February 14, 2024 at 05:26PM Major world powers are increasingly utilizing large language models to bolster their offensive cyber capabilities, marking a shift from theory to practical application in this field. From the meeting notes, it is clear that the world’s major powers are actively utilizing large language models to bolster their offensive cyber operations. … Read more
February 14, 2024 at 02:51PM Foreign government-backed hacking teams are leveraging OpenAI’s ChatGPT for malicious activities, including vulnerability research, target reconnaissance, and malware creation. Microsoft and OpenAI collaborated to study the use of large language models (LLMs) by these actors and found multiple known APTs experimenting with ChatGPT for malicious purposes. Microsoft took measures to … Read more
February 13, 2024 at 02:08PM The document details a list of vulnerabilities, including CVE IDs, titles, and severity ratings for various Microsoft products and services, such as .NET, Azure Active Directory, Azure DevOps, Microsoft Edge, and others. It also covers Windows-related vulnerabilities in areas like Hyper-V, Internet Connection Sharing, Kernel, LDAP, and Message Queuing. Based … Read more
February 7, 2024 at 04:18PM Flare, a leading CTEM provider, has released a report analyzing the threat landscape and risks to NATO countries posed by initial access brokers (IABs) on Russian hacking forums. The report identified recent IAB activity in 21 out of 31 NATO countries, focusing on targeting critical infrastructure sectors and the US … Read more
February 5, 2024 at 05:43PM The Palo Alto Networks Unit 42 team uncovered a new variation of the sneaky banking Trojan, Mispadu Stealer, targeting Mexico. This infostealer exploits the Windows SmartScreen bypass vulnerability CVE-2023-36025. With Mispadu continuously evolving, the researchers advise a comprehensive cybersecurity approach, emphasizing staying informed on threat intelligence, robust endpoint protection, and … Read more
February 4, 2024 at 12:19PM Cloudzy enhances cybersecurity through a collaboration with Recorded Future, introducing comprehensive threat intelligence and refining its threat detection system, CloudzPatrol. The company prioritizes ethical enforcement, updating its acceptable use policy, and emphasizes maintaining a secure and resilient platform. Cloudzy aims to deliver a secure, innovative, and personalized cloud experience while … Read more
January 31, 2024 at 07:42AM The Shadowserver Foundation has identified 45,000 exposed Jenkins instances with a critical vulnerability, potentially being exploited in the wild. Unauthenticated attackers can access limited data from files, while authenticated attackers may obtain full file contents, including sensitive Jenkins secrets. Researchers reported in-the-wild exploitation prior to the public release of the … Read more
January 30, 2024 at 10:26AM The UAE public sector handles 50,000 daily cyberattack attempts, including port scanning, phishing emails, DDoS, and ransomware. Ministries collaborate with the private sector to bolster resilience. Private sector faces double or triple the threats, with the financial sector most vulnerable. Annual cyber incidents in UAE businesses have risen, prompting the … Read more
January 29, 2024 at 06:39AM Bastille Networks, a wireless threat intelligence firm, has secured $44 million in a Series C funding round, with the total raised now exceeding $80 million. Led by Goldman Sachs, the round includes funding from existing investor Bessemer Venture Partners. The San Francisco-based company helps organizations identify and secure wireless devices … Read more
January 26, 2024 at 01:21AM Microsoft has reported that Russian state-sponsored threat actors responsible for a cyber attack on its systems in late November 2023 are now targeting other organizations. The group, known as APT29 or BlueBravo, primarily targets governments, diplomatic entities, and IT service providers in the U.S. and Europe. They utilize legitimate but … Read more