What scared him most was what some said about the government’s role in AI, and what he described as a young staff who were “out for blood. ” © 2024 TechCrunch. All rights reserved. For personal use only.
Month: December 2024
Global Security News, Security
390,000 WordPress accounts stolen from hackers in supply chain attack
A threat actor tracked as MUT-1244 has stolen over 390,000 WordPress credentials in a large-scale, year-long campaign targeting other threat actors using a trojanized WordPress credentials checker. […]
AI, AI chatbots, generative ai, Global IT News, Global Security News, hiring, Klarna, TC
Klarna’s CEO says it stopped hiring thanks to AI but still advertises many open positions
Klarna CEO Sebastian Siemiatkowski recently told Bloomberg TV that his company essentially stopped hiring a year ago and credited generative AI for enabling this massive workforce reduction. However, despite Siemiatkowski’s bullishness on AI, the company is not relying entirely on AI to replace human workers who leave, as open job listings — for more humans…
AI, generative ai, Global IT News, Global Security News, reasoning, reasoning models, Research
‘Reasoning’ AI models have become a trend, for better or worse
Call it a reasoning renaissance. In the wake of the release of OpenAI’s o1, a so-called reasoning model, there’s been an explosion of reasoning models from rival AI labs. In early November, DeepSeek, an AI research company funded by quantitative traders, launched a preview of its first reasoning algorithm, DeepSeek-R1. That same month, Alibaba’s Qwen…
Global Security News
Germany Disrupts BADBOX Malware on 30,000 Devices Using Sinkhole Action
Germany’s Federal Office of Information Security (BSI) has announced that it has disrupted a malware operation called BADBOX that came preloaded on at least 30,000 internet-connected devices sold across the country. In a statement published earlier this week, authorities said they severed the communications between the devices and their command-and-control (C2) servers by sinkholing the…
Global Security News
Thai Officials Targeted in Yokai Backdoor Campaign Using DLL Side-Loading Techniques
Thai government officials have emerged as the target of a new campaign that leverages a technique called DLL side-loading to deliver a previously undocumented backdoor dubbed Yokai. “The target of the threat actors were Thailand officials based on the nature of the lures,” Nikhil Hegde, senior engineer for Netskope’s Security Efficacy team, told The Hacker…
AI, generative ai, Global IT News, Global Security News, Grok, grok-2, Social, X, xAI
X gains a faster Grok model and a new ‘Grok button’
XAI, Elon Musk’s AI company, may be embroiled in an escalating lawsuit with OpenAI. But that’s not stopping it from shipping new products — on a Friday night, no less. This evening, xAI revealed that it has begun to roll out an upgraded version of its flagship Grok 2 chatbot model to all users on…
Global Security News
Michael Dell Spent 40 Years Preparing for an AI Boom No One Expected
The man who founded Dell in a Texas dorm room has transformed his company. It’s not just about PCs anymore.
Global Security News
There Are Mystery Drones Flying Over My House. I Tried to Track Them Down.
Authorities say unexplained aircraft over New Jersey is no cause for concern. My neighbors, however, are concerned.
AGI, AI, generative ai, Global IT News, Global Security News, Ilya Sutskever, In Brief, openai, safe superintelligence, ssi, superintelligence
OpenAI co-founder Ilya Sutskever believes superintelligent AI will be ‘unpredictable’
OpenAI co-founder Ilya Sutskever spoke on a range of topics at NeurIPS, the annual AI conference, Friday afternoon before accepting an award for his contributions to the field. Sutskever gave his predictions for “superintelligent” AI, AI more capable than humans at many tasks, which he believes will be achieved at some point. Superintelligent AI will…
Global Security News, Security Bloggers Network
2024 Year in Review: Features and Improvements in Pure Signal™ Scout
Team Cymru is excited to share our accomplishments in delivering new features and improvements in Pure Signal™ Scout. Thank you to our… The post 2024 Year in Review: Features and Improvements in Pure Signal™ Scout appeared first on Security Boulevard.
AI, Global IT News, Global Security News, openai, TC
OpenAI whistleblower found dead in San Francisco apartment
A former OpenAI employee, Suchir Balaji, was recently found dead in his San Francisco apartment, according to the San Francisco Office of the Chief Medical Examiner. In October, the 26-year-old AI researcher raised concerns about OpenAI breaking copyright law when he was interviewed by The New York Times. “The Office of the Chief Medical Examiner…
AI, content moderation, Global IT News, Global Security News, Pavel Durov, social media, TC, Telegram
AI helps Telegram remove 15 million suspect groups and channels in 2024
Telegram launched a new page touting its moderation efforts, which have spiked since its founder’s arrest. © 2024 TechCrunch. All rights reserved. For personal use only.
