Infosecurity Magazine

Google Researchers Claim First Vulnerability Found Using AI

Researchers from Google Project Zero and Google DeepMind discovered a vulnerability using a large language model (LLM). The vulnerability was found in SQLite, an open-source database engine, and reported to developers before its official release.

CISA Warns of Critical Software Vulnerabilities in Industrial Devices

The Cybersecurity and Infrastructure Security Agency (CISA) has urged manufacturing companies to apply mitigations after one Rockwell Automation and several Mitsubishi systems were found to be vulnerable to cyber-attacks.

LiteSpeed Cache Plugin Vulnerability Poses Admin Access Risk

A vulnerability in the LiteSpeed Cache plugin for WordPress allows unauthorized users to gain administrator-level access, potentially leading to the installation of malicious plugins.

US and Israel Warn of Iranian Threat Actor’s New Tradecraft

The advisory highlighted new tactics used by Cotton Sandstorm, including new infrastructure tradecraft, harvesting open-source information, and incorporating generative AI in its operations.

Apple Rolls Out Major Security Update to Patch macOS and iOS Flaws

Apple released 90 security patches to address critical vulnerabilities. The update, launched on October 29, covers all Apple operating systems (macOS, iOS, iPadOS, watchOS, tvOS, visionOS) and services like Safari and iTunes.

Chenlun’s Evolving Phishing Tactics Target Trusted Brands

The newest wave of phishing, observed on October 18, 2024, involves messages alarming users about suspicious account activity and directing them to verify accounts through malicious links.

Researchers Discover Over 70 Zero-Day Bugs at Pwn2Own Ireland

A team from Vietnam scooped the top prize at the very first Pwn2Own Ireland event on Friday, with over $1m in awards handed out by Trend Micro’s Zero Day Initiative (ZDI) for dozens of new discoveries.

New Type of Job Scam Targets Financially Vulnerable Populations

These "job scamming" operations prey on job seekers seeking remote work opportunities, offering enticing job opportunities in industries like music streaming and product reviews.

Ukraine Warns of Mass Phishing Campaign Targeting Citizens Data

The attackers, identified as UAC-0218, send phishing links disguised as bills or payment details, which actually contain malware designed to steal data from victims' devices.

MacOS-Focused Ransomware Attempts Leverage LockBit Brand

A cyber threat actor has been using an old LockBit builder to test a ransomware strain, dubbed 'macOS NotLockBit,' targeting Apple's macOS devices, as reported by SentinelLabs and Trend Micro.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags