Hackers try to exploit WordPress plugin vulnerability that’s as severe as it gets
WP Automatic plugin patched, but release notes don't mention the critical fix.
26-04-2024 19:07
APIContext’s Global Cloud API Performance Report Show A Decline In Cloud API Availability
APIContext has unveiled its 2024 Cloud Service Provider API Report, offering an in-depth examination of the performance of leading cloud service providers in the essential API domain. This annual global analysis scrutinised data stemming from 650 million
26-04-2024 12:54
Cato Networks to Showcase New Security Evasion Tactics at RSA Conference 2024
Cato Networks, the SASE leader, today announced that Cato CTRL, the SASE leader’s cyber threat intelligence (CTI) research team, will demonstrate threat actors’ latest tactics designed to capitalise on organisations’ complex security architectures during
26-04-2024 10:36
Apple releases eight small AI language models aimed at on-device use
OpenELM mirrors efforts by Microsoft to make useful small AI language models that run locally.
25-04-2024 20:55
Millions of IPs remain infected by USB worm years after its creators left it for dead
Ability of PlugX worm to live on presents a vexing dilemma: Delete it or leave it be.
25-04-2024 18:49
School athletic director arrested for framing principal using AI voice synthesis
Police uncover plot to defame principal with AI-generated racist and antisemitic comments.
25-04-2024 15:30
Salt Security Enhances API Security Platform with OAuth Protection Package
Salt Security have announced the release of its new multi-layered OAuth protection package to detect attempts to exploit OAuth and proactively fix vulnerabilities. Salt is enhancing its API protection platform with a comprehensive suite of new OAuth thre
25-04-2024 15:27
Female Tech Duo take Flight to Dubai to Launch the future of Cyber Leadership
Two formidable female tech leaders have joined forces to launch an innovative new leadership development and mentoring platform for the cyber community – Leading Cyber. Danielle Phillips, Founder and Managing Director of Durham based Inside Out, a
25-04-2024 13:29
Interview: Cydea’s Risk Management Platform, Understanding Not Eliminating Risk
Last week, the IT Security Guru team attended Cydea’s Risk Management Platform launch in London. After the event, Robin Oldham, CEO and Founder of Cydea, sat down with the Gurus to answer some questions about risk management and why it’s crit
25-04-2024 13:16
AI-driven cyber attacks to be the norm within a year, say security leaders
Netacea, the bot detection and response specialist, today announced new research into the threat of AI-driven cyberattacks. It finds that most businesses see “offensive AI” fast becoming a standard tool for cybercriminals, with 93% of security leaders ex
25-04-2024 11:58
Coalition Finds More Than Half of Cyber Insurance Claims Originate in the Email Inbox
Coalition, the world’s first Active Insurance provider designed to prevent digital risk before it strikes, today published its 2024 Cyber Claims Report, which details emerging cyber trends and their impact on Coalition policyholders throughout 2023
25-04-2024 11:48
Nation-state hackers exploit Cisco firewall 0-days to backdoor government networks
Perimeter devices ought to prevent network hacks. Why are so many devices allowing attacks?
24-04-2024 20:55
Deepfakes in the courtroom: US judicial panel debates new AI evidence rules
Panel of eight judges confronts deep-faking AI tech that may undermine legal trials.
24-04-2024 20:14
Expert Insight: ‘Minding the Gap’: How can we work to make cyber accessible for women?
According to the Department for Science, Innovation and Technology (DSIT), only 17% of the UK cyber sector workforce is female, and this is down from 22% in 2022. To make matters worse, we’re fighting a losing battle against an ever-increasing cyber skil
24-04-2024 15:10
KnowBe4 acquires UK’s Egress to create advanced AI-driven platform to manage human risk
KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, today announced it has entered into a definitive agreement to acquire Egress, a leader in adaptive and integrated cloud email security. Egress’ Inte
24-04-2024 12:36
Google’s Core Update is ‘Biggest’ Algorithm Update in History
Search giant Google is currently undergoing one of its biggest algorithm updates in its history, sources are told. The online search platform which manages more than 8 billion searches per day is doing a significant update to its internal systems which w
24-04-2024 09:28
Hackers infect users of antivirus service that delivered updates over HTTP
eScan AV updates were delivered over HTTP for five years.
23-04-2024 21:03
Microsoft’s Phi-3 shows the surprising power of small, locally run AI language models
Microsoft’s 3.8B parameter Phi-3 may rival GPT-3.5, signaling a new era of “small language models."
