Google has announced that it’s expanding its Vulnerability Rewards Program (VRP) to compensate researchers for finding attack scenarios tailored to generative artificial intelligence (AI) systems in an effort to bolster AI safety and security. “Generative AI raises new and different concerns than traditional digital security, such as the potential for unfair bias, model manipulation or misinterpretations
Read More
The North Korea-aligned Lazarus Group has been attributed as behind a new campaign in which an unnamed software vendor was compromised through the exploitation of known security flaws in another high-profile software. The attack sequences, according to Kaspersky, culminated in the deployment of malware families such as SIGNBT and LPEClient, a known hacking tool used by the threat
Read More
Threat actors have been observed serving malicious code by utilizing Binance’s Smart Chain (BSC) contracts in what has been described as the “next level of bulletproof hosting.” The campaign, detected two months ago, has been codenamed EtherHiding by Guardio Labs. The novel twist marks the latest iteration in an ongoing malware campaign that leverages compromised WordPress sites to serve
Read More
Encrypted messaging app Signal has pushed back against “viral reports” of an alleged zero-day flaw in its software, stating it found no evidence to support the claim. “After responsible investigation *we have no evidence that suggests this vulnerability is real* nor has any additional info been shared via our official reporting channels,” it said in a series
Read More
Our mission is to educate our customer base, build capacity in every country we operate in and make cyber security affordable to all