Insights

AI Gathering Your Data

AI systems usage is growing quickly. But few people understand the implications of using generative AI systems and chatbots. This Insight looks at the one of the key risks inherent in these systems and what to do about it. 

 

AI systems keep your data


Mamba 2FA Cybercrime Kit Targets Microsoft 365 Users

A new adversary in the middle, AiiM, kit has recently appeared for sale on the Darkweb. The kit can show realistic looking Microsoft login pages for different MS services to steal user credentials. 

 

New attack avoids 2FA


CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches

A new vulnerability rated at 9.8 has been found in Fortinet products, FortiOS, FortiPAM, FortiProxy, and FortiWeb. This vulnerability is being actively exploited and results in remote code execution. Palo Alto and Cisco also disclosed serious vulnerabilities. Install updates as soon as available. 

 

Multiple vulnerabilities - patch now


Firefox Zero-Day Under Attack: Update Your Browser Immediately

Firefox, the browser from Mozilla, has a very serious vulnerability rated at 9.8 out of 10 and can result in remote code execution. An update has been released, install as soon as possible. 

 

Firefox vulnerable update now


Single HTTP Request Can Exploit 6M WordPress Sites

WordPress is a very popular tool for creating websites. However, that also makes it a popular target for cybercriminals. Another vulnerability can easily 6 million sites.  

 

WordPress under attack again


AI Gathering Your Data

Generative AI systems can be very helpful in many ways. But they also have downsides that can lead to significant problems for a company. This Insight looks at the possible problems and suggests some protective measures.

 

Generative AI good and bad


Cyberattackers Use HR Targets to Lay More_Eggs Backdoor

Cyber attackers have gone after job seekers with fake job postings. Now attackers are applying for real jobs to target the HR Recruiters and deliver malware. Always changing tactics, be ever alert!

 

Both job seekers and HR are targeted


Python-Based Malware Slithers Into Systems via Legit VS Code

Python is a popular coding language that is in wide use. Researchers have found it is being compromised by cyberattackers who start with an email and then use Visual Studio Code to distribute more malware. The malware is insidious and hides well making it difficult to find and eradicate.  

 

Python attackers hide and use legitimate code


Near-'perfctl' Fileless Malware Targets Millions of Linux Servers

Malware that has been targeting Linux systems for years is getting more powerful and harder to eliminate. This article explains what it is, what it can do, and ways to mitigate it. 

Linux malware insidious


Thousands of DrayTek Routers at Risk From 14 Vulnerabilities

DrayTek routers offer many features for cyber protection. The integrated approach is helpful to home and small businesses. But they have many vulnerabilities, some quite serious. 

 

DrayTek routers have serious risks