23-04-2024 20:47
Expert Insight: Outdated Recruitment Methods Are Impeding The Global Cyber Army
Cybersecurity is ‘inclusive’ by nature: no one is exempt from the fallout of the expanding cyber threat landscape. The notion, therefore, that some groups of individuals are offered fewer opportunities to join the cyber industry than others is frankly ab
23-04-2024 15:09
Mandiant’s M-Trends Report Reveals New Insights from Frontline Cyber Investigations
Mandiant, part of Google Cloud, today released the findings of its M-Trends 2024 report. Now in its 15th year, this annual report provides expert trend analysis based on Mandiant frontline cyber attack investigations and remediations conducted in 2023. T
23-04-2024 13:59
Windows vulnerability reported by the NSA exploited to install Russian malware
Microsoft didn't disclose the in-the-wild exploits by Kremlin-backed group until now.
22-04-2024 20:36
#MIWIC2024: Melissa Chambers, CEO and Co-Founder of Sitehop
Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2024’s Top 20 women selected by an esteemed p
22-04-2024 16:00
ACDS Launches Revolutionary OBSERVATORY Solution: Redefining Attack Surface Management
Advanced Cyber Defence Systems (ACDS) has unveiled its groundbreaking Attack Surface Management (ASM) solution: OBSERVATORY. Engineered with a comprehensive three-pronged approach—Discovery, Validation, and Insight—OBSERVATORY offers an unparalleled leve
22-04-2024 10:04
Microsoft’s VASA-1 can deepfake a person with one photo and one audio track
YouTube videos of 6K celebrities helped train AI model to animate photos in real time.
19-04-2024 13:07
UK’s Cydea introduces new way to quantify risk management
Cydea, the cyber risk management provider, has announced the Cydea Risk Platform, set to quantify threats in financial terms to businesses, allowing them to visualise the consequences of different business security-related scenarios. By giving a monetary
19-04-2024 10:50
LLMs keep leaping with Llama 3, Meta’s newest open-weights AI model
Zuckerberg says new AI model "was still learning" when Meta stopped training.
18-04-2024 21:04
LastPass users targeted in phishing attacks good enough to trick even the savvy
Campaign used email, SMS, and voice calls to trick targets into divulging master passwords.
18-04-2024 18:42
Report Reveals Healthcare Industry is Disillusioned in its Preparedness for Cyberattacks
Kroll, the leading independent provider of global risk and financial advisory solutions, has released the State of Cyber Defense: Diagnosing Cyber Threats in Healthcare report, exposing the healthcare industry’s disillusionment in terms of its cyber matu
18-04-2024 13:04
Goldilock Partners with organisation behind NATO’s largest cyber defence exercise
Goldilock, the British cybersecurity startup behind a unique physical network isolation solution, has partnered with CR14, a cyber defence organisation established by the Estonian ministry of defence and host of NATO’s operative Cyber Defence Centre of E
18-04-2024 12:54
Police apprehend global cyber gang implicated in large-scale fraud
The Met Police, a long with a host of other global law enforcement agencies, have dismantled a criminal gang that used a technology service to facilitate fraudulent text messages, leading to theft from victims. The scam primarily targeted younger individ
18-04-2024 12:19
OpenAI winds down AI image generator that blew minds and forged friendships in 2022
How a group of friends found themselves at the center of a fierce debate about the future of art.
18-04-2024 11:00
Kremlin-backed actors spread disinformation ahead of US elections
To a lesser extent, China and Iran also peddle disinfo in hopes of influencing voters.
17-04-2024 21:55
Broadcom says “many” VMware perpetual licenses got support extensions
Broadcom reportedly accused of changing VMware licensing and support conditions.
17-04-2024 16:44
Keeper Security Offers Built-In Passphrase Generator to Strengthen Security
Today Keeper Security have announced the addition of a passphrase generator to Keeper Web Vault, with support on mobile and for the browser extension coming soon. The release also includes an update to the existing password generator which provides users
17-04-2024 14:58
Human Risk: An Organisation’s Biggest Problem and Greatest Opportunity
Organisations often lean on the ‘People, Process, and Technology’ (PPT) framework as a way of demarcating value streams and driving action. When managed well, the triad works in unison to ensure a comprehensive and layered approach to defence. But what h
17-04-2024 14:18
Flyfish Review – How Reliable are this Company’s Payroll Management Solutions?
Running a business in today’s competitive landscape can be tough, especially if you want to expand internationally. Doing it alone can be overwhelming, which is why companies like Flyfish can be invaluable. They specialize in corporate payroll solu
17-04-2024 10:36
Linus Torvalds reiterates his tabs-versus-spaces stance with a kernel trap
One does not simply suggest changing a kernel line to help out a parsing tool.
