Serious Adversaries Circle Ivanti CSA Zero-Day Flaws
Suspected nation-state actors are spotted stringing together three different zero-days in the Ivanti Cloud Services Application to gain persistent access…
AI Hype Drives Demand For ML SecOps Skills
Companies are putting "AI" in just about all of their products, which opens up new security holes. LLM SecOps and…
SOC Teams: Threat Detection Tools Are Stifling Us
Threat detection tools yield too many false positives, security pros say, leading to burnout and resentment.
Critical Mozilla Firefox Zero-Day Allows Code Execution
The bug is already being exploited in the wild, but Firefox has provided patches for those who may be vulnerable.
AI-Powered Cybercrime Cartels on the Rise in Asia
All across the Asia-Pacific region, large and diverse marketplaces for AI cybercrime tools have developed, with deepfakes proving most popular.
GorillaBot Goes Ape With 300K Cyberattacks Worldwide
Among those affected by all this monkeying around with DDoS in September were some 4,000 organizations in the US.
MITRE Launches AI Incident Sharing Initiative
The collaboration with industry partners will improve collective AI defenses. Trusted contributors receive protected and anonymized data on real-world AI…
iPhone ‘VoiceOver’ Feature Could Read Passwords Aloud
CVE-2024-44204 is one of two new Apple iOS security vulnerabilities that showcase an unexpected coming together of privacy snafus and…
Insider Threat Damage Balloons as Visibility Gaps Widen
A growing number of organizations are taking longer to get back on their feet after an attack, and they're paying…
Microsoft, DOJ Dismantle Russian Hacker Group Star Blizzard
The successful disruption of notorious Russian hacker group Star Blizzard's operations arrives one month out from the US presidential election…