Recent Security News
-
Microsoft, OpenAI: Nation-States Are Weaponizing AI in Cyberattacks
February 14, 2024 at 05:26PM Major world powers are increasingly utilizing large language models to bolster their offensive cyber capabilities, marking a shift from theory to practical application in this field. From the meeting notes, it is clear that the world’s major powers are actively utilizing large language models to bolster their offensive cyber operations.…
-
New critical Microsoft Outlook RCE bug is trivial to exploit
February 14, 2024 at 05:02PM Microsoft has identified a critical security vulnerability, CVE-2024-21413, in Outlook that allows remote unauthenticated attackers to exploit it, leading to remote code execution and the theft of NTLM credentials. The flaw bypasses Protected View and can be exploited through the Preview Pane, affecting multiple Office products. Check Point revealed a…
-
Prudential Files Voluntary Breach Notice With SEC
February 14, 2024 at 04:14PM Prudential Financial disclosed a data breach after detecting unauthorized access to its systems by a cybercrime group. The move is seen as a proactive response to the new SEC incident-disclosure rules. While the impact is yet to be determined, experts suggest it’s a strategic effort to mitigate reputational and financial…
-
China’s Volt Typhoon spies broke into emergency network of ‘large’ US city
February 14, 2024 at 04:05PM Chinese government’s Volt Typhoon spy team has compromised a US city’s emergency services network and is targeting American telecom providers alongside ongoing reconnaissance of electric companies. Dragos CEO Robert Lee expressed concern over the strategic nature of the targets. The espionage extends to African electric providers, and the spies have…
-
Zoom patches critical privilege elevation flaw in Windows apps
February 14, 2024 at 03:41PM Zoom’s Desktop and VDI clients and Meeting SDK for Windows are affected by an improper input validation flaw, allowing unauthenticated attackers to conduct privilege escalation. The flaw, tracked as CVE-2024-24691 with a critical rating, impacts specific product versions. Users are advised to update to the latest version to address this…