16-04-2024 21:51
Attackers are pummeling networks around the world with millions of login attempts
Attacks coming from nearly 4,000 IP addresses take aim at VPNs, SSH and web apps.
16-04-2024 21:31
New UK law targets “despicable individuals” who create AI sex deepfakes
Under new law, those who create the images would face a fine and possible jail time.
16-04-2024 14:51
Why the US government’s overreliance on Microsoft is a big problem
Microsoft continues to get a free pass after series of cybersecurity failures.
16-04-2024 13:55
Pentest People Becomes the First Leeds-based Cybersecurity Company to Achieve NCSC’s Cyber Advisor (Cyber Essentials) Accreditation
Pentest People, the Penetration Testing as a Service (PTaaS®) and cybersecurity experts, today announces it is the first Leeds-based cybersecurity company to become a qualified and approved Cyber Advisor (Cyber Essentials) on the NCSC’s Cyber Advisor sch
16-04-2024 13:15
Alleged cryptojacking scheme consumed $3.5M of stolen computing to make just $1M
Indictment says man tricked cloud providers into giving him services he never paid for.
15-04-2024 19:46
#MIWIC24 Cyber Marketeer of the Year: Laura Reilly
Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on this year’s winner of the Paula Brici Cyber Ma
15-04-2024 13:02
Framework’s software and firmware have been a mess, but it’s working on them
New features, security updates, and Linux support are all on a long to-do list.
15-04-2024 11:00
Change Healthcare faces another ransomware threat—and it looks credible
Hackers already received a $22 million payment. Now a second group demands money.
13-04-2024 18:25
“Highly capable” hackers root corporate networks by exploiting firewall 0-day
No patch yet for unauthenticated code-execution bug in Palo Alto Networks firewall.
12-04-2024 20:48
Words are flowing out like endless rain: Recapping a busy week of LLM news
Gemini 1.5 Pro launch, new version of GPT-4 Turbo, new Mistral model, and more.
12-04-2024 20:31
The Zensory Partners with UK Cyber Week to Showcase Importance of Inclusivity With ‘The Inclusive Cyber Space’
Popular wellbeing and productivity platform The Zensory have partnered with renowned speaker Holly Foxcroft, Head of Neurodiversity in Cyber Research and Consulting at Stott and May, and NeuroCyber, the organisation dedicated to growing neurodiversity in
12-04-2024 14:01
Intel’s “Gaudi 3” AI accelerator chip may give Nvidia’s H100 a run for its money
Intel claims 50% more speed when running AI language models vs. the market leader.
11-04-2024 20:56
Hackable Intel and Lenovo hardware that went undetected for 5 years won’t ever be fixed
Multiple links in the supply chain failed for years to identify an unfixed vulnerability.
11-04-2024 18:53
Unveiling the Cyber Well-Being Conundrum: Navigating Burnout’s Impact on Charity and SME Cybersecurity
As we delve deeper as an industry into the intersection of emotional well-being and cybersecurity, it has become more evident than ever before that workplace culture profoundly impacts cyber risk. It is critical we all recognise industry-specific challen
11-04-2024 08:32
AT&T: Data breach affects 73 million or 51 million customers. No, we won’t explain.
When the data was published in 2021, the company said it didn't belong to its customers.
10-04-2024 22:28
New AI music generator Udio synthesizes realistic music on demand
But it still needs trial and error to generate high-quality results.
10-04-2024 21:47
A Quarter of UK Business Are Not Using AI to Bolster Cybersecurity
New research by Hornetsecurity highlights the AI cybersecurity gap affecting UK businesses. Although nearly half (45%) of companies have fallen victim to cyberattacks, 26% are still not using AI to enhance their cybersecurity defences. The survey, which
10-04-2024 12:44
Hack The Box redefines cybersecurity performance, setting new standards in the cyber readiness of organizations
Companies can level up their cybersecurity defenses – eliminating the skills and knowledge gaps that criminals regularly exploit thanks to Hack The Box’s Cyber Performance Center. Hack The Box’s Cyber Performance Center unites individual ability, b
10-04-2024 12:25
Thousands of LG TVs are vulnerable to takeover—here’s how to ensure yours isn’t one
LG patches four vulnerabilities that allow malicious hackers to commandeer TVs.
09-04-2024 19:12
Elon Musk: AI will be smarter than any human around the end of next year
While Musk says superintelligence is coming soon, one critic says prediction is "batsh*t crazy."