Global Security News, Security
Auto parts giant LKQ says cyberattack disrupted Canadian business unit
Automobile parts giant LKQ Corporation disclosed that one of its business units in Canada was hacked, allowing threat actors to steal data from the company. […]
APAC, Australia, china threat actor, Cloud, cyber security, Global Security News, Salt Typhoon, salt typhoon australia, Security
Australian IT Pros Urged to Guard Against Chinese Cybersecurity Threats
Australian IT pros are urged to strengthen defenses as Chinese cyber threats target critical infrastructure and sensitive data.
Crypto, Exclusive, fbi, feuds, Founders Fund, Global IT News, Global Security News, Kalshi, Polymarket, presidential election, social media, Startups, Venture
Kalshi CEO admits enlisting influencers to dis Polymarket in a now-deleted podcast segment
Kalshi’s CEO, Tarek Mansour, confirmed on a podcast interview that his employees did ask social media influencers to promote memes about the FBI’s raid on the home of his arch rival, the CEO of Polymarket. Both of these companies offer competing events-betting markets, a new kind of betting industry where people wager about the outcomes…
Global Security News
Zerto Introduces Cloud Vault Solution for Enhanced Cyber Resilience Through MSPs
Global Security News
Versa Introduces Integrated Endpoint Data Loss Prevention in SASE Solution
Global Security News, Security
Citrix shares mitigations for ongoing Netscaler password spray attacks
Citrix Netscaler is the latest target in widespread password spray attacks targeting edge networking devices and cloud platforms this year to breach corporate networks. […]
Global Security News
Cleo MFT Zero-Day Exploits Are About Escalate, Analysts Warn
Defenders running the Cleo managed file transfer are urged to be on the lookout for the Cleopatra backdoor and other indicators of an ongoing ransomware campaign, as patching details remain foggy, and no CVE has been issued.
Climate, climate tech, Exclusive, g2 venture partners, Global IT News, Global Security News, scoop, Venture, venture capital
G2 Ventures Partners is raising $750 million for a third fund
The raise is a bullish vote of confidence in climate and sustainability startups. © 2024 TechCrunch. All rights reserved. For personal use only.
Climate, climate tech, Exclusive, g2 venture partners, Global IT News, Global Security News, scoop, Venture, venture capital
G2 Ventures Partners is raising $750 million for a third fund
The raise is a bullish vote of confidence in climate and sustainability startups. © 2024 TechCrunch. All rights reserved. For personal use only.
Climate, climate tech, Exclusive, g2 venture partners, Global IT News, Global Security News, scoop, Venture, venture capital
G2 Ventures Partners is raising $750 million for a third fund
The raise is a bullish vote of confidence in climate and sustainability startups. © 2024 TechCrunch. All rights reserved. For personal use only.
Blog, Global Security News, Security Bloggers Network
Unauthenticated Webpages: Hidden HIPAA Risks on Public-Facing Websites
When we think about HIPAA compliance and websites, the focus often shifts to patient portals, online scheduling systems, and other secure areas requiring user authentication. However, it’s crucial to recognize that even unauthenticated webpages, those accessible to the public without logging in, can present hidden HIPAA risks. Let’s explore these often-overlooked vulnerabilities and discuss how…
Global Security News
With ‘TPUXtract,’ Attackers Can Steal Orgs’ AI Models
A new side-channel attack method is a computationally practical way to infer the structure of a convolutional neural network — meaning that cyberattackers or rival companies can plagiarize AI models and take their data for themselves.
Exploits, Global Security News, Security
CISA confirms critical Cleo bug exploitation in ransomware attacks
CISA confirmed today that a critical remote code execution bug in Cleo Harmony, VLTrader, and LexiCom file transfer software is being exploited in ransomware attacks. […]
Global Security News
Test Your Cyber Skills With the SANS Holiday Hack Challenge
Open to players of all skill levels, the “Snow-mageddon” cybersecurity competition is set in the world of Santa, elves, and Christmas mayhem.
Enterprise, Fundraising, Global IT News, Global Security News
Databricks is on track to raise a record $9.5+ billion round at $60B valuation
Databricks is close to finalizing a $9.5 billion round at a $60 billion valuation, including a secondary sale for employees that could climb even higher before it closes, Reuters reports. Just 17 days ago, Reuters reported that the deal was at $8 billion and a $55 billion valuation. Thrive Capital is leading the deal with…
AI, Artificial Intelligence (AI), carbon capture and storage, CCS, Climate, data centers, Enterprise, exxon, exxonmobil, Global IT News, Global Security News, power plant
Exxon can’t resist the AI power gold rush
The oil and gas company announced that it’s planning to build a massive power plant for data centers. © 2024 TechCrunch. All rights reserved. For personal use only.
Global Security News
Elon Musk Wanted to Make OpenAI a For-Profit Company He Controlled, Messages Show
The ChatGPT developer released emails and texts in response to Musk’s request for an injunction against its conversion to a for-profit company.
