Security News > 2023 > December
The malware loader known as PikaBot is being distributed as part of a malvertising campaign targeting users searching for legitimate software like AnyDesk. "PikaBot was previously only distributed...
Mortgage company Mr. Cooper has confirmed that personal information of over 14.6 million customers has been exposed in its October 2023 data breach. "On October 31, 2023, Mr. Cooper detected suspicious activity in certain network systems," the company stated in the data breach notice sent out to affected customers.
Security researchers have discovered a vulnerability in the SSH cryptographic network protocol that could allow an attacker to downgrade the connection's security by truncating the extension negotiation message. Terrapin is a prefix truncation attack targeting the SSH protocol.
Multiple sources are confirming the resurgence of Qakbot malware mere months after the FBI and other law enforcement agencies shuttered the Windows botnet. Microsoft Threat Intelligence reckons a new Qakbot phishing campaign is active as of December 11 but attack attempts are currently low in volume.
The threat actors associated with the 8220 Gang have been observed exploiting a high-severity flaw in Oracle WebLogic Server to propagate their malware. The security shortcoming...
The threat actors behind the Play ransomware are estimated to have impacted approximately 300 entities as of October 2023, according to a new joint cybersecurity advisory from Australia and the...
Malicious actors can leverage prompt injection techniques to generate unintended and potentially harmful outcomes by distorting the reality in which the LLM operates. The road to implementing LLM agents, particularly those interfacing with external tools and systems, is not without challenges.
The EMBA open-source security analyzer is tailored as the central firmware analysis tool for penetration testers and product security groups. It assists throughout the security evaluation procedure, extracting firmware, conducting static and dynamic analysis through emulation, and creating a web-based report.
Ransomware attacks continue at a record-breaking pace, with Q3 2023 global ransomware attack frequency up 11% over Q2 and 95% year-over-year, according to Corvus Insurance. Companies scramble to integrate immediate recovery into ransomware plans.
Cloud transformation is increasingly funded by non-IT stakeholders, emphasizing its place as a broader enterprise transformation rather than solely an IT endeavor. Only 32% of cloud initiatives are funded by IT stakeholders, challenging the perception of cloud transformation solely as an IT-centric journey.