AI/MLGoogle’s AI-powered fuzzing tool discovers 26 new vulnerabilitiesLaura FrenchNovember 21, 2024LLM capabilities boosted OSS-Fuzz’s coverage and helped find a 20-year-old flaw in OpenSSL.
Network SecurityNorth Korean IT worker scam linked to Chinese front companiesSteve ZurierNovember 21, 2024SentinelLabs reveals information on four previously unreported Chinese front companies taken down by the U.S. government Oct. 10.
Vulnerability ManagementUbuntu affected by 10-year-old flaws in needrestart packageLaura FrenchNovember 20, 2024The five vulnerabilities could lead to local privilege escalation without user interaction.
RansomwareRussian women stepping up for cybercrime outfitsShaun NicholsNovember 20, 2024Women are increasingly taking on top roles within Russian-speaking threat actor groups.
Data SecurityFBI and CISA warn of continued cyberattacks on US telecomsSteve ZurierNovember 20, 2024China’s campaign against U.S. telecoms has been ongoing for years.
IdentitySemperis HIP conference tries to diagnose healthcare cybersecurityPaul WagenseilNovember 19, 2024Identity protection in healthcare was a dominant theme at last week’s Semperis HIP conference, with many participants offering guidance on how to improve medical cybersecurity.
Critical Infrastructure SecurityCISA Dir. Jen Easterly to step down Jan. 20: Security community reactsLaura FrenchNovember 19, 2024Easterly has led the agency since July 2021 and was instrumental in driving the Secure by Design initiative.
RansomwareHelldown ransomware evolves to target VMware systems via LinuxSteve ZurierNovember 19, 2024Security pros say Helldown aims for maximum impact by targeting VMware systems.
Cybersecurity daily newsRed red team team: Threat actors hire pentesters to test out ransomware effectivenessShaun NicholsNovember 19, 2024Threat actors are hiring freelance pentesters to improve the effectiveness of their ransomware attacks
RansomwareUpstart SafePay ransomware group uses LockBit builder, claims 22 victimsLaura FrenchNovember 18, 2024Huntress researchers describe two SafePay ransomware incidents resulting in file encryption and exfiltration.