09-04-2024 17:25
#MIWIC2024: Illyana Mullins, Founder of WiTCH (Women in Tech and Cyber Hub CIC)
Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2024’s Top 20 women selected by an esteemed p
09-04-2024 13:25
Synopsys Introduces Latest Solution for Comprehensive Security Across Software Supply Chains
Synopsys has introduced Black Duck® Supply Chain Edition, a novel software composition analysis (SCA) solution. This offering aids organisations in mitigating upstream risks within their software supply chains. Black Duck® Supply Chain Edition amalgamate
09-04-2024 12:52
Keeper Security Tightens Access Control with New Features
Today, Keeper Security have announced the introduction of Time-Limited Access and Self-Destructing Records, boosting secure access management for businesses. These features address the growing need for robust data protection in today’s fast-paced e
09-04-2024 12:43
Using emerging technology to bridge the cyber skills gap
While the UK’s cyber security skills gap is no secret, it seems there has been little progress made in solving it. The 2023 government report on cyber security skills in the UK labour market found that half of all businesses have a basic cyber security s
09-04-2024 11:48
Expert Insight: Growing Your Mindset
The ethos of continuous learning and adaptability has played a major role in my tech industry experience. I’ve come to recognize the importance of adopting a growth mindset and embracing challenges as avenues for growth. I’ve always been curious, t
09-04-2024 11:46
MIT License text becomes viral “sad girl” piano ballad generated by AI
"Permission is hereby granted" comes from Suno AI engine that creates new songs on demand.
08-04-2024 22:46
Critical takeover vulnerabilities in 92,000 D-Link devices under active exploitation
D-Link won't be patching vulnerable NAS devices because they're no longer supported.
08-04-2024 18:56
#MIWIC2024: Jennifer Fernick, Senior Staff Security Engineer, Encryption Lead, Google
Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2024’s Top 20 women selected by an esteemed p
08-04-2024 16:07
4 lessons industrial companies can draw from the British Library cyberattack
While cyberattacks occur daily, few garner as much attention and media coverage as the attack that struck the British Library in October 2023. The attack, which paralysed the Library’s online systems for months and caused an estimated cost of £7 million,
08-04-2024 14:20
What Lies Ahead for Cybersecurity in the Era of Generative AI?
Generative AI (GenAI) is a top player changing the internet’s landscape. Infiltrating various markets, it presents new and enhanced risks to this landscape. At the same time, the possibilities enamor many people. However, that doesn’t mean just as many
05-04-2024 19:39
German state gov. ditching Windows for Linux, 30K workers migrating
Schleswig-Holstein looks to succeed where Munich failed.
05-04-2024 19:03
Ivanti CEO pledges to “fundamentally transform” its hard-hit security model
Part of the reset involves AI-powered documentation search and call routing.
05-04-2024 17:05
#MIWIC2024: Nikki Webb, Global Channel Manager at Custodian360
Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2024’s Top 20 women selected by an esteemed p
05-04-2024 14:00
Fake AI law firms are sending fake DMCA threats to generate fake SEO gains
How one journalist found himself targeted by generative AI over a keyfob photo.
04-04-2024 18:50
Expert Insight: Breaking the glass firewall: Building a cybersecurity sisterhood
It’s no secret that the gender gap in cybersecurity is a worldwide issue, with women currently representing only 24% of the global cybersecurity workforce. This gender disparity can be coined as a ‘glass firewall’ – cybersecurity’s version of
04-04-2024 09:29
#MIWIC2024: Stephanie Luangraj, CEO and Founder of WomenWhoSecure
Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2024’s Top 20 women selected by an esteemed p
04-04-2024 09:15
AI hype invades Taco Bell and Pizza Hut
Everything is suddenly "AI" in corporate food marketing, and we may have hit peak buzz.
03-04-2024 18:59
Microsoft blamed for “a cascade of security failures” in Exchange breach report
Summer 2023 intrusion pinned to corporate culture, "avoidable errors."
03-04-2024 18:51
#MIWIC2024: Hazel McPherson, CISO at ALD Automotive
Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2024’s Top 20 women selected by an esteemed p
03-04-2024 16:26
TSMC “still assessing” chipmaking facilities after 7.4-magnitude quake hits Taiwan
TSMC makes most high-end chips for Apple, Nvidia, AMD, and others.