Global Security News, Security Bloggers Network
Why the Recent Telecom Hack Underscores the Need for End-to-End Encryption
The recent massive telecom hack by the Chinese state-sponsored group Salt Typhoon has highlighted critical vulnerabilities in traditional communication systems. The breach targeted major U.S. telecom providers, including Verizon, AT&T, and T-Mobile, compromising sensitive communications of government officials, political entities, and businesses. Attackers accessed call records, unencrypted text messages, and even live call audio by…
Cloud Security, Cybersecurity, cybersecurity professionals, Data Privacy, Data Security, Datadog, Featured, Global Security News, Identity & Access, Information stealing malware, malware, Network Security, News, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Social Engineering, Spotlight, Threat Intelligence, vulnerabilities, wordpress
Hacker Uses Info-Stealer Against Security Pros, Other Bad Actors
An unknown hacker called MUT-1244 used information-stealing malware to not only grab sensitive data from cybersecurity professionals but also to steal WordPress credentials from other bad actors who had bought them on the dark web. The post Hacker Uses Info-Stealer Against Security Pros, Other Bad Actors appeared first on Security Boulevard.
AI chatbot, Cybersecurity, Exclusive, Global IT News, Global Security News, Optum, Security, UnitedHealthcare
UnitedHealthcare’s Optum left an AI chatbot, used by employees to ask questions about claims, exposed to the internet
Optum’s AI chatbot was found exposed online at a time when the healthcare giant faces scrutiny for its use of AI to allegedly deny patient claims. © 2024 TechCrunch. All rights reserved. For personal use only.
Fundraising, Global IT News, Global Security News, newsletter, Startups, Startups Weekly
What failed before might succeed now — or fail again — and other startup bets
Welcome to Startups Weekly — your weekly recap of everything you can’t miss from the world of startups. Want it in your inbox every Friday? Sign up here. This week in startup news, we have some contrarian bets, funding rounds from all around the world, new VC funds, and a final word of warning. Most…
764, Cybercrime, Cybersecurity, Department of Justice, Global Security News, Sextortion, The Com
Arizona man arrested for alleged involvement in violent online terror networks
Baron Martin, a 20-year-old resident of Tucson, Arizona, was arrested Wednesday on charges of producing child sexual abuse material and cyberstalking. His arrest is connected to his involvement in online terror networks, specifically 764 and CVLT, which are known for violent extremist activities. Martin, also known under the alias “Convict,” is charged with significant involvement…
cybersecurity education, DEF CON 32, DEFCONConference, Global Security News, Infosecurity Education, Security Bloggers Network
DEF CON 32 – Cultivating M4D SK1LLZ In the DEF CON Community
Authors/Presenters: Yan Shoshitaishvili, Perri Adams Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink The post DEF CON 32 – Cultivating M4D SK1LLZ In the DEF CON Community…
Global Security News
390,000+ WordPress Credentials Stolen via Malicious GitHub Repository Hosting PoC Exploits
A now-removed GitHub repository that advertised a WordPress tool to publish posts to the online content management system (CMS) is estimated to have enabled the exfiltration of over 390,000 credentials. The malicious activity is part of a broader attack campaign undertaken by a threat actor, dubbed MUT-1244 (where MUT refers to “mysterious unattributed threat”) by…
Global Security News, Security
FTC warns of online task job scams hooking victims like gambling
The Federal Trade Commission (FTC) warns about a significant rise in gambling-like online job scams, known as “task scams,” that draw people into earning cash through repetitive tasks, with the promises of earning more if they deposit their own money. […]
Global Security News, Security
CISA warns water facilities to secure HMI systems exposed online
CISA and the Environmental Protection Agency (EPA) warned water facilities today to secure Internet-exposed Human Machine Interfaces (HMIs) from cyberattacks. […]
AI, Global IT News, Global Security News, Google, project astra
See what Google’s Project Astra AR glasses can do (for a select few beta testers)
Google has released a prototype of Project Astra’s AR glasses for testing in the real world. The glasses are part of Googles long-term plan to one day have hardware with augmented reality and multimodal AI capabilities. In the meantime, they will be releasing demos to get the attention of consumers, developers, and their competition. Along…
Global Security News
U.S. Prepares New AI Chip Restrictions to Close China’s Backdoor Access
Washington plans rules limiting semiconductor shipments to some countries accused of supplying Beijing.
