; and there are ways to immediate protect yourself from Terrapin attacks. There are three issues to be aware of: CVE-2023-48795, which is the generic exploitable protocol-level SSH vulnerability; and CVE-2023-46445 and CVE-2023-46446 specific to the Python SSH client AsyncSSH, which has an estimated 60,000 daily downloads.
A new Go-based information stealer malware called JaskaGO has emerged as the latest cross-platform threat to infiltrate both Windows and Apple macOS systems. AT&T Alien Labs, which made the...
Security teams then use more AI in response to the AI-driven threats, and threat actors augment their AI to keep up, and the cycle continues. There are trust issues with AI security solutions, and the data models used to develop AI-powered security products appear to be perennially at risk.
ImmuniWeb AI Platform has received numerous prestigious awards and industry recognitions for intelligent automation and acceleration of application security testing, which delivers better quality of testing and faster results for a more competitive price. Despite the spiraling hype over AI, triggered by the launch of ChatGPT and its now-mushrooming competitors, the current state of Machine Learning and AI does not allow security vendors to fully replace human intelligence and entirely automate penetration testing without loss of quality or reliability of testing.
In this Help Net Security video, Jay Yaneza, Cybersecurity Architect at VicOne, discusses how, in the first half of the year, cyberattacks on the automotive sector caused losses exceeding $11 billion. These attacks mainly targeted automotive suppliers, not OEMs, showing an increasing trend in supply chain vulnerabilities.
As concerns for data privacy with AI grow, companies will form their own policies while waiting for government entities to enact regulatory legislation. 88% of data leaders believe that data security will become an even higher priority in the next 12 months, ahead of AI. AI is transforming financial crime compliance.
Subdominator is a dependable and fast open-source command-line interface tool to identify subdomain takeovers. It boasts superior accuracy and reliability, offering improvements compared to other tools.
Interpol on Tuesday revealed the results of what it's dubbed Operation HAECHI IV - a six-month effort that saw 34 nations cooperate, with funding from South Korea. The majority - about three quarters - of the crime investigated by the op was business email compromise, e-commerce fraud, and investment fraud.