Category: Cyber Security News & Updates

Zenbleed: AMD Zen 2 Processors Vulnerable to Data Extraction A serious security flaw, known as Zenbleed (CVE-2023-20593), has been discovered in AMD’s Zen 2 processors, allowing attackers to extract sensitive data like encryption keys and

North Korean Group Targets Tech Firms with Social Engineering Scheme on GitHub GitHub has detected a low-frequency social engineering campaign aimed at employees of tech companies, particularly those linked to the blockchain, cryptocurrency, online gambling,

P2PInfect Worm: New Threat Exploiting Vulnerable Redis Servers on Linux and Windows Systems Cybersecurity researchers from Unit 42 have uncovered a novel peer-to-peer worm, P2PInfect, that targets vulnerable Redis instances on both Linux and Windows

Microsoft’s AI Assistant for Security Operations Centers to Enter Early-Access Preview Microsoft is expanding its Security Copilot service, an AI assistant for Security Operations Centers based on GPT-4, granting access to more customers and technology

Former IT Security Analyst Jailed for Attempting to Extort Employer in Cyber Attack Ashley Liles, a former IT security analyst, was sentenced to three years and seven months in prison for attempting to blackmail his

BreachForums Admin “Pompompurin” Pleads Guilty to High-Level Hacking Charges Conor Brian Fitzpatrick, known by his online alias “Pompompurin,” pleaded guilty to multiple hacking-related charges in the US District Court, including conspiracy to commit access device

NCSC Proposes Alternative Approaches to Traditional SOCs The UK’s National Cyber Security Centre (NCSC) has suggested strategies that could reduce or negate the need for Security Operations Centers (SOCs), which require significant time and resources.

GitHub User Dupes Security Researchers with Malicious Linux PoCs A GitHub user tricked security researchers by publishing malicious proofs-of-concept (PoCs) containing Linux backdoors. Researchers from Uptycs revealed that the user, now deactivated, had copied genuine

Microsoft Counters Chinese Cyber Espionage Attempt on Western European Governments On Tuesday, Microsoft announced that it had successfully defended against a cyber espionage campaign by a Chinese nation-state actor, identified as Storm-0558, targeting approximately 25

Apple invoked Rapid Security Response (RSR) to patch 0-day WebKit vulnerability impacting iPads, iPhones and MacsApple isn’t so “rapid” in patching security vulnerabilities, so this is only the second time Apple has invoked the Rapid