'

NSA, CISA & FBI Released Best Practices For AI Security Deployment 2024

In a groundbreaking move, the U.S. Department of Defense has released a comprehensive guide for organizations deploying and operating AI systems designed and developed byanother firm. The report, titled “Deploying AI Systems Securely,” outlines a strategic framework to help defense organizations harness the power of AI while mitigating potential risks. The report was authored by … Read more

Hacker Customize LockBit 3.0 Ransomware to Attack Orgs Worldwide

Hacker Customize LockBit 3.0 Ransomware to Attack Orgs Worldwide

Cybersecurity researchers at Kaspersky have uncovered evidence that cybercriminal groups are customizing the virulent LockBit 3.0 ransomware for targeted attacks against organizations worldwide. This allows the threat actors to tailor the malware for maximum impact and effectiveness against specific targets. The findings come from the researcher’s analysis of the leaked LockBit 3.0 builder, which first … Read more

LightSpy Hackers Indian Apple Device Users to Steal Sensitive Data

LightSpy Hackers Indian Apple Device Users to Steal Sensitive Data

The revival of the LightSpy malware campaign has been observed, focusing on Indian Apple device users. This sophisticated mobile spyware, suspected to have origins in China, is being used for espionage, targeting a select group of individuals, including journalists, activists, politicians, and diplomats across Southern Asia. The implications of such targeted attacks are vast, raising … Read more

LightSpy Malware Attacking Android and iOS Users

LightSpy Malware Attacking Android and iOS Users

A new malware known as LightSpy has been targeting Android and iOS users. This sophisticated surveillance tool raises alarms across the cybersecurity community due to its extensive capabilities to exfiltrate sensitive user data. LightSpy is a modular malware implant designed to infiltrate mobile devices. With variants for both Android and iOS platforms, it represents a … Read more

Alert! Palo Alto RCE Zero-day Vulnerability Actively Exploited in the Wild

Alert! Palo Alto RCE Zero-day Vulnerability Actively Exploited in the Wild

In a recent security bulletin, Palo Alto Networks disclosed a critical vulnerability in its GlobalProtect Gateway, identified as CVE-2024-3400. This flaw, rooted in the PAN-OS operating system, has already been exploited in a limited number of attacks, raising alarms across the cybersecurity community. CVE-2024-3400 is classified under CWE-77, which pertains to the improper neutralization of … Read more

6-year-old Lighttpd Flaw Impacts Intel And Lenovo Servers

6-year-old Lighttpd Flaw Impacts Intel And Lenovo Servers

The software supply chain is filled with various challenges, such as untracked security vulnerabilities in open-source components and inconsistent update uptake.  The lighttpd vulnerability was silently fixed in 2018 without any CVE assignment in a single instance of vulnerability detection. As a result, critical security patches are often lost on downstream software that relies on … Read more

Hackers Employ Deepfake Technology To Impersonate as LastPass CEO

Hackers Employ Deepfake Technology To Impersonate as LastPass CEO

A LastPass employee recently became the target of an attempted fraud involving sophisticated audio deepfake technology. This incident underscores the urgent need for heightened cybersecurity awareness and the implementation of robust verification processes within organizations. The Rise of Deepfake Technology Deepfake technology, which employs generative artificial intelligence to create hyper-realistic audio or visual content, has … Read more

Sisence Data Breach, CISA Urges To Reset Login Credentials

Sisence Data Breach, CISA Urges To Reset Login Credentials

In response to a recent data breach at Sisense, a provider of data analytics services, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) advised customers to reset their login credentials. Sisense’s AI and machine learning-driven analytics platform is used for data collection and analysis by various industries, including healthcare, technology, manufacturing, and finance. In this case, … Read more

DuckDuckGo Launches Privacy Pro: 3-in-1 service With VPN

DuckDuckGo Launches Privacy Pro: 3-in-1 service With VPN

DuckDuckGo has launched Privacy Pro, a new subscription service that promises to enhance user privacy across the web. This innovative offering combines a VPN service with additional privacy features integrated into DuckDuckGo’s existing privacy-focused browser. A Closer Look at Privacy Pro’s Features DuckDuckGo’s Privacy Pro is not just another VPN. It’s a comprehensive privacy solution … Read more