Security Operations Centers (SOCs) today face unprecedented alert volumes and increasingly sophisticated threats. Triaging and investigating these alerts are costly, cumbersome, and increases analyst fatigue, burnout, and attrition. While artificial intelligence has emerged as a go-to solution, the term “AI” often blurs crucial distinctions. Not all AI is built equal, especially in the SOC. Many […]
Category Archives: Uncategorized
The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed a new set of cyber attacks targeting Ukrainian institutions with information-stealing malware. The activity is aimed at military formations, law enforcement agencies, and local self-government bodies, particularly those located near Ukraine’s eastern border, the agency said. The attacks involve distributing phishing emails Go to Source […]
A recently disclosed critical security flaw impacting CrushFTP has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited Vulnerabilities (KEV) catalog after reports emerged of active exploitation in the wild. The vulnerability is a case of authentication bypass that could permit an unauthenticated attacker to take over susceptible instances. […]
Google has shipped patches for 62 vulnerabilities, two of which it said have been exploited in the wild. The two high-severity vulnerabilities are listed below – CVE-2024-53150 (CVSS score: 7.8) – An out-of-bounds flaw in the USB sub-component of Kernel that could result in information disclosure CVE-2024-53197 (CVSS score: 7.8) – A privilege escalation flaw […]
Researchers found the threat actor attempting to use the now-patched flaw to load and execute a malicious dynamic link library on infected systems. Go to Source Author: Jai Vijayan, Contributing Writer
The changes will go into effect over the next several days to reflect which CVEs are being prioritized in the National Vulnerability Database (NVD). Go to Source Author: Kristina Beek, Associate Editor, Dark Reading
The 20-year-old was arrested in January 2024 alongside four other group members who carried out related cybercriminal acts, earning them similar charges. Go to Source Author: Kristina Beek, Associate Editor, Dark Reading
“Xanthorox AI” provides a modular GenAI platform for offensive cyberattacks, which supplies a model-agnostic, one-stop shop for developing a range of cybercriminal operations. Go to Source Author: Elizabeth Montalbano, Contributing Writer
As threats evolve and technology changes, our ability to work together across generations will determine our success. Go to Source Author: Han Cho
Cybersecurity agencies from Australia, Canada, New Zealand, and the United States have published a joint advisory about the risks associated with a technique called fast flux that has been adopted by threat actors to obscure a command-and-control (C2) channel. “‘Fast flux’ is a technique used to obfuscate the locations of malicious servers through rapidly changing […]