Skip to content
information security Page 128

information security

AI-as-a-Service Providers Vulnerable to PrivEsc and Cross-Tenant Attacks

AI-as-a-Service Providers Vulnerable to PrivEsc and Cross-Tenant Attacks

Apr 05, 2024NewsroomArtificial Intelligence / Supply Chain Attack New research has found that artificial intelligence (AI)-as-a-service providers such as Hugging Face are susceptible to two critical risks that could allow threat actors to escalate privileges,… 

New Wave of JSOutProx Malware Targeting Financial Firms in APAC and MENA

New Wave of JSOutProx Malware Targeting Financial Firms in APAC and MENA

Apr 05, 2024NewsroomCyber Espionage / Cybersecurity Financial organizations in the Asia-Pacific (APAC) and Middle East and North Africa (MENA) are being targeted by a new version of an “evolving threat” called JSOutProx. “JSOutProx is a… 

Researchers Identify Multiple China Hacker Groups Exploiting Ivanti Security Flaws

Researchers Identify Multiple China Hacker Groups Exploiting Ivanti Security Flaws

Apr 05, 2024NewsroomAdvanced Persistent Threat Multiple China-nexus threat actors have been linked to the zero-day exploitation of three security flaws impacting Ivanti appliances (CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893). The clusters are being tracked by Mandiant under… 

New Phishing Campaign Targets Oil & Gas with Evolved Data-Stealing Malware

New Phishing Campaign Targets Oil & Gas with Evolved Data-Stealing Malware

Apr 04, 2024NewsroomPhishing Attack / Malware An updated version of an information-stealing malware called Rhadamanthys is being used in phishing campaigns targeting the oil and gas sector. “The phishing emails use a unique vehicle incident… 

Ivanti Rushes Patches for 4 New Flaw in Connect Secure and Policy Secure

Ivanti Rushes Patches for 4 New Flaw in Connect Secure and Policy Secure

Apr 04, 2024NewsroomNetwork Security / Vulnerability Ivanti has released security updates to address four security flaws impacting Connect Secure and Policy Secure Gateways that could result in code execution and denial-of-service (DoS). The list of…