AI/MLGoogle’s Big Sleep LLM agent discovers exploitable bug in SQLiteLaura FrenchNovember 4, 2024The Gemini 1.5 Pro-driven agent used variant analysis to discover the stack buffer underflow flaw.
Network SecurityFCA urges firms to boost operational resilience post-CrowdStrike disruptionDan RaywoodNovember 4, 2024According to the UK's FCA, third-party related issues were the leading cause of operational incidents reported between 2022 and 2023.
RansomwareRhysida ransomware attack on Columbus claimed 500K victimsSteve ZurierNovember 4, 2024Columbus, Ohio, confirms 500,000 residents affected after dropping lawsuit against whistleblower.
IdentityMickey Mouse operation hacked by former employeeShaun NicholsNovember 1, 2024A disgruntled former Disney worker stands accused of illegally hacking the company’s systems and harassing its workers
Critical Infrastructure SecurityCISA Director Easterly seeks to quell concerns about election securityLaura FrenchNovember 1, 2024Easterly addressed ballot security, disinformation and voter databases in public comments this week.
IdentityMicrosoft credentials pilfered by APT Storm via botnet spray-and-pray router attackSteve ZurierNovember 1, 2024Password spray attacks on compromised SOHO routers underscore the need for security pros to lock down remote workers.
PhishingFake product listings on real shopping sites lead to stolen payment informationLaura FrenchOctober 31, 2024The “Phish ‘n’ Ships” threat operation has infected more than 1,000 websites and has possibly stolen tens of millions of dollars.
Network SecurityMalware operators use copyright notices to lure in businessesShaun NicholsOctober 31, 2024The threat of a copyright infringement claim has become the latest way for malware operators to trick their targets.
Cloud SecurityEmeraldWhale steals 15,000 credentials from exposed Git configurationsSteve ZurierOctober 31, 2024In a twist, more than 1 terabyte of data was stored in the S3 bucket of a previous victim.
RansomwareNorth Korean nation-state threat actor using Play ransomwareLaura FrenchOctober 30, 2024The “Jumpy Pisces” cyberespionage group appeared to provide initial access for ransomware deployment.
CISO Top 10 Priorities for Q3 2024: Navigating Cybersecurity’s Evolving ChallengesBill BrennerNovember 1, 2024