Recent Security News
-
Mirai we go again: Zero-day flaws see routers and cameras co-opted into botnet
November 23, 2023 at 03:29AM Akamai has discovered two zero-day vulnerabilities that are being exploited to distribute the Mirai malware and create botnets for DDoS attacks. The vulnerabilities target routers and network video recorders from two vendors, and the devices’ default passwords are being used. Akamai’s Security Intelligence Response Team has not disclosed the affected…
-
Generative AI Takes on SIEM
November 23, 2023 at 02:32AM Vendors are incorporating generative AI into their security platforms, making it easier for security analysts to perform their tasks. IBM plans to upgrade its QRadar SIEM platform with generative AI capabilities next year. In addition, Crowdstrike’s Falcon Raptor platform will include Charlotte AI, which provides natural language responses to user…
-
North Korean Hackers Distribute Trojanized CyberLink Software in Supply Chain Attack
November 23, 2023 at 01:06AM North Korean threat actor Diamond Sleet is using a trojanized version of a legitimate app developed by CyberLink in a supply chain attack. The poisoned file, hosted on CyberLink’s infrastructure, downloads a second-stage payload. The campaign has affected over 100 devices in Japan, Taiwan, Canada, and the U.S. Microsoft has…
-
New Relic warns customers it’s experienced a cyber … something
November 23, 2023 at 12:03AM New Relic, a web tracking and analytics company, issued a security advisory to its customers about a recent cyber security incident. The advisory urges customers to remain vigilant for suspicious activity, but provides no further details about the nature of the incident. New Relic assures customers that they will be…
-
North Korea makes finding a gig even harder by attacking candidates and employers
November 22, 2023 at 08:37PM Palo Alto Networks’ Unit 42 has identified two hacking schemes linked to state-sponsored actors in North Korea. The first scheme, called Contagious Interview, involves threat actors posing as job recruiters on job boards and tricking software engineers into downloading malware. The second scheme, Wagemole, sees threat actors pretending to be…