Aggregator

A vulnerability was found in Go-Tribe gotribe-admin 1.0 and classified as problematic. Affected by this issue is the function InitRoutes of the file internal/app/routes/routes.go of the component Log Handler. The manipulation leads to deserialization. This vulnerability is handled as CVE-2024-8003. The attack needs to be approached within the local network. There is no exploit available. It is recommended to apply a patch to fix this issue.

Submit #393987 / VDB-275198

The art of detecting subtle anomalies, predicting emergent vulnerabilities and remediating novel cyber-attacks is becoming more refined, day by day.

Related: GenAI’s impact on elections

It turns out that the vast datasets churned out by cybersecurity toolsets happen to be … (more…)

The post NEWS ANALYSIS Q&A: The early going of Generative AI and LLMs impacting cybersecurity first appeared on The Last Watchdog.

The post NEWS ANALYSIS Q&A: The early going of Generative AI and LLMs impacting cybersecurity appeared first on Security Boulevard.

By Byron V. AcohidoThe art of detecting subtle anomalies, predicting emergent vulnerabilities and

Недавнее расследование раскрыло тайны сбора контента для ИИ.

根据网络安全公司 Chainalysis 发布的最新报告，2024 年上半年勒索软件受害者向网络犯罪分子支付了 4.598 亿美元。

Новый реестр может стать мишенью для геополитических противников.

A vulnerability has been found in Vmware Spring Framework up to 5.3.38 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component SpEL Expression Handler. The manipulation leads to denial of service. This vulnerability is known as CVE-2024-38808. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

日本禁止基于遗传信息的劳动歧视。日本厚生劳动省的文件规定，企业招聘选拔时，除了达成业务目的不可或缺的情况等以外，不允许收集可能成为社会性歧视原因的事项中包含遗传信息。若违反，基于《职业安定法》有可能成为行政处罚的对象。关于企业要求员工提供基因组信息的情况，文件举出《个人信息保护法》和《劳动安全卫生法》等根据，写入“无需同意相关要求”。认为企业以不提供为由降低人事评价等的做法不妥。文件说明称，根据《劳动合同法》，缺乏客观合理性或不符合社会常识的解雇属于滥用权利。指出“不认为基因组信息本身能成为解雇的合理理由”，若没有基因组信息以外的理由，则是滥用解雇权，解雇无效。

美国弗吉尼亚州集中了全球最大的数据中心基础设施。自 2019 年以来，弗吉尼亚州“数据中心小巷”数十个设施的用水量增长了近三分之二，环保人士警告称，AI 将导致对计算基础设施的需求“爆炸式增长”。亚马逊、Google 和微软在该地都有数据中心。数据显示，2023 年数据中心小巷的用水量至少达到了 18.5 亿加仑（70 亿升），相比下 2019 年的用水量为 11.3 亿加仑。根据 Dgtl Infra 的估计，2023 年美国数据中心消耗了逾 750 亿加仑的水。美国银行去年 11 月估计，数据中心是美国第十大用水户。

Арест администратора Bohemia Market положил конец крупнейшей онлайн-площадке нелегальных товаров.

The Federal Bureau of Investigation (FBI), in collaboration with the Office of the Director of National Intelligence (ODNI) and the Cybersecurity and Infrastructure Security Agency (CISA), has confirmed that Iranian hackers were responsible for a recent cyberattack targeting former President Donald Trump’s campaign. This revelation underscores the ongoing threat of foreign interference in U.S. elections, […]

The post FBI Investigation Confirms that Iran Hackers Behind Trump Campaign Hack appeared first on Cyber Security News.

Lazarus эксплуатирует 0day для установки руткита.

Toyota has confirmed a data breach after a threat actor leaked 240GB of data stolen from its infrastructure on a cybercrime forum. Toyota disclosed a data breach after a threat actor leaked an archive of 240GB of data stolen from its systems on a cybercrime forum, BleepingComputer reported. The threat actor ZeroSevenGroup claims to have […]

Toyota disclosed a data breach after ZeroSevenGroup leaked stolen data on a cybercrime forumTo

Toyota disclosed a data breach after ZeroSevenGroup leaked stolen data on a cybercrime forumTo

27岁的俄罗斯公民格奥尔基·卡夫扎拉泽（Georgy Kavzharadze）因在Slilpp上出售超过30万个账户的登录凭证，被判处4个月的监禁。

近日，一场大规模勒索活动利用可公开访问的环境变量文件（.env）入侵了多个组织，这些文件包含与云和社交媒体应用程序相关的凭据。

PS4和PS5中的WebKit漏洞指的是其浏览器中发现的WebKit引擎漏洞。