SAP AI Core Vulnerabilities Expose Customer Data to Cyber Attacks

Cybersecurity researchers have uncovered security shortcomings in SAP AI Core cloud-based platform for creating and deploying predictive artificial intelligence (AI) workflows that could be exploited to get hold of access tokens and customer data. The five vulnerabilities have been collectively dubbed SAPwned by cloud security firm Wiz. “The vulnerabilities we found could have allowed attackers to access customers’ data…

Read More

Microsoft’s Partnership With Middle East AI Firm Under Scrutiny

A much-trumpeted deal between Microsoft and Group 42 in the Middle East and Africa could be quashed due to geopolitical concerns, as US policymakers raise questions about Group 42’s relationship with China, highlighting challenges US companies face in forging business ties in the region. Despite assurances from Group 42 that it is cutting all military…

Read More

Raman Research Institute scientists make breakthrough in cybersecurity

Scientists at the Raman Research Institute (RRI) have created a new, user-friendly way to generate truly unpredictable random numbers, which is crucial for stronger encryption in quantum communications. RRI said this advance could revolutionize how we protect sensitive data in the future a breakthrough in cyber security. Stopping malicious agents “The security of quantum communications…

Read More

Barracuda Launches email Protection Solution in India

According to a recent study, more than half of India’s CEOs put cloud-related threats at the top of their list of concerns Cybersecurity solutions company Barracuda Networks, Inc., has announced the expansion of email security products to the Indian market to help customers comply with national regulations while deploying Barracuda’s advanced email protection, data classification,…

Read More

Cisco Warns of regreSSHion RCE Impacting Multiple Products

Cisco has issued a security advisory regarding a critical remote code execution (RCE) vulnerability, dubbed “regreSSHion,” that affects multiple products. The vulnerability tracked as CVE-2024-6387, was disclosed by the Qualys Threat Research Unit on July 1, 2024. It impacts the OpenSSH server (sshd) in glibc-based Linux systems and has the potential to allow unauthenticated attackers…

Read More

Cybersecurity researchers of CloudSEK uncover rise in Investment scams on Social media

Investment scams primarily operate through social media and messaging platforms like WhatsApp and Telegram. CloudSEK found a surge in malicious content on these platforms — over 29,000 fraudulent ads on Facebook and a 81,000 fake investment groups on WhatsApp. The report covers an in-depth report exposing a troubling rise in investment scams targeting individuals in…

Read More

Microsoft Alerts More Customers to Email Theft in Expanding Midnight Blizzard Hack

Shockwaves from the Russian government’s hack of Microsoft’s corporate infrastructure continue to spread with news that the software giant is notifying surprised customers that their emails were also stolen by the Midnight Blizzard hackers. According to published reports, Redmond’s incident response team is providing a secure portal for customers to view specifics of emails stolen…

Read More

Intel Says No New Mitigations Required for Indirector CPU Attack

A team of researchers from the University of California San Diego has published a paper detailing a novel attack method targeting Intel CPUs. The chip giant says no new mitigations are required to address it.  The new attack, named Indirector, is similar to the well-known Spectre v2 or Spectre Branch Target Injection (BTI) attack.  These methods typically allow…

Read More

Aditya Birla Sun Life Insurance Appoints Santosh Sheshware as CISO

Santosh Sheshware has assumed the roles of Chief Information Security Officer and Head of Information Security at Aditya Birla Sun Life Insurance. This is a significant step towards enhancing the company’s cybersecurity framework. With over 17 years of experience in information security across prominent organizations like Bharti AXA Life, PNB MetLife, India Infoline group, HSBC,…

Read More

Deepfakes, Fraudsters and Hackers Are Coming for Cybersecurity Jobs

Companies in the market for cybersecurity professionals could face a new method of attack, made harder to spot because of artificial intelligence: Hackers posing as job applicants. As cyber threats targeting U.S. companies multiply, some security leaders have increased scrutiny during hiring to weed out bad actors—or simply applicants with over-embellished resumes. Globally, the cyber…

Read More