Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

Octo Tempest cybercriminal group is "a growing concern"—Microsoft

Categories: News Categories: Ransomware Tags: ALPHV Tags: Octo Tempest Tags: RaaS Tags: LOTL Tags: social engineering Tags: SIM swapping A group of cybercriminals known for advanced social engineering attacks has joined one of the biggest ransomware groups as an affiliate. (Read more...) The post Octo Tempest cybercriminal group is "a growing concern"—Microsoft appeared first on Malwarebytes Labs.

Malwarebytes
#vulnerability#web#microsoft#vmware
Google Expands Its Bug Bounty Program to Tackle Artificial Intelligence Threats

Google has announced that it's expanding its Vulnerability Rewards Program (VRP) to reward researchers for finding attack scenarios tailored to generative artificial intelligence (AI) systems in an effort to bolster AI safety and security. "Generative AI raises new and different concerns than traditional digital security, such as the potential for unfair bias, model manipulation or

CVE-2023-44323: Adobe: CVE-2023-44323 Adobe PDF Remote Code Execution Vulnerability

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 118.0.2088.76 10/27/2023 118.0.5993.117/.118

Microsoft: 0ktapus Cyberattackers Evolve to 'Most Dangerous' Status

The English-speaking cyberattack group behind the MGM and Caesars Entertainment attacks is adding unique capabilities and gaining in sophistication. Prepare now, Microsoft says.

Microsoft Warns as Scattered Spider Expands from SIM Swaps to Ransomware

The prolific threat actor known as Scattered Spider has been observed impersonating newly hired employees in targeted firms as a ploy to blend into normal on-hire processes and takeover accounts and breach organizations across the world. Microsoft, which disclosed the activities of the financially motivated hacking crew, described the adversary as "one of the most dangerous financial criminal

Iranian Group Tortoiseshell Launches New Wave of IMAPLoader Malware Attacks

The Iranian threat actor known as Tortoiseshell has been attributed to a new wave of watering hole attacks that are designed to deploy a malware dubbed IMAPLoader. "IMAPLoader is a .NET malware that has the ability to fingerprint victim systems using native Windows utilities and acts as a downloader for further payloads," the PwC Threat Intelligence said in a Wednesday analysis. "It uses email

Protecting your intellectual property and AI models using Confidential Containers

Protecting intellectual property and proprietary artificial intelligence (AI) models has become increasingly important in today's business landscape. Unauthorized access can have disastrous consequences with respect to competitiveness, compliance and other vital factors, making it essential to implement leading security measures. Confidential computing is one of these technologies, using hardware-based trusted execution environments (TEEs) to create enclaves with strengthened security postures. These enclaves help protect sensitive data and computations from unauthorized access, even by pr

CVE-2023-5671: HP Print and Scan Doctor for Windows - Potential Escalation of Privilege

HP Print and Scan Doctor for Windows may potentially be vulnerable to escalation of privilege. HP is releasing software updates to mitigate the potential vulnerability.

Okta's Latest Security Breach Is Haunted by the Ghost of Incidents Past

A recent breach of authentication giant Okta has impacted nearly 200 of its clients. But repeated incidents and the company’s delayed disclosure have security experts calling foul.

Winter Vivern APT Blasts Webmail Zero-Day Bug With One-Click Exploit

A campaign targeting European governmental organizations and a think tank shows consistency from the low-profile threat group, which has ties to Belarus and Russia.