AI, Global IT News, Global Security News
OpenAI fires back against Musk, claims he wanted an OpenAI for-profit
OpenAI fired back at billionaire Elon Musk on Friday, publishing a series of emails that the company claims show Musk’s lawsuit against it is misleading. Musk’s legal battle with OpenAI, which has been going on for months, at its core accuses the company of abandoning its original nonprofit mission to make the fruits of its…
climate tech, defense tech, Global IT News, Global Security News, LLMs, space technology, Startups, TC
The 51 most disruptive startups of 2024
These startups have fascinating new technologies, business models, founder stories or are pushing an industry forward in exciting ways. © 2024 TechCrunch. All rights reserved. For personal use only.
blue yonder, cyber attack, cyber security, Cybersecurity, E-Commerce, EU, Global Security News, Ransomware, retail, sainsburys, Security, Software, starbucks, supply chain, TR, uk, United Kingdom
Starbucks, Supermarkets Targeted in Ransomware Attack
In December, ransomware group Termite claimed responsibility for the attacks.
advice, Best Practices, Cybersecurity, device protection, Global Security News, Security Bloggers Network, Security Research, zero trust
Addressing BYOD Vulnerabilities in the Workplace
Secure the workplace of today by exploring how to address BYOD vulnerabilities Bring Your Own Device (BYOD) policies have become commonplace in many workplaces. Employees use personal smartphones, tablets, and laptops to access corporate resources, blending work and personal activities on the same device. While BYOD offers several benefits, it also introduces significant cybersecurity vulnerabilities……
article, Global Security News, Security Bloggers Network
The 3 Most Common Misconceptions About Workplace Violence
Learn how to overcome C-suite resistance to investing in workplace violence prevention programs — keeping your business safe and strong Introduction Misconception 1: “Don’t worry, we’ll know it when we see it.” Misconception 2: “We must be doing something right because nothing’s happened yet” Misconception 3: “Incidents of workplace violence start suddenly and are unpredictable.”……
article, Global Security News, Security Bloggers Network
The 3 Most Common Misconceptions About Workplace Violence
Learn how to overcome C-suite resistance to investing in workplace violence prevention programs — keeping your business safe and strong Introduction Misconception 1: “Don’t worry, we’ll know it when we see it.” Misconception 2: “We must be doing something right because nothing’s happened yet” Misconception 3: “Incidents of workplace violence start suddenly and are unpredictable.”……
article, Global Security News, Security Bloggers Network
The 3 Most Common Misconceptions About Workplace Violence
Learn how to overcome C-suite resistance to investing in workplace violence prevention programs — keeping your business safe and strong Introduction Misconception 1: “Don’t worry, we’ll know it when we see it.” Misconception 2: “We must be doing something right because nothing’s happened yet” Misconception 3: “Incidents of workplace violence start suddenly and are unpredictable.”……
Global Security News, IoT & ICS Security, IoT Security, Security Bloggers Network
Breaking the Air Gap Through Hardware Implants
IoT security assessments expose diverse technologies, use cases, and protocols. While wireless components like WiFi and Bluetooth enhance functionality and enable features like OTA updates, they also increase the attack surface. This blog explores the challenges of assessing non-wireless IoT devices and considers the potential of adding wireless capabilities for comprehensive security testing. The post…
advanced technology vehicles manufacturing loan, Climate, Department of Energy, EV batteries, Global IT News, Global Security News, Government & Policy, Rivian, Samsung SDI, Solar Power, starplus energy, Stellantis, sunwealth, Transportation
Biden administration races to approve clean energy loans before Trump takes over — here’s who is benefiting
The Department of Energy (DOE) is on a loan-approval spree in the lead-up to President-elect Donald Trump’s inauguration, and the winners are all companies manufacturing clean energy solutions on U.S. soil. Companies like Stellantis and Samsung, Rivian, and most recently, EVgo. Trump has promised to cancel any unspent federal dollars under President Joe Biden’s Inflation…
Climate, DOE, EV charging, evgo, Global IT News, Global Security News, Government & Policy, inflation reduction act, Transportation
EVgo secures $1.25 billion loan amid Biden’s rush to approve clean energy loans
Electric vehicle charging startup EVgo is the latest company to secure funds from the U.S. Department of Energy as the Biden administration races to approve clean energy loans before Donald Trump takes over. Trump has promised to cancel any unspent funds from Biden’s bipartisan Inflation Reduction Act, including the $7,500 tax credit for new EV…
Global Security News, Security
Russia blocks Viber in latest attempt to censor communications
Russian telecommunications watchdog Roskomnadzor has blocked the Viber encrypted messaging app, used by hundreds of millions worldwide, for violating the country’s legislation. […]
Global Security News, Humor, Randall Munroe, Sarcasm, satire, Security Bloggers Network, XKCD
Randall Munroe’s XKCD ‘The Maritime Approximation’
via the comic humor & dry wit of Randall Munroe, creator of XKCD Permalink The post Randall Munroe’s XKCD ‘The Maritime Approximation’ appeared first on Security Boulevard.
