Security
Headlines
HeadlinesLatestCVEs

Source

DARKReading

Versa Introduces Integrated Endpoint Data Loss Prevention in SASE Solution

DARKReading
#git#ssl
Cleo MFT Zero-Day Exploits Are About Escalate, Analysts Warn

Defenders running the Cleo managed file transfer are urged to be on the lookout for the Cleopatra backdoor and other indicators of an ongoing ransomware campaign, as patching details remain foggy, and no CVE has been issued.

Generative AI Security Tools Go Open Source

Businesses deploying large language models and other GenAI systems have a growing collection of open source tools for testing AI security.

With 'TPUXtract,' Attackers Can Steal Orgs' AI Models

A new side-channel attack method is a computationally practical way to infer the structure of a convolutional neural network — meaning that cyberattackers or rival companies can plagiarize AI models and take their data for themselves.

Test Your Cyber Skills With the SANS Holiday Hack Challenge

Open to players of all skill levels, the "Snow-mageddon" cybersecurity competition takes place in the world of Santa, elves, and Christmas mayhem.

OData Injection Risk in Low-Code/No-Code Environments

As the adoption of LCNC grows, so will the complexity of the threats organizations face.

'Dubai Police' Lures Anchor Wave of UAE Mobile Attacks

A sophisticated social engineering cybercrime campaign bent on financial gain was observed being run from Tencent servers in Singapore.

Lloyd's of London Launches New Cyber Insurance Consortium

Under the program, HITRUST-certified organizations gain access to exclusive coverage and rates.

336K Prometheus Instances Exposed to DoS, 'Repojacking'

Open source Prometheus servers and exporters are leaking plaintext passwords and tokens, along with API addresses of internal locations.

Chinese Cops Caught Using Android Spyware to Track Mobile Devices

Law enforcement across mainland China have been using EagleMsgSpy surveillance tool to collect mobile device data since at least 2017, new research shows.