NEWS

AI/ML

Fake ChatGPT, Claude PyPI packages spread JarkaStealer malware

Laura FrenchNovember 22, 2024

The packages were installed more than 1,700 times each prior to their removal from the repository.

2K Palo Alto un-pachted firewalls hacked despite warnings

Patch/Configuration Management

2K Palo Alto un-patched firewalls hacked despite warnings

Steve ZurierNovember 22, 2024

Shadowserver reports 2,000 firewalls were hacked just two days after CISA put the two PAN-OS bugs on the KEV catalog.

AI/ML

Google’s AI-powered fuzzing tool discovers 26 new vulnerabilities

Laura FrenchNovember 21, 2024

LLM capabilities boosted OSS-Fuzz’s coverage and helped find a 20-year-old flaw in OpenSSL.

Double exposure of hacker working with laptop and flag of North Korea. Threat of cyber attack

Network Security

North Korean IT worker scam linked to Chinese front companies

Steve ZurierNovember 21, 2024

SentinelLabs reveals information on four previously unreported Chinese front companies taken down by the U.S. government Oct. 10.

Vulnerability Management

Ubuntu affected by 10-year-old flaws in needrestart package

Laura FrenchNovember 20, 2024

The five vulnerabilities could lead to local privilege escalation without user interaction.

Close up of female hands typing on laptop keyboard, working at home, sunset in background

Ransomware

Russian women stepping up for cybercrime outfits

Shaun NicholsNovember 20, 2024

Women are increasingly taking on top roles within Russian-speaking threat actor groups.

Cyber war attack on world globe, global computing security, protection from hacking

Data Security

FBI and CISA warn of continued cyberattacks on US telecoms

Steve ZurierNovember 20, 2024

China’s campaign against U.S. telecoms has been ongoing for years.

An "Emergency" Sign in front of a hospital in the early evening

Identity

Semperis HIP conference tries to diagnose healthcare cybersecurity

Paul WagenseilNovember 19, 2024

Identity protection in healthcare was a dominant theme at last week’s Semperis HIP conference, with many participants offering guidance on how to improve medical cybersecurity.

Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, participates in a Women’s History Month discussion on March 22, 2022, in Washington. (Benjamin Applebaum/DHS)

Critical Infrastructure Security

CISA Dir. Jen Easterly to step down Jan. 20: Security community reacts

Laura FrenchNovember 19, 2024

Easterly has led the agency since July 2021 and was instrumental in driving the Secure by Design initiative.

Ransomware

Helldown ransomware evolves to target VMware systems via Linux

Steve ZurierNovember 19, 2024

Security pros say Helldown aims for maximum impact by targeting VMware systems.

NEWS

Fake ChatGPT, Claude PyPI packages spread JarkaStealer malware

2K Palo Alto un-patched firewalls hacked despite warnings

Google’s AI-powered fuzzing tool discovers 26 new vulnerabilities

North Korean IT worker scam linked to Chinese front companies

Ubuntu affected by 10-year-old flaws in needrestart package

Russian women stepping up for cybercrime outfits

FBI and CISA warn of continued cyberattacks on US telecoms

Semperis HIP conference tries to diagnose healthcare cybersecurity

CISA Dir. Jen Easterly to step down Jan. 20: Security community reacts

Helldown ransomware evolves to target VMware systems via Linux

Upcoming Webcasts

How Will NIST Standardized PQCs Impact Your Environment? Know Before You Go

Rooting Out Overlooked Risks in the Data and AI Supply Chain: Introducing a New Approach

Don’t Let Your Cloud Security Blind Spot Expose You to Disaster

Break Free from Legacy VDI: Elevate Security and Performance with Menlo Security & Google Cloud

From Zero-Day to 360-Degree Protection: How to Accelerate Attack Response for Stronger Third-Party Risk Management

Perspectives

Five ways to manage NHIs

Here’s what to know about Google Cloud mandating MFA by end of 2025

How to incentivize – not just mandate – MFA

Cybersecurity News Articles | SC Media

NEWS

Fake ChatGPT, Claude PyPI packages spread JarkaStealer malware

2K Palo Alto un-patched firewalls hacked despite warnings

Google’s AI-powered fuzzing tool discovers 26 new vulnerabilities

North Korean IT worker scam linked to Chinese front companies

Ubuntu affected by 10-year-old flaws in needrestart package

Russian women stepping up for cybercrime outfits

FBI and CISA warn of continued cyberattacks on US telecoms

Semperis HIP conference tries to diagnose healthcare cybersecurity

CISA Dir. Jen Easterly to step down Jan. 20: Security community reacts

Helldown ransomware evolves to target VMware systems via Linux

Upcoming Webcasts

How Will NIST Standardized PQCs Impact Your Environment? Know Before You Go

Rooting Out Overlooked Risks in the Data and AI Supply Chain: Introducing a New Approach

Don’t Let Your Cloud Security Blind Spot Expose You to Disaster

Break Free from Legacy VDI: Elevate Security and Performance with Menlo Security & Google Cloud

From Zero-Day to 360-Degree Protection: How to Accelerate Attack Response for Stronger Third-Party Risk Management

Perspectives

Five ways to manage NHIs

Here’s what to know about Google Cloud mandating MFA by end of 2025

How to incentivize – not just mandate – MFA