Global Security News, Mobile, Security
Russian cyberspies target Android users with new spyware
Russian cyberspies Gamaredon has been discovered using two Android spyware families named ‘BoneSpy’ and ‘PlainGnome’ to spy on and steal data from mobile devices. […]
Global Security News, Mobile, Security
Russian cyberspies target Android users with new spyware
Russian cyberspies Gamaredon has been discovered using two Android spyware families named ‘BoneSpy’ and ‘PlainGnome’ to spy on and steal data from mobile devices. […]
AI, Apps, Global IT News, Global Security News, Google, Google NotebookLM, notebooklm
Google’s NotebookLM now lets you to talk to its AI podcast hosts
A few months ago, Google’s NotebookLM note-taking app debuted an Audio Overviews feature that generates a podcast with AI virtual hosts based on information you have shared with the app. Now, NotebookLM is rolling out the ability for users to interact with the AI podcast hosts. The idea behind Audio Overviews and the AI hosts…
Black Hat, Financial Services Industry, Hacking, Payment Systems, Security Software, Software Providers, Exploits, Global Security News
Researchers expose a surge in hacker interest in SAP systems
A review of four years of threat intelligence data, presented Friday at Black Hat by Yvan Genuer, a senior security researcher at Onapsis, reports a spike in hacker interest in breaking into enterprise resource planning (ERP) systems from SAP in 2020 that was sustained until the end of 2023. The vast majority (87%) of the…
autonomous vehicles, Cruise, EVs, Global IT News, Global Security News, Tesla, Transportation, Trump
The federal crash-reporting rule Tesla opposes could be on the chopping block
The Trump transition team wants to end a federal rule requiring automakers to report crashes when advanced driver-assistance or autonomous driving technology is engaged, Reuters reports. Federal safety agencies would lose the ability to investigate and regulate the safety of vehicles with automated-driving systems should the rule — which went into effect in 2021 —…
AI, ChatGPT, Global IT News, Global Security News, openai, sam altman
OpenAI 2024 event: How to watch new ChatGPT product reveals and demos
OpenAI is in the holiday spirit, it seems. The ChatGPT series of reveals, called “12 Days of OpenAI,” will be streamed live at 10 a.m. PT each weekday through December 23. So far, we’ve seen the launch of ChatGPT Pro, OpenAI’s $200 per month subscription plan, the full version of its “reasoning” o1 model, the…
AI, ChatGPT, Global IT News, Global Security News, openai, sam altman
OpenAI 2024 event: How to watch new ChatGPT product reveals and demos
OpenAI is in the holiday spirit, it seems. The ChatGPT series of reveals, called “12 Days of OpenAI,” will be streamed live at 10 a.m. PT each weekday through December 23. So far, we’ve seen the launch of ChatGPT Pro, OpenAI’s $200 per month subscription plan, the full version of its “reasoning” o1 model, the…
AI, ChatGPT, Global IT News, Global Security News, openai, sam altman
OpenAI 2024 event: How to watch new ChatGPT product reveals and demos
OpenAI is in the holiday spirit, it seems. The ChatGPT series of reveals, called “12 Days of OpenAI,” will be streamed live at 10 a.m. PT each weekday through December 23. So far, we’ve seen the launch of ChatGPT Pro, OpenAI’s $200 per month subscription plan, the full version of its “reasoning” o1 model, the…
Global Security News, Podcasts, Security Bloggers Network
BTS #43 – CVE Turns 25
In this episode, Paul Asadoorian, Alec Summers, and Lisa Olson discuss the 25th anniversary of the CVE program, its evolution, and the importance of transparency in vulnerability management. They explore the history of CVE, the process of creating CVE records, and the role of CNAs in ensuring accountability. The conversation also addresses challenges related to…
Global Security News, Podcasts, Security Bloggers Network
BTS #43 – CVE Turns 25
In this episode, Paul Asadoorian, Alec Summers, and Lisa Olson discuss the 25th anniversary of the CVE program, its evolution, and the importance of transparency in vulnerability management. They explore the history of CVE, the process of creating CVE records, and the role of CNAs in ensuring accountability. The conversation also addresses challenges related to…
Global Security News, Podcasts, Security Bloggers Network
BTS #43 – CVE Turns 25
In this episode, Paul Asadoorian, Alec Summers, and Lisa Olson discuss the 25th anniversary of the CVE program, its evolution, and the importance of transparency in vulnerability management. They explore the history of CVE, the process of creating CVE records, and the role of CNAs in ensuring accountability. The conversation also addresses challenges related to…
Global Security News, Security Bloggers Network, Unmasked Podcast
Podcast Episode 21: Interview with the University of Richmond’s CTF Winning Team
What happens when passion, talent, and opportunity collide in the university’s tech scene? Meet David Nathanson and Daniel Garay, the freshmen duo who took the University of Richmond’s Capture the Flag (CTF) competition by storm. With David bringing his coding journey from Nicaragua and Daniel harnessing his self-taught skills in AI and machine learning, they……
2024, Cybersecurity, Exploits, Global Security News, predictions, review, Security Bloggers Network
Time of Reckoning – Reviewing My 2024 Cybersecurity Predictions
