Infosec news
In today's interconnected digital landscape, cyber security threats are no longer confined to national borders. Malware, phishing attacks, data breaches, and other forms of cyber crime can strike at any moment, anywhere in the world. To help you stay informed and prepared, our curated list aggregates the most important InfoSec news from around the globe. From major breach announcements to emerging trends in cyber security research, this roundup brings you the latest developments that impact your digital security and online privacy. Whether you're a security professional, IT administrator, or just tech-savvy individual, we've got you covered with the insights and intelligence you need to navigate our rapidly changing cyber environment.
Trump's Misguided Crusade: Inside the Fiasco that Left Venezuela Unchanged |
 A revelatory exposé from Wired highlights the US Central Intelligence Agency's covert operation against Venezuelan strongman Nicolás Maduro in 2018. The CIA infiltrated Venezuela's military payroll system, exposing embezzled funds meant for troops fighting a brewing rebellion. Back in Washington, rival factions within the spy agency clashed over budget and priorities, all while opposition forces inside Venezuela grappled with internal divisions. A messy tussle of espionage, politics, and power struggles. |
2024-10-31 Read more on Wired (www.wired.com) |
The Great Handover: As Elections Loom, Social Networks Abdicate Their Cyber Security Responsibility |
 It's been a torrid year for online freedoms, with Big Tech and government actions leading the charge. From social media censorship to net neutrality rollbacks and data retention policies, it feels like we're constantly walking on eggshells online. Not only are our personal details being hoovered up left and right, but seemingly arbitrary moderation decisions have left us wondering what exactly is allowed these days. Throw in some dodgy backdoors, a dash of AI-powered snooping, and we've got ourselves an internet that's less free than ever before. |
2024-10-31 Read more on Wired (www.wired.com) |
QNAP's Second Zero-Day Exploit at Pwn2Own Ireland 2024 Demonstrates Persistent Vulnerabilities in NAS Devices. |
 Taiwanese manufacturer QNAP has quickly patched a second zero-day vulnerability, tracked as CVE-2024-50387, following its demonstration at Pwn2Own Ireland 2024 by security researcher YingMuo. This vulnerability is a serious SQL injection (SQLi) issue that affects the SMB Service on QNAP devices. The rapid response from QNAP demonstrates their commitment to addressing security concerns and protecting users' data. |
2024-10-31 Read more on Security Affairs (securityaffairs.com) |
The Water Bears' Radiation Secret: Unlocking Human Resilience |
 Scientists have discovered a new species of microscopic 'water bear' capable of surviving blasts of ionising radiation. Tardigrades have long been known for their extreme tolerance to environmental stressors, but this latest discovery has the potential to revolutionise our understanding of radiation resistance. Researchers have sequenced the genetic code of the new tardigrade and are optimistic that it could hold the key to developing drugs capable of reversing radiation damage. |
NASA narrows down options for Artemis III lunar mission - new destinations on the moon's south pole |
 The US space agency NASA has published a list of nine possible places where its astronauts may touch down when they return to the moon next year.These locations are all near the lunar south pole, an area of extreme cold which is also thought to have ice at or just beneath the surface - something that's potentially valuable for future missions.The astronauts will be landing as part of Artemis III, a mission designed to test technologies needed for further human exploration of space. |
Microsoft Accuses Google of Hiding Behind 'Open Cloud Coalition' Front |
 Seemingly fed up with CISPE's restrictive licensing agreement, a new UK-based coalition of cloud service providers has taken aim at the association. The group, composed mostly of British companies, is pushing to break free from what it views as onerous regulations imposed by CISPE. Microsoft has even gone so far as to accuse Google of being behind this new rival lobbying effort – a claim Google has promptly denied. As tensions simmer between these industry heavyweights, one thing is clear: cloud licensing is about to get interesting in the UK. |
US Adds Chinese Chips, Quantum Computing, and Artificial Intelligence Companies to Investment Ban List |
 US Treasury Deploys New Rule Limiting Investments in Sensitive TechIn a bid to curb technology transfer to China's military, the US Treasury Department has imposed restrictions on American entities investing in sensitive Chinese tech sectors. The new regulation targets investments in semiconductors, microelectronics, quantum information technologies, and artificial intelligence.These measures aim to prevent unwitting support for the People's Liberation Army (PLA) amid concerns about the potential military applications of the listed technologies. |
AI's processor problems: Can CPUs keep up with the cost of cutting-edge intelligence? |