03-04-2024 16:06
IoT Botnets and Infostealers Frequently Target Retail Sector
New research by Netskope Threat Labs has revealed that IoT botnets, remote access tools and infostealers were the key malware families deployed by attackers targeting the retail sector in the past year. The findings were revealed in a new report on the r
03-04-2024 15:54
Why your data isn’t as safe as you think and what it could cost you
We’ve all been guilty of not backing up important files, only learning our lesson after losing family photos, documents or homework. But for businesses, not backing up data can be a costly mistake. To mark this year’s World Cloud Security Day, Alan Steph
03-04-2024 14:32
Salt Security Launches AI-Powered Assistant Pepper
Today, API security company Salt Security have announced the release of Pepper, an in-product assistant and, notably, an AI-powered knowledge-based assistant. Salt is embracing the value of artificial intelligence (AI) with this capability, making it eas
03-04-2024 13:48
The fine art of human prompt engineering: How to talk to a person like ChatGPT
People are more like AI language models than you might think. Here are some prompting tips.
03-04-2024 11:30
Missouri county declares state of emergency amid suspected ransomware attack
Outage occurs on same day as special election, but elections offices remain open.
02-04-2024 23:59
Billie Eilish, Pearl Jam, 200 artists say AI poses existential threat to their livelihoods
Artists say AI will "set in motion a race to the bottom that will degrade the value of our work."
02-04-2024 20:14
Broadcom execs say VMware price, subscription complaints are unwarranted
Industry groups aren't giving up hope for government intervention.
02-04-2024 19:19
Cato Shatters SASE Speed Record
Ahead of the 2024 Tokyo E-Prix, the team at Cato Networks have announced a new SASE throughput record of 10 Gbps without hardware upgrades. The record was achieved at the Porsche Studio Ginza. At 10 Gbps, Cato became the first SASE platform to compete no
02-04-2024 10:56
#MIWIC2024: Dr. Iretioluwa Akerele, Co-Founder of Cyblack
Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2024’s Top 20 women selected by an esteemed p
02-04-2024 10:38
Expert Insight: Why do women feel cybersecurity isn’t for them?
Women represent only 30% of the global cybersecurity workforce, reflecting a slow growth rate and pervasive social inequalities. As we witness a concerning increase in cyber harm and a widening skills gap within the industry, it becomes imperative to eng
02-04-2024 10:21
Keeper Security Announces Passkey Support on Mobile Devices
Today, password management leaders Keeper Security have announced support for passkey management on iOS and Android mobile devices. With Keeper, passkeys are created, stored and managed in the Keeper Vault, and can be used to log in to websites and appli
02-04-2024 10:07
OpenAI drops login requirements for ChatGPT’s free version
As competition heats up, free version of ChatGPT still falls far short of paid version in capability.
01-04-2024 22:31
Microsoft splits up the Teams and Office apps worldwide, following EU split
Changes may save a bit of money for people who want Office apps without Teams.
01-04-2024 20:12
Redis’ license change and forking are a mess that everybody can feel bad about
Cloud firms want a version of Redis that's still open to managed service resale.
01-04-2024 17:47
What we know about the xz Utils backdoor that almost infected the world
Malicious updates made to a ubiquitous tool were a few weeks away from going mainstream.
01-04-2024 06:55
Playboy image from 1972 gets ban from IEEE computer journals
Use of "Lenna" image in computer image processing research stretches back to the 1970s.
29-03-2024 21:16
Backdoor found in widely used Linux utility targets encrypted SSH connections
Malicious code planted in xz Utils has been circulating for more than a month.
29-03-2024 18:50
Backdoor found in widely used Linux utility breaks encrypted SSH connections
Malicious code planted in xz Utils has been circulating for more than a month.
29-03-2024 18:50
OpenAI holds back wide release of voice-cloning tech due to misuse concerns
Voice Engine can clone voices with 15 seconds of audio, but OpenAI is warning of potential harms.
29-03-2024 17:13
PyPI halted new users and projects while it fended off supply-chain attack
Automation is making attacks on open source code repositories harder to fight.
28-03-2024 18:50
Ubuntu will manually review Snap Store after crypto wallet scams
Former Canonical employee calls out the "Safe" label applied to Snap apps.
28-03-2024 18:23
Proxmox gives VMware ESXi users a place to go after Broadcom kills free version
New import wizard makes the switch from ESXi to Proxmox a bit more graceful.
28-03-2024 17:15
Coro Secures $100 Million Funding Round
Coro, the leading cybersecurity platform purpose-built for small and medium-sized enterprises (SMEs), today announced it has secured $100 million in Series D funding led by One Peak, with participation from existing investors Energy Impact Partners and B
28-03-2024 12:18
source : arstechnica, darkreading, itsecurityguru