The brutal reality is that cybersecurity predictions are only as valuable as their accuracy. As 2024 comes to a close, I revisit my forecasts to assess their utility in guiding meaningful decisions. Anyone can make predictions (and far too many do), but actually being correct is another matter altogether. It is commonplace for security companies…
AI, amd, Enterprise, Funding, Fundraising, generative ai, Global IT News, Global Security News, In Brief, Liquid AI, liquid neural networks, startup, Startups
Liquid AI just raised $250M to develop a more efficient type of AI model
Liquid AI, an AI startup co-founded by robotics luminary Daniela Rus, has raised $250 million in a Series A led by AMD. Per Bloomberg, the round values Liquid AI at over $2 billion. Liquid AI aims to build general-purpose AI systems powered by a relatively new type of AI model called a liquid neural network. Liquid…
Amazon, Donald Trump, Global IT News, Global Security News, Government & Policy, jeff bezos, openai, sam altman
Sam Altman and Jeff Bezos are the latest billionaires to donate $1M to Trump fund
OpenAI CEO Sam Altman and Jeff Bezos’ Amazon plan to donate $1 million each to President-elect Donald Trump’s inaugural fund, according to reports from Fox and the Wall Street Journal. TechCrunch has confirmed Altman’s plans to personally commit the money, which is not coming directly from OpenAI. The donations from the billionaires follow plans by…
Exploits, Global Security News
Critical OpenWrt Vulnerability Exposes Devices to Malicious Firmware Injection
A security flaw has been disclosed in OpenWrt’s Attended Sysupgrade (ASU) feature that, if successfully exploited, could have been abused to distribute malicious firmware packages. The vulnerability, tracked as CVE-2024-54143, carries a CVSS score of 9.3 out of a maximum of 10, indicating critical severity. Flatt Security researcher RyotaK has been credited with discovering and…
Exploits, Global Security News, Security Bloggers Network, supply chain, Uncategorized
Ultralytics Supply-Chain Attack
Last week, we saw a supply-chain attack against the Ultralytics AI library on GitHub. A quick summary: On December 4, a malicious version 8.3.41 of the popular AI library ultralytics —which has almost 60 million downloads—was published to the Python Package Index (PyPI) package repository. The package contained downloader code that was downloading the XMRig…
cybersecurity education, DEF CON 32, DEFCONConference, Global Security News, Infosecurity Education, Security Bloggers Network
DEF CON 32 – Outlook Unleashing RCE Chaos CVE 2024 30103
Authors/Presenters: Michael Gorelik, Arnold Osipov Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink The post DEF CON 32 – Outlook Unleashing RCE Chaos CVE 2024 30103 appeared…
cybersecurity education, DEF CON 32, DEFCONConference, Global Security News, Infosecurity Education, Security Bloggers Network
DEF CON 32 – Outlook Unleashing RCE Chaos CVE 2024 30103
Authors/Presenters: Michael Gorelik, Arnold Osipov Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink The post DEF CON 32 – Outlook Unleashing RCE Chaos CVE 2024 30103 appeared…
cybersecurity education, DEF CON 32, DEFCONConference, Global Security News, Infosecurity Education, Security Bloggers Network
DEF CON 32 – Outlook Unleashing RCE Chaos CVE 2024 30103
Authors/Presenters: Michael Gorelik, Arnold Osipov Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink The post DEF CON 32 – Outlook Unleashing RCE Chaos CVE 2024 30103 appeared…
Global Security News, Security Bloggers Network
Stop pushing bad WAF rules | Impart Security
Ever push a bad WAF rule? It’s the worst. For most WAF users, the number one fear isn’t that the WAF is going to get bypassed. It’s that a bad WAF rule will cause an outage. Impart Security is excited to release the WAF Rule Canary Tests to solve this problem. Designed for cloud security engineers focused on…
Global Security News, Security Bloggers Network
Stop pushing bad WAF rules | Impart Security
Ever push a bad WAF rule? It’s the worst. For most WAF users, the number one fear isn’t that the WAF is going to get bypassed. It’s that a bad WAF rule will cause an outage. Impart Security is excited to release the WAF Rule Canary Tests to solve this problem. Designed for cloud security engineers focused on…
Global Security News, Security Bloggers Network
Stop pushing bad WAF rules | Impart Security
Ever push a bad WAF rule? It’s the worst. For most WAF users, the number one fear isn’t that the WAF is going to get bypassed. It’s that a bad WAF rule will cause an outage. Impart Security is excited to release the WAF Rule Canary Tests to solve this problem. Designed for cloud security engineers focused on…
Global Security News
DoJ Indicts 14 North Koreans for $88M IT Worker Fraud Scheme Over Six Years
The U.S. Department of Justice (DoJ) has indicted 14 nationals belonging to the Democratic People’s Republic of Korea (DPRK or North Korea) for their alleged involvement in a long-running conspiracy to violate sanctions and commit wire fraud, money laundering, and identity theft by illegally seeking employment in U.S. companies and non-profit organizations. “The conspirators, who…
agentspace, AI, Apps, Enterprise, generative ai, Global IT News, Global Security News, Google, google cloud, Media & Entertainment, notebooklm
Google debuts NotebookLM for enterprises
Google’s bringing its viral NotebookLM app to the enterprise via a new service for Google Cloud customers, Agentspace. © 2024 TechCrunch. All rights reserved. For personal use only.
