Recent Security News
-
Unpatched Critical Vulnerabilities Open AI Models to Takeover
November 28, 2023 at 03:53AM Researchers have discovered multiple critical vulnerabilities in the infrastructure used by AI models, exposing companies to risk as they adopt AI technology. The affected platforms include Ray, MLflow, ModelDB, and H20 version 3. The vulnerabilities could allow attackers unauthorized access to AI models and the network. Companies must prioritize security…
-
Despite Hype, the Password-Free Workplace Is Still a Long Way Off
November 28, 2023 at 03:53AM Despite the increasing security risk, passwords are still prevalent in the workplace, with organizations slowly transitioning to passwordless technology. According to a survey, 30% have started the transition, while 36% are one to two years away, and 21% are three to four years away. Weak password practices contribute to the…
-
India’s CERT given exemption from Right To Information requests
November 28, 2023 at 01:38AM India’s Computer Emergency Response Team (CERT-In) has been granted immunity from Right To Information (RTI) requests. The reasons for the exemption are unknown, but it comes after an embarrassing incident where an RTI request revealed low compliance with CERT-In’s infosec incident reporting requirements. This move has been criticized by the…
-
N. Korean Hackers ‘Mixing’ macOS Malware Tactics to Evade Detection
November 28, 2023 at 12:06AM The Lazarus Group, a North Korean threat actor, has been observed combining elements from two separate macOS malware strains, RustBucket and KANDYKORN. They are using RustBucket droppers to deliver the KANDYKORN malware. Another macOS-specific malware called ObjCShellz has also been linked to the RustBucket campaign by cybersecurity firm SentinelOne. This…