AI/MLNew LLM jailbreak uses models’ evaluation skills against themLaura FrenchJanuary 3, 2025The “Bad Likert Judge” method asks the LLM to evaluate a prompt’s harmfulness, then provide a harmful example.
IdentityMicrosoft pushes identity management feature for Azure via EntraShaun NicholsJanuary 3, 2025The Federated Identity Credentials system is designed to minimize the number of times a user will have to hand over their secure credential information.
MalwareFireScam malware poses as Telegram app to steal sensitive Android dataSteve ZurierJanuary 3, 2025While the app gets distributed via a GitHub phishing site, all Android users worldwide are at risk.
Application securityApple to settle claims Siri collected user data without permissionShaun NicholsJanuary 2, 2025Tech giant will be paying out a $95 million settlement over claims it exposed user data.
AI/MLGenAI cybersecurity ROI outlook shared by business leadersLaura FrenchJanuary 2, 2025Surveyed COOs reported savings of up to 7.7% of annual revenue due to GenAI use.
DevOpsNPM package poses as legit Ethereum smart contract, injects Quasar RATSteve ZurierJanuary 2, 2025Quasar RAT has circulated in cybercrime and APT campaigns since July 2014.
IdentityUS Treasury hacked by state-sponsored Chinese APT groupSteve ZurierDecember 31, 2024Government says hackers compromised a BeyondTrust API key to then access Treasury workstations and steal unclassified documents.
IdentityChrome extensions compromised in Christmas Day supply chain attackSteve ZurierDecember 30, 2024Stolen Cyberhaven employee credentials used to steal access tokens and business data from users of Facebook ads.
Network SecurityPalo Alto Networks patches DoS bug in PAN-OS softwareSteve ZurierDecember 27, 2024DoS flaw actively exploited in production. Security pros warn teams to patch right away.
Governance, Risk and ComplianceData disclosures shaped compliance landscape in 2024Shaun NicholsDecember 26, 2024Organizations faced a number of changes to reach and maintain government compliance in 2024.
