Security News > 2024 > July

Microsoft Outlook can be turned into a C2 beacon to remotely execute code, as demonstrated by a new red team post-exploitation framework named "Specula," released today by cybersecurity firm TrustedSec. This C2 framework works by creating a custom Outlook Home Page using WebView by exploiting CVE-2017-11774, an Outlook security feature bypass vulnerability patched in October 2017.

Prompt-Guard-86M, introduced by Meta last week in conjunction with its Llama 3.1 generative model, is intended "To help developers detect and respond to prompt injection and jailbreak inputs," the social network giant said. So makers of AI models build filtering mechanisms called "Guardrails" to catch queries and responses that may cause harm, such as those revealing sensitive training data on demand, for example.

While CrowdStrike has since deployed a fix, it's understandable for businesses to be wary of CrowdStrike as a viable EDR provider given the scale of the incident. In this article, we take a look at the best CrowdStrike alternatives and competitors for you and your organization.

US border agents must obtain a warrant, in New York at least, to search anyone's phone and other electronic device when traveling in or out of the country, another federal judge has ruled. Judge Nina Morrison of the Eastern District of New York issued a decision [PDF] last week that Customs and Border Patrol officials need a warrant to search citizens and non-citizens' electronics in all but the most exceptional of circumstances.

Apple has released the iOS 18.1 Beta to developers, allowing them to test some of its upcoming AI-powered Apple Intelligence features before they are released for testing in the public previews. Apple Intelligence was first unveiled at the company's 2024 Worldwide Developer Conference, revealing Apple's AI strategy for upcoming devices.

Apple is the latest addition to the list of public U.S. companies that made voluntary commitments to AI regulations, the White House announced on July 26. The addition of Apple is "Further cementing these commitments as cornerstones of responsible AI innovation," the White House stated in a press release.

The three men, Raymond Bradley "Brad" Pearce, Dusti O. Pearce, and Jason M. Hines, were also ordered to forfeit large amounts of money as part of their sentencing, ranging from $2 to $4 million. "According to court documents, Brad and Dusti Pearce conspired with Hines to commit wire fraud in a scheme that involved generating and then selling unauthorized Avaya Direct International software licenses," reads a Department of Justice announcement.

Microsoft warned today that ransomware gangs are actively exploiting a VMware ESXi authentication bypass vulnerability in attacks. Ransomware groups have focused on creating lockers dedicated to encrypting ESXi VMs rather than targeting specific ESXi vulnerabilities that would provide them a quicker way of acquiring and maintaining access to a victim's hypervisors.

Estimated financial losses due to the recent massive IT outage triggered by the faulty CrowdStrike update are counted in billions, but the unfortunate incident is having several positive effects, as well. As CrowdStrike was forced to explain, in great detail, how they roll out updates for its Falcon Sensors, what testing they perform beforehand, and how they plan to improve the whole process to prevent similar accidents from happening in the future, other cybersecurity vendors - such as Fortinet, Secureworks, and Bitdefender - have spelled out their own software and content update release processes.

Cybersecurity company Acronis is warning that a now-patched critical security flaw impacting its Cyber Infrastructure product has been exploited in the wild. The flaw impacts the following versions of Acronis Cyber Infrastructure -.