 It appears you want me to rewrite an article about the suitability of central processing units (CPUs) versus graphics processing units (GPUs) or other accelerators for training and running generative artificial intelligence (AI) models. Here's my version:At the end of the day, it all comes down to tokens per dollar, old chap.Most current GenAI models are trained and run on those fancy GPUs and whatnot, but that doesn't mean they have to be. In fact, several chipmakers reckon CPUs are more than adequate for many enterprise AI applications. |
US Army deploys AI 'Siren' to safeguard storerooms and warehouses. |
 US Army Developing AI Bot to Sniff Out Threats at One Mile Distance Without Hardware Upgrades The United States military has been working on an artificial intelligence system designed to detect potential threats up to one mile away using existing technology, according to a statement released by the Department of Defense.This ominous-sounding AI product can allegedly identify genuine security risks and avoid false alarms, helping reduce the workload for security personnel. |
Tech Titan Lays Bare AI Hype: Only 10% of AI Marketing Has Substance, Rest Just Hot Air |
 Linux kernel founder Linus Torvalds has spoken out about the hype surrounding Generative AI. He believes much of the promotional material from the industry lacks substance and will take several years to prove its worth in real-world applications. The lack of tangible use cases is causing skepticism within the tech community, with many questioning how long it will take for GenAI to show meaningful benefits in common workloads. |
A Super-AI Boom: Softbank's Billionaire Boss Predicts a Trillion Dollar Impact by 2035 |
 Masayoshi Son Predicts AI Revolution in Decade's TimeJapanese technology mogul Masayoshi Son warns of the impending arrival of a ten-thousand-fold increase in artificial intelligence, likening it to an 'artificial superintelligence' rivalling human brainpower. The development, likely within a decade, may well have profound implications for our lives as we know them.Son's prediction comes with a warning: it will not be cheap. |
US Army Must Abandon Tanks and Embrace Drone Revolution |
 In a surprise move, former Google CEO Eric Schmidt has weighed in on military hardware. He suggests that the US Army scrap its tanks in favour of unmanned aerial vehicles (UAVs) powered by artificial intelligence.Schmidt, now an advisor to AI research firm DeepMind, believes tanks are no longer a practical tool for modern warfare given advancements in drone technology. "We should take out our 2,500 tanks and replace them with 5,000 drones," he told attendees at the Aspen Security Forum in Colorado last week.The former tech boss has previously expressed concerns about AI's role in warfare, but this marks one of his most direct calls to action on military hardware. |
Apple Tackles Slow AI-PC Performance with Lightning-Fast M4 Chips |
 A busy week indeed for Cupertino's tech titans. Apple has been making waves with a slew of announcements. The diminutive Mac mini has shrunk down to size, while lappies have seen updates. And, in a bold move, Apple has unveiled new System on Chips (SoCs). The arrival of its M4 silicon brings AI PCs into sharp focus, with the company boasting that no rival silicon can match its capabilities. It seems Cupertino is making waves and reasserting its dominance in the tech world. |
Microsoft’s Big Decision: Ditching AI Training Workloads for Lucrative Inferencing - The Cloud Wars Intensify |
 Azure's growth shows no signs of slowing down, with Microsoft racking up significant spending on new data centres. However, this comes at a price: the company is now refusing custom orders from businesses looking for GPU rentals to support their own artificial intelligence projects. This move may help keep costs under control but could alienate potential clients in an increasingly competitive market. |
A Blast from the Past: Unpacking the Evolution of WIRED's Online Pioneering |
 The dawn of HotWired marked a new era for online users everywhere. The introduction of hyperlinks allowed us to navigate through the web seamlessly, while verticals created a platform for specific content to thrive. Banner ads and cookies provided revenue streams for websites. Three decades on, the world has moved on from those early days, but many are left grappling with the legacy of HotWired - a complex issue of balancing user privacy and online advertising. |
2024-10-29 Read more on Wired (www.wired.com) |
Social Media Fears Fuelled by Election Fraud Hype |
 The poisonous mix of pro-Trump groups, tech giants' laxity and foreign meddling has poisoned the internet. Years of carefully crafted disinformation campaigns have sown discord and fuelled election denialism, threatening democratic processes and civil discourse. Big Tech's hesitance to intervene has given a free rein to these malicious actors, allowing toxic propaganda to spread like wildfire. This pernicious cocktail imperils democracy as we know it, and only concerted action can counter its insidious effects. |
2024-10-29 Read more on Wired (www.wired.com) |
Black Friday Bonanza: Unveiling Walmart's Sizzling Offers this November 2024 |
 Savvy shoppers rejoice! Thousands of must-have items are now up to 65 per cent cheaper thanks to a plethora of fantastic deals on everything from gizmos and gadgets to foodstuffs and fashionable finds. With the latest batch of handpicked offers, there's never been a better time to bag a bargain. Whether you're in search of a cutting-edge electronic device or simply looking to stock up on essentials, this flash sale has something for everyone. |
