[ad_1] Over 57 distinct threat actors with ties to China, Iran, North Korea, and Russia have been observed using artificial intelligence (AI) technology powered by Google to further enable their malicious cyber and information operations. “Threat actors are experimenting with Gemini to enable their operations, finding productivity gains but not yet developing novel capabilities,” Google…
[ad_1] Jan 30, 2025Ravie LakshmananVulnerability / Cloud Security Cybersecurity researchers have disclosed a critical security flaw in the Lightning AI Studio development platform that, if successfully exploited, could allow for remote code execution. The vulnerability, rated a CVSS score of 9.4, enables “attackers to potentially execute arbitrary commands with root privileges” by exploiting a hidden…
[ad_1] Jan 30, 2025Ravie LakshmananOnline Fraud / Cybercrime An international law enforcement operation has dismantled the domains associated with various online platforms linked to cybercrime such as Cracked, Nulled, Sellix, and StarkRDP. The effort has targeted the following domains – www.cracked.io www.nulled.to www.mysellix.io www.sellix.io www.starkrdp.io Visitors to these websites are now greeted by a seizure…
[ad_1] The job of a SOC analyst has never been easy. Faced with an overwhelming flood of daily alerts, analysts (and sometimes IT teams who are doubling as SecOps) must try and triage thousands of security alerts—often false positives—just to identify a handful of real threats. This relentless, 24/7 work leads to alert fatigue, desensitization,…
[ad_1] Jan 30, 2025Ravie LakshmananVulnerability / IoT Security A Mirai botnet variant dubbed Aquabot has been observed actively attempting to exploit a medium-severity security flaw impacting Mitel phones in order to ensnare them into a network capable of mounting distributed denial-of-service (DDoS) attacks. The vulnerability in question is CVE-2024-41710 (CVSS score: 6.8), a case of…
[ad_1] Jan 30, 2025Ravie LakshmananWeb Security / Vulnerability Three security flaws have been disclosed in the open-source PHP package Voyager that could be exploited by an attacker to achieve one-click remote code execution on affected instances. “When an authenticated Voyager user clicks on a malicious link, attackers can execute arbitrary code on the server,” Sonar…
[ad_1] Jan 29, 2025Ravie LakshmananThreat Intelligence / Malware The North Korean threat actor known as the Lazarus Group has been observed leveraging a “web-based administrative platform” to oversee its command-and-control (C2) infrastructure, giving the adversary the ability to centrally supervise all aspects of their campaigns. “Each C2 server hosted a web-based administrative platform, built with…
[ad_1] Jan 29, 2025Ravie LakshmananVulnerability / Threat Intelligence A critical security flaw has been disclosed in the Cacti open-source network monitoring and fault management framework that could allow an authenticated attacker to achieve remote code execution on susceptible instances. The flaw, tracked as CVE-2025-22604, carries a CVSS score of 9.1 out of a maximum of…
[ad_1] A team of security researchers from Georgia Institute of Technology and Ruhr University Bochum has demonstrated two new side-channel attacks targeting Apple silicon that could be exploited to leak sensitive information from web browsers like Safari and Google Chrome. The attacks have been codenamed Data Speculation Attacks via Load Address Prediction on Apple Silicon…
[ad_1] Jan 29, 2025The Hacker NewsThreat Detection / Artificial Intelligence Curious about the buzz around AI in cybersecurity? Wonder if it’s just a shiny new toy in the tech world or a serious game changer? Let’s unpack this together in a not-to-be-missed webinar that goes beyond the hype to explore the real impact of AI…
