Ollama AI Framework Security Breach
In a detailed report released last week, Avi Lumelsky, a researcher from Oligo Security, shed light on six critical vulnerabilities within the Ollama AI framework. These security flaws could be used by attackers to launch various types of malicious activities, such as denial-of-service (DoS)…
0 Comments6 Minutes
Apple Opens Private Cloud Compute for Security Research
In June, Apple unveiled its Private Cloud Compute (PCC), promoting it as the "most advanced security system ever built for cloud AI computing on a large scale." This innovation allows the processing of demanding AI tasks in the cloud while maintaining user privacy. Now, Apple has made the PCC…
0 Comments3 Minutes
Gophish Toolkit Delivers Remote Access Trojans
A new phishing campaign has emerged, primarily targeting Russian-speaking consumers. The attackers are leveraging Gophish, an open-source toolkit, to distribute DarkCrystal RAT (DCRat) and a new remote access trojan called PowerRAT. You might be interested in: 7 Data Breach Disasters – Lessons for…
0 Comments4 Minutes
Chinese Hackers APT41 Attack Gambling Companies
Chinese state-backed hacking group APT41, also known as Brass Typhoon, Earth Baku, Wicked Panda, or Winnti, carried out a sophisticated cyber attack targeting the gambling and gaming sector. According to Ido Naor, co-founder and CEO of Security Joes, the hackers managed to infiltrate a company’s…
0 Comments4 Minutes
North Korean IT Workers Extort Western Firms
North Korean IT Workers, who have been known to secure jobs in Western companies under false identities, are stepping up their tactics. Previously focused on stealing intellectual property, they are now extorting their employers by demanding ransoms to prevent the release of stolen data. This new…
0 Comments5 Minutes
Cicada3301 Ransomware: Inside the Affiliate Scheme
Cybersecurity experts have recently accessed the affiliate panel of Cicada3301, a new ransomware-as-a-service (RaaS) operation. This access has allowed them to gain more information about the platform, which is still in its early development phase. You might be interested in: 7 Data Breach…
0 Comments4 Minutes
Hackers Exploit EDRSilencer to Evade Security
Trend Micro has identified that cyber attackers are attempting to use the open-source tool EDRSilencer in their operations. They're repurposing it to avoid being spotted by security systems. You might be interested in: 7 Data Breach Disasters – Lessons for Cybersecurity Awareness Month What is…
0 Comments3 Minutes
Malware Campaign Deploys DarkVision RAT via PureCrypter
Cybersecurity researchers have recently identified a new malware campaign that is actively spreading a remote access trojan (RAT) known as DarkVision RAT. The malicious actors behind this campaign are utilizing a malware loader called PureCrypter to deliver the RAT to unsuspecting victims. This…
0 Comments9 Minutes
7 Data Breach Disasters – Lessons for Cybersecurity Awareness Month
Celebrating Cybersecurity Awareness Month! Hi everyone, I’m Dan Duran, and since it’s Cybersecurity Awareness Month, I want to shine a light on some of the biggest hacks in history. These stories not only reveal how vulnerable we can be but also teach essential security concepts every developer and…
0 Comments6 Minutes
Fortinet Flaw Triggers CISA Alert, Patches from Cisco, Palo Alto
On Wednesday, the United States Cybersecurity and Infrastructure Security Agency (CISA) flagged a major security vulnerability affecting Fortinet devices by adding it to the Known Exploited Vulnerabilities (KEV) database. This action was taken due to confirmed instances of the vulnerability being…
0 Comments5 Minutes