Threat IntelligenceKimsuky shifts tactics from traditional backdoors to RDP, proxiesLaura FrenchFebruary 6, 2025The North Korean APT group has leveraged a custom RDP Wrapper and new malware called forceCopy in recent campaigns.
AI/MLFormer Google engineer charged with stealing AI trade secretsShaun NicholsFebruary 6, 2025A Chinese national is facing multiple charges of economic espionage and theft of trade secrets after he was accused of stealing AI technology from Google
Vulnerability ManagementLinux kernel flaw added to CISA’s exploited vulnerabilities listSteve ZurierFebruary 6, 2025Flaw could let attackers escalate privileges on popular Google Android and Pixel devices.
RansomwareRansomware payments drop 35% in 2024, first decrease since 2022Shaun NicholsFebruary 5, 2025The first half of 2024 recorded an increase in ransomware payouts.
Vulnerability ManagementVeeam Updater receives update for critical RCE flawLaura FrenchFebruary 5, 2025The vulnerability affects Veeam Backup for Salesforce, AWS, Microsoft Azure, Google Cloud and more.
Network SecurityInfostealers targeting macOS jumped by 101% in second half of 2024Steve ZurierFebruary 5, 2025While infostealers are often seen as less dangerous compared with trojans, they can exfiltrate sensitive data, leading to data breaches.
AI/MLMicrosoft fixes CVSS 9.9 vulnerability in Azure AI Face serviceLaura FrenchFebruary 4, 2025The flaw enabled authentication bypass by spoofing, with a proof-of-concept exploit available.
Network SecurityCISA, international agencies offer guidance on edge threatsShaun NicholsFebruary 4, 2025CISA posted a set of guidelines aimed at helping companies better secure the commonly used devices.
Vulnerability ManagementFlexibleFerret malware targets the macOS via North Korea job campaignSteve ZurierFebruary 4, 2025New malware strain a continuation of the North Korean Contagious Interview job lure campaign first described last December.
AI/MLGoogle reveals Gemini AI use by more than 40 state-sponsored APTsLaura FrenchFebruary 3, 2025Iran-backed groups were the most prolific adversarial users, while North Korean APTs used the LLM for likely IT worker scams.
Build a vulnerability management program with internet exposure in mindAaron Unterberger February 5, 2025