Microsoft Offers Up to $15,000 in New AI Bug Bounty Program

October 13, 2023 at 06:18AM Microsoft has launched a bug bounty program specifically focused on vulnerabilities in its artificial intelligence (AI)-powered Bing search engine. The program offers rewards of up to $15,000 for vulnerabilities found in bing.com and associated applications. Microsoft is particularly interested in vulnerabilities related to inference manipulation, model manipulation, and inferential information … Read more

Void Rabisu Targets Female Political Leaders with New Slimmed-Down ROMCOM Variant

October 13, 2023 at 03:59AM Void Rabisu, a threat actor associated with financially motivated ransomware attacks, has shifted its focus to targeted campaigns on Ukraine and countries supporting Ukraine. They have developed a new variant called ROMCOM, which they used in campaigns targeting EU military personnel and political leaders working on gender equality initiatives. The … Read more

DarkGate Opens Organizations for Attack via Skype, Teams

October 13, 2023 at 03:24AM The DarkGate malware is being distributed through messaging platforms like Skype and Teams. Once installed, additional malicious payloads are introduced. The campaign has been most active in the Americas, followed by Asia, the Middle East, and Africa. DarkGate is a commodity loader that executes various actions, including remote access, cryptocurrency … Read more

Squid games: 35 security holes still unpatched in proxy after 2 years, now public

October 12, 2023 at 08:26PM 35 vulnerabilities in the Squid caching proxy remain unfixed after more than two years, according to the person who reported them. The researcher found 55 flaws in Squid’s source code, but only 20 have been fixed. The remaining vulnerabilities do not have patches or workarounds, and some have not been … Read more