Software Security Archives - Page 4 of 27

ChatGPT Showcases Promise of AI in Developing Malware

Issued by: DataBreach Today

Cybercriminals have lost little time in converting the artificial intelligence capabilities of ChatGPT to malicious purposes by using it to generate malware scripts. Security researchers at Check Point found members of the low-level hacking community Breach Forums posting over the past few weeks the results of interactions with the OpenAI-developed tool. They include a machine-learning…

Software Security

Rackspace Ransomware Incident Highlights Risks of Relying on Mitigation Alone

Issued by: Dark Reading

The recent ransomware incident at Rackspace that took down the company’s hosted Microsoft Exchange server environment has focused attention on the often-risky gamble that security teams take when choosing to mitigate a vulnerability — rather than apply a patch for it. Last week, Rackspace disclosed that a Dec. 2 intrusion into the hosting company’s Exchange…

Software Security

Cyberattackers Torch Python Machine Learning Project

Issued by: Dark Reading

An unknown attacker slipped a malicious binary into the PyTorch machine learning project by registering a malicious project with the Python Package Index (PyPI), infecting users’ machines if they downloaded a nightly build between Dec. 25 and Dec. 30. The PyTorch Foundation stated in an advisory on Dec. 31 that the effort was a dependency…

Software Security

Healthcare Providers and Hospitals Under Ransomware’s Siege

Issued by: Dark Reading

While ransomware groups have not spared any industry, attackers have put the healthcare sector at the top of their preferred targets. The surge in hospitals falling victim to breaches has raised concerns among regulators and government officials who have moved to push through new policies and legislation. CommonSpirit, one of the largest nonprofit healthcare systems…

Software Security

Hackers stole $3 million worth of cryptocurrency from BTC.com

Issued by: Security Affairs

BTC.com is a website that provides services for managing and transferring Bitcoin, it offers a digital wallet for storing Bitcoin, a trading interface for exchanging Bitcoin with other cryptocurrencies and fiat currencies, and a mining platform for participating in the extraction of new Bitcoin coins. BTC.com is one of the largest platforms for transferring Bitcoin…

Software Security

Critical “10-out-of-10” Linux kernel SMB hole – should you worry?

Issued by: Naked Security

Just before the Christmas weekend – in fact, at about the same time that beleaguered password management service LastPass was admitting that, yes, your password vaults were stolen by criminals after all – we noticed a serious-sounding Linux kernel vulnerability that hit the news. The alerts came from Trend Micro’s Zero Day Initiative (ZDI), probably…

Software Security

Apple’s AirTag stalker safeguards are “woefully inadequate,” alleges lawsuit

Issued by: Malwarebytes

Two women filed a proposed class-action lawsuit on Monday, December 5, in the United States District Court for the Northern District of California against Apple, the makers of AirTags. Airtags are a small Bluetooth-enabled devices designed to track personal belongings. The suit accuses the company of failure to introduce measures to combat abuse of the…

Application Security, Software Security

Major Security Breach From Business Users’ Low-Code Apps Could Come in 2023, Analysts Warn

Issued by: Dark Reading

In a recent report, Forrester analysts warned of a looming major security breach at a large enterprise in 2023 rooted in business users using low-code/no-code (LCNC). The first part of this prediction is, unfortunately, a shared industry assumption: It would be surprising if we had an entire year without major headline security breaches. But the…

Software Security

Moving your Microsoft environment to zero trust

Issued by: Help Net Security

Zero trust is a concept that’s easy to grasp but incredibly difficult to implement. It touches almost every system, component, application, and resource within an enterprise, and requires a strategic framework and specific tools and technologies to achieve best practice results. As organizations move Microsoft environments towards zero trust, it’s vital to ensure that all…

Application Security, Software Security

Bearer, Notebook Labs, Protexxa Raise Millions in Seed Funding

Issued by: Security Week

Bearer, a San Francisco-based company founded in 2018, has received a $4 million investment from Kima Ventures, Partech and Point Nine, bringing the total raised by the company to $8 million. The startup’s data security SaaS solution helps organizations identify technical and business logic flaws in code during the development cycle, and ensure data security…