Microsoft’s March Updates Fix 61 Vulnerabilities, Including Critical Hyper-V Flaws
Mar 13, 2024NewsroomPatch Tuesday / Software Update Microsoft on Tuesday released its monthly security update, addressing 61 different security flaws spanning its software, including two critical issues impacting Windows Hyper-V that could lead to denial-of-service (DoS) and remote code execution. Of the 61 vulnerabilities, two are rated Critical, 58 are rated Important, and one is […]
How to Identify a Cyber Adversary: What to Look For
COMMENTARY Cyber-incident attribution gets a lot of attention, for good reasons. Identifying the actor(s) behind an attack enables taking legal or political action against the adversary and helps cybersecurity researchers recognize and prevent future threats. As I wrote in the first part of this series, attribution is both a technical and analytical process. Therefore, extracting the […]
AT&T says leaked data of 70 million people is not from its systems
AT&T says a massive trove of data impacting 71 million people did not originate from its systems after a hacker leaked it on a cybercrime forum and claimed it was stolen in a 2021 breach of the company. While BleepingComputer has not been able to confirm the legitimacy of all the data in the database, […]
Researchers Highlight Google’s Gemini AI Susceptibility to LLM Threats
Mar 13, 2024NewsroomLarge Language Model / AI Security Google’s Gemini large language model (LLM) is susceptible to security threats that could cause it to divulge system prompts, generate harmful content, and carry out indirect injection attacks. The findings come from HiddenLayer, which said the issues impact consumers using Gemini Advanced with Google Workspace as well […]
Windows SmartScreen Bypass Flaw Exploited to Drop DarkGate RAT
DarkGate malware operators have been exploiting a now-patched Windows SmartScreen bypass flaw through a phishing campaign that distributes fake Microsoft software installers to propagate the malicious code. Trend Micro researchers, among others, discovered a then zero-day Internet Shortcut Files security feature bypass vulnerability tracked as CVE-2024-21412 earlier this year, which Microsoft patched as part of its […]
Microsoft again bothers Chrome users with Bing popup ads in Windows
Microsoft is once again harassing Google Chrome users on Windows 10 and Windows 11 with popup desktop advertisements promoting Bing and its GPT-4 Bing Chat platform. However, due to the quality of the pixelated ads, some who received them were concerned that they were being displayed by malware, even though the embedded links led directly to Microsoft. […]
Join Our Webinar on Protecting Human and Non-Human Identities in SaaS Platforms
Mar 13, 2024The Hacker NewsSaaS Security / Webinar Identities are the latest sweet spot for cybercriminals, now heavily targeting SaaS applications that are especially vulnerable in this attack vector. The use of SaaS applications involves a wide range of identities, including human and non-human, such as service accounts, API keys, and OAuth authorizations. Consequently, any […]