Security Bulletin

Attacks by Chinese hackers have been targeted at Canada's critical infrastructure, with intrusions against U.S. critical infrastructure remaining a significant concern due to "cross-border interoperability and interdependence."

Application security teams from Fortune 500 companies are already using Noma's life cycle platform, which offers organizations data and AI supply chain security, AI security posture management, and AI threat detection and response.

After exploiting the Safari remote code execution flaw, tracked as CVE-2020-9802, for initial access, the updated LightSpy payload triggers an exploit chain with jailbreak and loader stages prior to malware core delivery on devices running on iOS...

Knee-jerk reactions to major vendor outages could do more harm than good.

Attackers leveraged pernicious ads to lure targets into downloading ZIP packages with the malicious Electron app in the guise of legitimate software, which downloads the SYS01 infostealer that primarily compromises Facebook credentials while...

On the heels of a Chinese APT eavesdropping on phone calls made by Trump and Harris campaign staffers, Beijing says foreign nations have mounted an extensive seafaring espionage effort.

Az elmúlt időszakban jelentősen megnövekedett a látszólag magyar féltől érkező, magyar nyelvű, telefonos vagy csevegőplatformokon keresztüli közvetlen megkeresésen alapuló internetes csalási kísérletek száma.

Despite the absence of laws specifically covering AI-based attacks, regulators can use existing rules around fraud and deceptive business practices.

The company's data loss prevention platform helps customers identify and classify data across SaaS and GenAI applications, endpoints, and emails.

The “Jumpy Pisces” cyberespionage group appeared to provide initial access for ransomware deployment.

The National Security Memorandum on Artificial Intelligence tasks various federal agencies with securing the AI supply chain from potential cyberattacks and disseminating timely threat information about such attacks.

The Russian-backed group is using a novel access vector to harvest victim data and compromise devices in a large-scale intelligence-gathering operation.