SEARCH
Thousands of FortiGate Devices Compromised in Ongoing Campaign
The Dutch Military Intelligence and Security Service said it has identified more than 20,000 FortiGate devices that have been compromised by a Chinese state-sponsored threat group.
Ransomware Attacks Leverage Recent Critical PHP Flaw
A recently disclosed PHP argument injection flaw (CVE-2024-4577) is being used in ransomware attacks, according to threat researchers and CISA.
Decipher Podcast: The Microsoft Recall Recall
A few days after Microsoft announced the new AI-enabled Recall feature--generating tremendous concerns and pushback from the security and privacy communities--the company had decided to disable it by default, but many concerns still remain. A month after the company's CEO proclaimed that it would be "prioritizing security above all else", how did this happen?
Mandiant: 165 Snowflake Customers ‘Potentially Exposed’ in Campaign
Researchers with Mandiant said that since at least April 14, the threat group behind the attack has used stolen credentials to access over 100 customer tenants. Some of the credentials were stolen via infostealer malware as early as 2020.
The Emerging Ecosystem Dedicated to AI Accountability
A new ecosystem of security researchers is emerging, looking to sniff out data security and privacy issues in AI systems and grappling with issues like a lack of transparency into and understanding of LLMs.