admin

Intel Says No New Mitigations Required for Indirector CPU Attack

A team of researchers from the University of California San Diego has published a paper detailing a novel attack method targeting Intel CPUs. The chip giant says no new mitigations are required to address it.  The new attack, named Indirector, is similar to the well-known Spectre v2 or Spectre Branch Target Injection (BTI) attack.  These methods typically allow…

Read More

Aditya Birla Sun Life Insurance Appoints Santosh Sheshware as CISO

Santosh Sheshware has assumed the roles of Chief Information Security Officer and Head of Information Security at Aditya Birla Sun Life Insurance. This is a significant step towards enhancing the company’s cybersecurity framework. With over 17 years of experience in information security across prominent organizations like Bharti AXA Life, PNB MetLife, India Infoline group, HSBC,…

Read More

Water Sigbin Hackers Exploit Oracle WebLogic Vulnerabilities

Cybersecurity researchers uncovered a sophisticated attack campaign by the Water Sigbin (aka 8220 Gang) threat actor that exploited vulnerabilities in the Oracle WebLogic Server, notably CVE-2017-3506 and CVE-2023-21839, to deploy the XMRig cryptocurrency miner on compromised systems.   The attack begins with the threat actor exploiting the WebLogic vulnerabilities to execute a malicious PowerShell script on the victim…

Read More

Fortinet Acquires Unicorn Lacework to Enhance Cloud Security

Deal Integrates Lacework’s CNAPP into Fortinet’s Security Fabric and SASE Platform Fortinet extended a lifeline to troubled cloud security vendor Lacework, agreeing to purchase the late-stage startup that once earned the largest funding round in cybersecurity history. The Silicon Valley-based platform security vendor said the proposed acquisition of San Jose, California-based Lacework will enhance Fortinet’s…

Read More

Deepfakes, Fraudsters and Hackers Are Coming for Cybersecurity Jobs

Companies in the market for cybersecurity professionals could face a new method of attack, made harder to spot because of artificial intelligence: Hackers posing as job applicants. As cyber threats targeting U.S. companies multiply, some security leaders have increased scrutiny during hiring to weed out bad actors—or simply applicants with over-embellished resumes. Globally, the cyber…

Read More

Central cyber security agency warns users about vulnerabilities in Microsoft Edge

The Indian Computer Emergency Response Team has found multiple vulnerabilities in the Microsoft Edge browser. As per the agency, these vulnerabilities could potentially be exploited by an attacker to compromise the targeted system. After warning Android users of vulnerability, the Indian Computer Emergency Response Team (CERT-In), which operates under the Ministry of Electronics & Information…

Read More

Russian Hackers Claim Cyberattack on Spanish Defence Company

Santa Barbara Systems, a General Dynamics (GD.N) subsidiary in Spain that is refurbishing Leopard tanks for delivery to Ukraine, suffered a cyberattack on its website, a pro-Russia hacker group said. A spokesperson for General Dynamics confirmed that the defence contractor’s Spanish unit had been targeted in an attempted cyberattack “that was detected immediately and has not…

Read More

SANS-GIAC Workforce research report for yr 2024 ‘Hire, Retain Mid-level cyber security professionals

SANS-GIAC Workforce research report for the year 2024 is based on a first-of-its-kind survey that analyzed the cybersecurity workforce with the goal of identifying the key factors to successfully build high-performing cybersecurity teams. The report focuses on efforts to hire and retain mid-level cyber security professionals The survey results analysed in this report zero in…

Read More

Tata Group working on 100 Gen AI projects: Chandrasekaran

Tata group chairman N Chandrasekaran on Friday said companies in the diversified group are executing over 100 generative artificial intelligence projects. AI can also have negative impacts, Chandrasekaran said, flagging potential job losses and privacy concerns as the areas we need to focus on. Addressing the group’s information technology (IT) services arm TCS’ 29th annual…

Read More

Trend Micro taps Nvidia Software tools for AI Cybersecurity Offering

On Sunday, Trend Micro announced its collaboration with Nvidia to develop new cybersecurity tools utilizing artificial intelligence, aimed at securing the data centers where AI operations occur. These tools, showcased at the Computex conference in Taiwan, are designed to run on Nvidia’s chips, detecting intruders and ensuring that only authorized personnel can access sensitive data….

Read More