🎉Wordfence just launched its bug bounty program. For the first 6 months, all awarded bounties receive a 10% bonus. View the announcement to learn more now! Last week, there were 67 vulnerabilities disclosed in 60 WordPress Plugins and no WordPress…
Tag: EN
Multichain Inferno Drainer Abuse Web3 Protocols To Connect Crypto Wallets
A cryptocurrency-related phishing scam that uses malware called a drainer is one of the most widely used tactics these days. From November 2022 to November 2023, ‘Inferno Drainer’, a well-known multichain cryptocurrency drainer, was operational under the scam-as-a-service paradigm. On sophisticated…
AI trends: A closer look at machine learning’s role
The hottest technology right now is AI — more specifically, generative AI. The trend is so popular that every conference and webinar speaker feels obligated to mention some form of AI, no matter their field. The innovations and risks that…
Check Point Research Unfolds: Navigating the Deceptive Waters: Unmasking A Sophisticated Ongoing NFT Airdrop Scam
By: Oded Vanunu, Dikla Barda, Roman Zaikin Main Highlights: 1. Sophisticated Scam Targeting Token Holders: Over 100 popular projects’ token holders targeted with fake NFT airdrops appearing from reputable sources. 2. Multi-Stage Deception Uncovered: The ongoing Scam involves enticing victims…
Drupal Releases Security Advisory for Drupal Core
Drupal released a security advisory to address a vulnerability affecting multiple Drupal core versions. A cyber threat actor could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review Drupal security advisory SA-CORE-2024-001 for more information and…
Google TAG warns that Russian COLDRIVER APT is using a custom backdoor
Google warns that the Russia-linked threat actor COLDRIVER expands its targeting and is developing a custom malware. The ColdRiver APT (aka “Seaborgium“, “Callisto”, “Star Blizzard”, “TA446”) is a Russian cyberespionage group that has been targeting government officials, military personnel, journalists and…
Software Supply Chain Security Startup Kusari Raises $8 Million
Kusari has raised $8 million to help organizations gain visibility into and secure their software supply chain. The post Software Supply Chain Security Startup Kusari Raises $8 Million appeared first on SecurityWeek. This article has been indexed from SecurityWeek RSS…
Data is the Missing Piece in the AI Jigsaw, Here’s How to Bridge the Gap
The skills gap that is stifling development in artificial intelligence (AI) is well documented, but another aspect stands out: data complexity. According to a new IBM study, the most common barriers to AI success are limited AI skills and…
Addressing Deceptive AI: OpenAI Rival Anthropic Uncovers Difficulties in Correction
There is a possibility that artificial intelligence (AI) models can be trained to deceive. According to a new research led by Google-backed AI startup Anthropic, if a model exhibits deceptive behaviour, standard techniques cannot remove the deception and create…
N-able MDR ingests data from existing security and IT tools
N-able continues to advance its security suite with the launch of N-able Managed Detection and Response (MDR). This latest addition to the N-able security suite combines a powerful security operations platform with expert services, giving MSPs a broad range of…
Poorly secured PostgreSQL, MySQL servers targeted by ransomware bot
Users exposing poorly secured PostgreSQL and MySQL servers online are in danger of getting their databases wiped by a ransomware bot, Border0 researchers are warning. The attackers asks for a small sum to return / not publish the data, but…
‘Stablecoins’ Enabled $40 Billion in Crypto Crime Since 2022
A new report from Chainalysis finds that stablecoins like Tether, tied to the value of the US dollar, were used in the vast majority of crypto-based scam transactions and sanctions evasion in 2023. This article has been indexed from Security…
Are You Ready for PCI DSS 4.0?
The Payment Card Industry Data Security Standard (PCI DSS) is the global benchmark for ensuring companies that handle credit card information maintain a secure environment. It provides a framework to help organizations protect sensitive cardholder data from theft and secure…
Energy Department to Invest $30 Million in Clean Energy Cybersecurity Solutions
Organizations can earn up to $3 million in federal funding for cyber tools securing the clean energy infrastructure. The post Energy Department to Invest $30 Million in Clean Energy Cybersecurity Solutions appeared first on SecurityWeek. This article has been indexed…
Russian APT Known for Phishing Attacks Is Also Developing Malware, Google Warns
Russian threat group ColdRiver has developed Spica, a malware that enables it to compromise systems and steal information. The post Russian APT Known for Phishing Attacks Is Also Developing Malware, Google Warns appeared first on SecurityWeek. This article has been…
SOC-as-a-Service: The Five Must-Have Features
SOCs are one of the most important functions of an organization’s security defenses, but they are also a heavy drain on resources. The post SOC-as-a-Service: The Five Must-Have Features appeared first on Security Boulevard. This article has been indexed from…
Oleria raises $33 million to accelerate its product innovation
Oleria has raised $33.1 million in a Series A funding round. This latest investment, which brings the company’s total funding to over $40 million, is led by Evolution Equity Partners with participation from Salesforce Ventures, Tapestry VC, and Zscaler. This…
Google TAG: Kremlin cyber spies move into malware with a custom backdoor
The threat hunters believe COLDRIVER has used SPICA since at least November 2022 Russian cyberspies linked to the Kremlin’s Federal Security Service (FSB) are moving beyond their usual credential phishing antics and have developed a custom backdoor that they started…
Google says Russian espionage crew behind new malware campaign
Google researchers say they have evidence that a notorious Russian-linked hacking group — tracked as “Cold River” — is evolving its tactics beyond phishing to target victims with data-stealing malware. Cold River, also known as “Callisto Group” and “Star Blizzard,”…
How AI-Powered Security Capabilities Implement Real-Time Cybersecurity
Palo Alto Networks and Accenture are leaders at the forefront of security technology and operations, using AI to help clients stay ahead of cyberthreats. The post How AI-Powered Security Capabilities Implement Real-Time Cybersecurity appeared first on Palo Alto Networks Blog.…