AI/MLML clients, ‘safe’ model formats exploitable through open-source AI vulnerabilitiesLaura FrenchDecember 6, 2024Four flaws in open-source machine learning tools could lead to code execution or path traversal.
Governance, Risk and ComplianceFCC to telecoms: Secure your networks from hacks like China’s Salt TyphoonSteve ZurierDecember 6, 2024There’s bipartisan support for a tougher stance on China’s attacks on U.S. telecoms, including issuing stiff fines.
Data SecurityChemonics discloses months-long breach affecting 263K peopleLaura FrenchDecember 5, 2024The major USAID contractor says unauthorized access continued up to 25 days after the intrusion was first detected.
Network SecurityBlueAlpha Russian hackers caught abusing CloudFlare servicesShaun NicholsDecember 5, 2024A notorious Kremlin-backed hacking group is using a legitimate network service to coordinate targeted attacks.
Network SecurityExchange Servers targeted in intel-gathering op on US company in ChinaSteve ZurierDecember 5, 2024China-based threat actor targeted Exchange servers, suggesting they aimed to gather intelligence by harvesting emails.
Cloud SecurityAbuse of Cloudflare domains for phishing doubled in 2024, report saysLaura FrenchDecember 4, 2024Attackers leverage the Cloudflare Pages and Workers services to disguise and enhance their malicious sites.
Network SecurityMeta: Russia tops disinformation ops, followed by Iran and ChinaShaun NicholsDecember 4, 2024Russia still tops the world in disinformation campaigns, even as other countries are stepping up their own operations.
Network SecurityVeeam patches bugs in VSPC, one leading to remote code executionSteve ZurierDecember 4, 2024In patching a 9.9 bug and a high-severity flaw, Veeam said the only available remedy is to apply the patches.
Women in IT SecurityWomen in cyber: Tammy Klotz’s impact (video)SC StaffDecember 4, 2024Meet the mentor transforming cybersecurity culture: Tammy Klotz.
RansomwareStoli Group USA files for bankruptcy after ransomware attackLaura FrenchDecember 3, 2024The vodka distributor cited the cyberattack, legal battles with Russia and macroeconomic issues in its filing.