Global Security News, Hardware, Security
Germany blocks BadBox malware loaded on 30,000 Android devices
Germany’s Federal Office for Information Security (BSI) has disrupted the BadBox malware operation pre-loaded in over 30,000 Android IoT devices sold in the country. […]
Global Security News, Hardware, Security
Germany sinkholes BadBox malware pre-loaded on Android devices
Germany’s Federal Office for Information Security (BSI) has disrupted the BadBox malware operation pre-loaded in over 30,000 Android IoT devices sold in the country. […]
AI, ChatGPT, Enterprise, generative ai, Global IT News, Global Security News, Kubernetes, openai, Outage, postmortem
OpenAI blames its massive ChatGPT outage on a ‘new telemetry service’
OpenAI is blaming one of the longest outages in its history on a “new telemetry service” gone awry. On Wednesday, OpenAI’s AI-powered chatbot platform, ChatGPT; its video generator, Sora; and its developer-facing API experienced major disruptions starting at around 3 p.m. Pacific. OpenAI acknowledged the problem soon after — and began working on a fix.…
Global IT News, Global Security News, Venture
How 21-year-old Koko Xs became the new rising star solo VC
When Koko Xs considered pursuing a career as a VC after he graduated from college last year, he observed a handful of trends that suggested he should do something else. He noticed that it’s hard to land deals and it takes a long time to see returns, given that most VC funds typically take a…
Global Security News
OData Injection Risk in Low-Code/No-Code Environments
As the adoption of LCNC grows, so will the complexity of the threats organizations face.
business, channel, Global IT News, Global Security News, News and Trends, services, US Channel News
WatchGuard CISO on What MSPs Need to Know to Stay Secure in 2025
Security vendor WatchGuard has deep channel connections and years of expertise in network security, endpoint protection, and other specialties. WatchGuard Chief Information Security Officer Corey Nachreiner spoke with Channel Insider to discuss the emerging technology and impending threats MSPs must consider for themselves and their clients as the calendar turns to a new year. Supporting…
Cybersecurity, Global Security News, healthcare it, Healthtech, Ransomware, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Threat Intelligence
Ransomware in the Global Healthcare Industry
Healthcare organizations are increasingly relying on digital systems to facilitate their daily workflow, but the prevalence of outdated legacy technology in the sector is rendering it vulnerable to cyberattacks with severe consequences. The post Ransomware in the Global Healthcare Industry appeared first on Security Boulevard.
Global Security News
US Offers $5M for Info on North Korean IT Worker Fraud
The US Government is offering a $5 million reward for information leading to the disruption of financial mechanisms supporting North Korea following a six-year conspiracy
cybercriminals, Cybersecurity, Data Security, Europe, Fintech, Global Security News, iam, Identity & Access, identity access manager, Security Awareness, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X
Digital Finance: How Do Banks Protect Their Customers’ Money and Data from Cybercriminals?
Cybercriminals are employing increasingly sophisticated methods to access our money and data, making this issue particularly relevant for large European banks, where significant financial assets are concentrated. The post Digital Finance: How Do Banks Protect Their Customers’ Money and Data from Cybercriminals? appeared first on Security Boulevard.
