Security Bulletin

Healthcare, telecommunications, and financial services firms across the U.S., Mexico, Columbia, Spain, and South Africa are having their Oracle WebLogic servers vulnerable to the remote code execution flaw, tracked as CVE-202014883, targeted by the...

Telecommunications firms in Egypt, Tanzania, and Sudan have been subjected to attacks by Iranian state-sponsored threat operation MuddyWater last month, reports The Record, a news site by cybersecurity firm Recorded Future.

Sony-owned video game developer Insomniac Games had over 1.3 million files amounting to 1.67 TB.

Windows and macOS systems have been subjected to attacks leveraging the novel Go-based information-stealing malware JaskaGO, reports The Hacker News.

Cyber Command Deputy Chief and Air Force Lt.

Malicious attachments that exploit an RCE flaw from 2017 are propagating Agent Tesla via socially engineered emails and an evasive infection method.

Files purporting to be an F5 vulnerability patch are deleting server contents.

Threat intelligence feedback loops are an increasingly vital tool in the escalating battle against bots.

By reviewing the latest risks, organizations can better protect themselves against a dynamic threat landscape — and deploy technologies and policies that keep them better defended.

AI has tremendous potential to improve efficiency and outcomes in the public and private sectors. A holistic approach to AI and security is critical to achieving the potential of AI while minimizing the risks.

Here are four action items security teams can set around generative AI in 2024.