Microsoft has released the KB5049981 cumulative update for Windows 10 22H2 and Windows 10 21H2, which contains an updated Kernel […]
Windows 10 KB5049981 update released with new BYOVD blocklist Read Post »
Today is Microsoft’s January 2025 Patch Tuesday, which includes security updates for 159 flaws, including eight zero-day vulnerabilities, with three
Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws Read Post »
Microsoft has released the Windows 11 KB5050009 and KB5050021 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities
Windows 11 KB5050009 & KB5050021 cumulative updates released Read Post »
A weakness in Google’s OAuth “Sign in with Google” feature could enable attackers that register domains of defunct startups to
Google OAuth flaw lets attackers gain access to abandoned accounts Read Post »
This is a current list of where and when I am scheduled to speak: I’m speaking on “AI: Trust &
Upcoming Speaking Engagements Read Post »
Microsoft has revealed that it’s pursuing legal action against a “foreign-based threat–actor group” for operating a hacking-as-a-service infrastructure to intentionally get around the safety controls of its generative artificial intelligence (AI) services and produce offensive and harmful content.
The tech giant’s Digital Crimes Unit (DCU) said it has observed the threat actors “develop
Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation Read Post »
The U.S. Department of Justice (DoJ) on Friday indicted three Russian nationals for their alleged involvement in operating the cryptocurrency mixing services Blender.io and Sinbad.io.
Roman Vitalyevich Ostapenko and Alexander Evgenievich Oleynik were arrested on December 1, 2024, in coordination with the Netherlands’ Financial Intelligence and Investigative Service, Finland’s National Bureau of
DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering Read Post »
Cybersecurity researchers have shed light on a nascent artificial intelligence (AI) assisted ransomware family called FunkSec that sprang forth in late 2024, and has claimed more than 85 victims to date.
“The group uses double extortion tactics, combining data theft with encryption to pressure victims into paying ransoms,” Check Point Research said in a new report shared with The Hacker News. “
AI-Driven Ransomware FunkSec Targets 85 Victims Using Double Extortion Tactics Read Post »
Cybersecurity reporting is a critical yet often overlooked opportunity for service providers managing cybersecurity for their clients, and specifically for virtual Chief Information Security Officers (vCISOs). While reporting is seen as a requirement for tracking cybersecurity progress, it often becomes bogged down with technical jargon, complex data, and disconnected spreadsheets that fail to
Taking the Pain Out of Cybersecurity Reporting: A Practical Guide for MSPs Read Post »
Cybersecurity researchers have detailed a now-patched security flaw impacting Monkey’s Audio (APE) decoder on Samsung smartphones that could lead to code execution.
The high-severity vulnerability, tracked as CVE-2024-49415 (CVSS score: 8.1), affects Samsung devices running Android versions 12, 13, and 14.
“Out-of-bounds write in libsaped.so prior to SMR Dec-2024 Release 1 allows remote
Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices Read Post »