Bluesky, Global IT News, Global Security News, moderation, Social, social media
Bluesky at a crossroads as users petition to ban Jesse Singal over anti-trans views, harassment
Now with 25 million users, Bluesky is facing a test that will determine whether or not its platform will still be seen as a safe space and place of refuge from the toxicity of X. In recent days, a large number of users on Bluesky have been urging the company to ban one newcomer for…
Bluesky, Global IT News, Global Security News, moderation, Social, social media
Bluesky is at a crossroads as users petition to ban newcomer over anti-trans views
Now with 25 million users, Bluesky is facing a test that will determine whether or not its platform will still be seen as a safe space and place of refuge from the toxicity of X. In recent days, a large number of users on Bluesky have been urging the company to ban one newcomer for…
ADR, CISA Vulnrichment, CVE Enrichment, CVSS scores, Cybersecurity Collaboration, cybersecurity funding, Global Security News, NIST CVE Backlog, Runtime Application Security, Security Bloggers Network, Threat Detection and Response, vulnerabilities, Vulnerability Management, zero-day exploits
Cybersecurity Insights with Contrast CISO David Lindner | 12/13/24
Insight No. 1: Stop patching the CVE dumpster fire with Vulnrichment It’s time to integrate the crucial data — Common Vulnerability Scoring System (CVSS) scores and other crucial information — from CISA’s Vulnrichment program directly into the NVD. Centralize, streamline, and then focus on what really matters: runtime analysis of your applications. Insight No. 2: Zero days don’t give…
ADR, CISA Vulnrichment, CVE Enrichment, CVSS scores, Cybersecurity Collaboration, cybersecurity funding, Global Security News, NIST CVE Backlog, Runtime Application Security, Security Bloggers Network, Threat Detection and Response, vulnerabilities, Vulnerability Management, zero-day exploits
Cybersecurity Insights with Contrast CISO David Lindner | 12/13/24
Insight No. 1: Stop patching the CVE dumpster fire with Vulnrichment It’s time to integrate the crucial data — Common Vulnerability Scoring System (CVSS) scores and other crucial information — from CISA’s Vulnrichment program directly into the NVD. Centralize, streamline, and then focus on what really matters: runtime analysis of your applications. Insight No. 2: Zero days don’t give…
ADR, CISA Vulnrichment, CVE Enrichment, CVSS scores, Cybersecurity Collaboration, cybersecurity funding, Global Security News, NIST CVE Backlog, Runtime Application Security, Security Bloggers Network, Threat Detection and Response, vulnerabilities, Vulnerability Management, zero-day exploits
Cybersecurity Insights with Contrast CISO David Lindner | 12/13/24
Insight No. 1: Stop patching the CVE dumpster fire with Vulnrichment It’s time to integrate the crucial data — Common Vulnerability Scoring System (CVSS) scores and other crucial information — from CISA’s Vulnrichment program directly into the NVD. Centralize, streamline, and then focus on what really matters: runtime analysis of your applications. Insight No. 2: Zero days don’t give…
Global Security News
2024 Sees Sharp Increase in Microsoft Tool Exploits
Sophos found observed a significant rise in Microsoft LOLbins abused by attackers in H1 2024 compared to 2023
eu csam microtargeting, eu csam microtargeting epds decision, Europe, Global Security News, Government & Policy, noyb eu csam microtargeting complaint, privacy, Social
Controversial EU ad campaign on X broke bloc’s own privacy rules
The European Union’s executive body is facing an embarrassing privacy scandal after it was confirmed on Friday that a Commission ad campaign on X (formerly Twitter) breached the EU’s own data protection rules. The finding, by the EU’s oversight body the European Data Protection Supervisor (EDPS), relates to a microtargeted ad campaign that the Commission…
accelerators, activate, Climate, Exclusive, Global IT News, Global Security News, Startups, The Engine
Activate and The Engine Accelerator team up to train scientists to become founders
Two prominent programs, Activate and The Engine Accelerator, have decided they can give founders an advantage if they team up. © 2024 TechCrunch. All rights reserved. For personal use only.
Exploits, Global Security News, Security Bloggers Network
API Security is Not a Problem You Can Solve at the Edge
In today’s interconnected digital ecosystems, traditional security mechanisms like Web Application Firewalls (WAFs), API gateways, and Content Delivery Networks (CDNs) act as enforcement points. Think of them as bouncers at the entrance of a high-profile nightclub—they decide who gets in and who doesn’t. However, relying solely on these edge solutions to secure APIs is like…
Exploits, Global Security News, Security Bloggers Network
API Security is Not a Problem You Can Solve at the Edge
In today’s interconnected digital ecosystems, traditional security mechanisms like Web Application Firewalls (WAFs), API gateways, and Content Delivery Networks (CDNs) act as enforcement points. Think of them as bouncers at the entrance of a high-profile nightclub—they decide who gets in and who doesn’t. However, relying solely on these edge solutions to secure APIs is like…
Exploits, Global Security News, Security Bloggers Network
API Security is Not a Problem You Can Solve at the Edge
In today’s interconnected digital ecosystems, traditional security mechanisms like Web Application Firewalls (WAFs), API gateways, and Content Delivery Networks (CDNs) act as enforcement points. Think of them as bouncers at the entrance of a high-profile nightclub—they decide who gets in and who doesn’t. However, relying solely on these edge solutions to secure APIs is like…
Global Security News
Akira and RansomHub Surge as Ransomware Claims Reach All-Time High
Claims on ransomware groups’ data leak sites reached an all-time high in November, with 632 reported victims, according to Corvus Insurance
business, channel, Global IT News, Global Security News, Managed Services, services
How to Create Microsoft Copilot Use Cases for Clients
Organizations of all sizes are continuously looking to AI and machine learning to automate processes and enhance efficiency. The big players in the AI space are creating all-encompassing AI tools to meet the needs of enterprises and create value for their customers. One of those tools is Microsoft’s Copilot solution, which can be used for…