Security | News, how-tos, features, reviews, and videos
The Cyber Monitoring Centre (CMC) aims to establish a ‘consistent and objective framework’ to provide clarity to enterprise insurance buyers.
Also prioritize patches for vulnerabilities in LDAP and NTLM, as well as Hyper-V, experts say.
An international law-enforcement collaboration has taken down two Russian nationals and two unidentified women in Thailand who ran Phobos ransomware affiliate platforms.
While unpatched instances were reduced to half within a month, a huge number of them remain vulnerable even as attackers exploit the flaw in the wild for critical RCE attacks.
A critical USB restriction flaw was addressed in an emergency iOS and iPadOS update.
Cybercriminals are increasingly exploiting gen AI technologies to enhance the sophistication and efficiency of their attacks.
The deserialization flaw allows attackers to remotely execute arbitrary codes on customers’ IIS web servers.
Enterprise users are leaking sensitive corporate data through use of unauthorized and authorized generative AI apps at alarming rates. Plugging the leaks is vital to reduce risk exposure.
The popular Python Pickle serialization format, which is common for distributing AI models, offers ways for attackers to inject malicious code that will be executed on computers when loading models with PyTorch.
The insecure deserialization and authorization bypass flaws could enable attackers to escalate privileges and run arbitrary commands.