SEARCH
Archive
ColdFusion Exploit Used to Access Federal Agency
In two separate intrusions, attackers exploited a ColdFusion vulnerability (CVE-2023-26360) to compromise an unnamed federal government agency.
New AI Guidelines Focus on Safety and Security of Models, Data
New AI guidelines authored by CISA and the UK's NCSC stress the importance of secure design, development, deployment, and operation of AI models and tools.
EU Parliament Committee Rejects Mass Scanning of Encrypted Messages
A key European Union Parliament committee has rejected proposed language that would allow for mass scanning of encrypted messages.
‘Marriages of Convenience’ Between State Actors and Cybercriminals Provide Cover for Both
U.S. authorities warn that cooperative efforts between state-sponsored actors and cybercrime groups make life more difficult for defenders and law enforcement.
New Cyber Espionage Campaign Targets Tech, Government Entities
The newly discovered threat group compromises companies and then moves laterally on the network, exfiltrating data, logging keystrokes and more along the way.