Open-Weight Chinese AI Models Drive Privacy Innovation in LLMs
Edge computing and stricter regulations may usher in a new era of AI privacy.
-
-
EMR-ISAC Shuts Down: What Happens Now?
The Emergency Management and Response – Information Sharing and Analysis Center provided essential information to the emergency services sector on physical and cyber threats and its closure leaves an information vacuum for these organizations.
-
Exploitation Risk Grows for Critical Cisco Bug
New details on the Cisco IOS XE vulnerability could help attackers develop a working exploit soon, researchers say.
-
Trickbot, Conti Ransomware Operator Unmasked Amid Huge Ops Leak
An anonymous whistleblower has leaked large amounts of data tied to the alleged operator behind Trickbot and Conti ransomware.
-
Cryptojacking Campaign Exploits DevOps APIs Using Off-the-Shelf Tools from GitHub
Cybersecurity researchers have discovered a new cryptojacking campaign that’s targeting publicly accessible DevOps web servers such as those associated with Docker, Gitea, and HashiCorp Consul and Nomad to illicitly mine cryptocurrencies. Cloud security firm Wiz, which is tracking the activity under the name JINX-0132, said the attackers are exploiting a wide range of known misconfigurations…
-
Cryptojacking Campaign Exploits DevOps APIs Using Off-the-Shelf Tools from GitHub
Cybersecurity researchers have discovered a new cryptojacking campaign that’s targeting publicly accessible DevOps web servers such as those associated with Docker, Gitea, and HashiCorp Consul and Nomad to illicitly mine cryptocurrencies. Cloud security firm Wiz, which is tracking the activity under the name JINX-0132, said the attackers are exploiting a wide range of known misconfigurations…
-
Australia Begins New Ransomware Payment Disclosure Rules
The country will require certain organizations to report ransomware payments and communications within 72 hours after they’re made or face potential civil penalties.
-
Critical Bugs Could Spark Takeover of Widely Used Fire Safety OT/ICS Platform
The unpatched security vulnerabilities in Consilium Safety’s CS5000 Fire Panel could create “serious safety issues” in environments where fire suppression and safety are paramount, according to a CISA advisory.
-
Preinstalled Apps on Ulefone, Krüger&Matz Phones Let Any App Reset Device, Steal PIN
Three security vulnerabilities have been disclosed in preloaded Android applications on smartphones from Ulefone and Krüger&Matz that could enable any app installed on the device to perform a factory reset and encrypt an application. A brief description of the three flaws is as follows – CVE-2024-13915 (CVSS score: 6.9) – A pre-installed “com.pri.factorytest” application on…
-
Preinstalled Apps on Ulefone, Krüger&Matz Phones Let Any App Reset Device, Steal PIN
Three security vulnerabilities have been disclosed in preloaded Android applications on smartphones from Ulefone and Krüger&Matz that could enable any app installed on the device to perform a factory reset and encrypt an application. A brief description of the three flaws is as follows – CVE-2024-13915 (CVSS score: 6.9) – A pre-installed “com.pri.factorytest” application on…