October 24, 2024 at 02:09AM The “Prometei” botnet, active since 2016, targets outdated software vulnerabilities globally, infecting over 10,000 computers. Its primary goal is cryptojacking, particularly of Monero cryptocurrency, while also enabling further malicious activities. Notably, it avoids Russian targets, reflecting a deliberate safeguarding of Russian-language accounts and systems. ### Meeting Takeaways on Prometei Botnet … Read more
September 17, 2024 at 05:31PM A zero-click exploit chain in macOS undermines security protections, compromising iCloud data. It starts with a lack of file sanitization in Calendar events, leading to remote code execution and access to sensitive data. Attackers can exploit vulnerabilities to bypass security controls like Gatekeeper and TCC. Apple has since acknowledged and … Read more
June 13, 2024 at 08:26AM Nvidia issued 10 security alerts revealing vulnerabilities in its GPU drivers and virtualization software, which if exploited, could lead to data theft and program control. Security patches were released for the affected software. The vulnerabilities are of concern due to the increasing use of Nvidia GPUs in AI and data … Read more
May 22, 2024 at 06:30AM Customer chatbots based on gen-AI engines are growing, easy to develop but challenging to secure. Recent incidents expose vulnerabilities, with one chatbot being manipulated into unconventional behavior. A study by Immersive Labs further reveals the susceptibility of chatbots to prompt engineering, raising concerns about the adequacy of existing guardrails and … Read more