Edgeless Systems Brings Confidential Computing to AI
Michael Vizard | | AI, Artificial Intelligence, confidential computing, Edgeless Systems, encryption
Edgeless Systems Continuum platform applies confidential computing to artificial intelligence (AI) workloads to better secure them ... Read More
HHS to Investigate Change’s Security in Wake of Crippling Cyberattack
The U.S. Department of Health and Human Services (HHS) is opening an investigation into UnitedHealth and its Change Healthcare subsidiary following a ransomware attack that for three weeks has essentially shut down payments to health care providers and hobbled pharmacies trying to fill prescriptions. Noting the “unprecedented magnitude of this ... Read More
Google Splashes the Cash in Bug Bounty Bonanza: $59 Million to Date
Richi Jennings | | alphabet, bounty, bug bounty, bug bounty program, bugbounty, ethical hacker, ethical hackers, ethical hacking, google, SB Blogwatch, Vulnerability Rewards Program (VRP), white hat, white hat hacker, white hat hackers, White Hat Security, White Hats, WhiteHat, whitehat hackers, WhiteHat Security
Wanna be a VRP VIP? Last year, $GOOG paid $10 million to ethical hackers for finding vulnerabilities ... Read More
JetBrains Says Rapid7’s Fast Release of Flaw Details Harmed Users
Jeffrey Burt | | coordinated vulnerability disclosure, JetBrains TeamCity, rapid7, security vulnerabilites
JetBrains is continuing to criticize Rapid7’s policy for disclosing vulnerabilities its researchers uncover, saying the cybersecurity firm’s quick release of details of flaws in JetBrains’ TeamCity platform harmed some customers and runs counter to other companies’ processes. Rapid7 disclosed details of two vulnerabilities in JetBrains’ developer platform hours after the ... Read More
Phishing Threats Rise as Malicious Actors Target Messaging Platforms
As messaging apps like Telegram gain popularity, cybercriminals are increasingly finding they are an attractive vector for phishing attacks ... Read More
DOJ Warns Using AI in Crimes Will Mean Harsher Sentences
U.S. Deputy Attorney General Lisa Monaco last month was in the UK speaking at the University of Oxford and outlining the different paths the Justice Department is taking to address the benefits and threats associated with AI. Monaco spoke about how existing laws offer a “firm foundation” as the law ... Read More
Broadcom Merging Carbon Black, Symantec to Create Security Unit
Carbon Black’s uncertain future following the closing of Broadcom’s $69 billion acquisition of VMware in November is now settled, with the security software business merging with Symantec to form Broadcom’s new Enterprise Security Group. Broadcom will make “significant investments in both brands” and offer both Carbon Black and Symantec product ... Read More
Irony of Ironies: CISA Hacked — ‘by China’
Richi Jennings | | china, china espionage, Chinese, Chinese Communists, Chinese drive-by attack, chinese government, chinese hacker, Chinese hackers, Chinese state-sponsored hacking group, Chinese Threat Actors, CIRCIA, cisa, CISA.gov, CVE-2023-46805, CVE-2024-21887, CVE-2024-21893, Cyber Security and Infrastructure Security Agency, Cybersecurity & Infrastructure Security Agency, Cybersecurity and Infrastructure Agency, Data Stolen By China, federal agency, Ivanti, Ivanti Connect Secure, Ivanti Policy Secure, Ivanti security, Ivanti Vulnerabilities, Ivanti Zero day vulnerability, Ligolo, Magnet Goblin, NerbianRAT, NSA/CISA, Peoples Republic of China, SB Blogwatch, Volt Typhoon, WARPWIRE
Free rides and traffic jams: U.S. Cybersecurity and Infrastructure Security Agency penetrated in February, via vuln in Ivanti ... Read More
Threat Groups Rush to Exploit JetBrains’ TeamCity CI/CD Security Flaws
The cyberthreats to users of JetBrains’ TeamCity CI/CD platform continue to mount a week after the company issued two fixes to security vulnerabilities, with one cybersecurity vendor noting a ransomware attack that included exploiting the flaws for initial access and a search engine reporting that 1,442 vulnerable instances showed signs ... Read More
CrowdStrike Extends Scope and Reach of Cybersecurity Portfolio
CrowdStrike acquired Flow Security to add DSPM to its portfolio and is offering an MDR service from Dell that integrates with its Falcon XDR ... Read More