Recent Security News
-
GitHub Enhances Security Capabilities With AI
November 8, 2023 at 12:15PM GitHub has announced the public preview of three new AI-powered features in GitHub Advanced Security. These features include AI-generated fixes for code alerts, identification of leaked passwords, and improved security overview dashboards. Additionally, GitHub released its Octoverse report, revealing a significant increase in developers building open source generative AI projects.…
-
DHS Launches New Critical Infrastructure Security and Resilience Campaign
November 8, 2023 at 12:15PM The DHS, CISA, and FEMA have launched a new campaign called Shields Ready to help critical infrastructure organizations enhance their security and resilience. It complements the existing campaign called Shields Up and covers cyberattacks, physical security threats, and natural disasters. The initiative aims to encourage organizations to strengthen resilience and…
-
FBI: Ransomware gangs hack casinos via 3rd party gaming vendors
November 8, 2023 at 11:51AM The FBI warns that ransomware threat actors are targeting casinos by exploiting vulnerabilities in vendor-controlled remote access and using legitimate system management tools. Small and tribal casinos have been targeted, with the Silent Ransom Group and Luna Moth carrying out phishing, data theft, and extortion attacks. The FBI advises implementing…
-
Offense Intended: How Adversarial Emulation Went From State Secret To Board Bullet Point
November 8, 2023 at 10:51AM Offensive security, once associated with aggressive tactics like “Hack Back,” has evolved into a mainstream approach for assessing and stress testing corporate defenses. However, relying solely on automation for defense can be costly and ineffective. Offensive security requires a combination of technology and human intelligence to outpace attackers. While AI…
-
Beware, Developers: BlazeStealer Malware Discovered in Python Packages on PyPI
November 8, 2023 at 08:27AM A set of malicious Python packages, disguised as obfuscation tools, have been discovered on the Python Package Index (PyPI) repository. The packages contain a malware called BlazeStealer, which allows attackers to gain control over compromised systems. The campaign began in January 2023 and includes eight packages. The malware can steal…