2024-10-30 Read more on Wired (www.wired.com) |
A Forgotten Foothold in the Jungle Unveiled: Archaeologists' Daring Discovery of a Hidden Mayan Metropolis |
 Lost Mayan City Found Using Laser Mapping TechIn a groundbreaking archaeological discovery, a previously unknown Mayan city has been unearthed using cutting-edge laser technology. The ancient settlement, known as Valeriana, is thought to date back to before AD 150 and boasts impressive structures such as pyramids and plazas.The use of advanced mapping techniques allowed the researchers to uncover Valeriana's hidden ruins, which had remained concealed beneath dense jungle foliage for centuries. This remarkable find provides valuable insights into Mayan culture and architecture during an earlier period than previously known. |
2024-10-30 Read more on Wired (www.wired.com) |
Apple MacBook Pro (M4 2024) - The High-Performance Laptop That'll Set Your Wallet Ablaze |
 The newest crop of MacBooks features some of the most potent processors Apple has ever designed, namely the M4 Pro and M4 Max chips. These high-performance processors promise to deliver faster speeds and more efficient power consumption than their predecessors. As a result, users can expect enhanced performance in demanding tasks such as video editing, 3D modeling, and other resource-intensive applications. The improved power efficiency also translates to longer battery life, making these laptops suitable for extended use on the go. Overall, these powerful processors place these new MacBooks at the forefront of laptop technology, setting a new benchmark for speed and performance. |
2024-10-30 Read more on Wired (www.wired.com) |
Europe's Goliaths Gear Up for New Battle: The Post-US Election Landscape Beckons |
 The future of European efforts to curb the dominance of American technology giants hangs precariously in the balance as the region prepares for elections that will decide whether or not to push through antitrust reforms. At the forefront of these regulatory battles is Lina Khan, a fierce advocate of stricter competition law and her influence on the outcome of the upcoming election could shape the course of tech regulations in Europe for years to come. |
2024-10-30 Read more on Wired (www.wired.com) |
The Creepy Concoctions to Cast a Spell on Your Smart Home This Halloween |
 Spice up your spooky soiree with frightful frills and thrills galore. Tech-driven terror is the new trend for a hauntingly good time. Add some eerie ambiance with soundscapes of creaking doors, howling winds and otherworldly whispers to send shivers down guests' spines. LED lights flickering like jack-o-lanterns or strobing red lights to mimic a haunted house's ominous glow will surely make your ghoulish gathering unforgettably terrifying. |
2024-10-30 Read more on Wired (www.wired.com) |
New Directions in Protecting Petroleum - The TSA Tightens Up on Oil and Gas Industry Cybersecurity |
 In recent years, the US has been fretting over the security of its critical infrastructure, particularly in the oil and gas sector, due to its starring role in the nation's economy and energy supply. To address this concern, the Transportation Security Administration (TSA) annually rolls out new directives in July to beef up the security and resilience of vital energy infrastructure against cyber-attacks and physical disruptions. |
2024-10-29 Read more on Tripwire (www.tripwire.com) |
Russian hackers target Ukraine's military with new wave of malware attacks |
 A suspected Russian espionage group, known as UNC5812, is thought to be behind a spate of cyber attacks targeting Ukraine's military forces using malware distributed via the popular messaging app Telegram. The attackers utilised both Windows and Android malware variants through the 'Civil Defense' channel, which was set up on September 10 last year with around 189 subscribers at that time. Google TAG and security firm Mandiant have identified the group, although further details regarding their motives are currently unclear. |
2024-10-29 Read more on Security Affairs (securityaffairs.com) |
Fog, Akira Ransomware Attacks Exploit Critical SonicWall Vulnerability CVE-2024-40766 |
 Fog and Akira ransomware attackers are exploiting a critical vulnerability in SonicWall's VPN software (CVE-2024-40766) to breach enterprise networks. This flaw, classified as an improper access control issue with a CVSS v3 severity score of 9.3, allows unauthenticated SSL VPN access. SonicWall patched the issue back in August, but organisations that have yet to update their systems are at risk of being compromised by these malicious actors. |
2024-10-29 Read more on Security Affairs (securityaffairs.com) |
Beware: Latest Android Malware Siphons Off Your Hard-Earned Cash |
 New strain of Android malware, dubbed FakeCall, has been spotted by Zimperium researchers. This malicious software intercepts outgoing calls from Android devices, redirecting them to a designated attackers' phone number. Once in control, the hackers can then siphon sensitive information and bank funds from unsuspecting victims. The latest version of this pernicious malware is a reminder to users to remain vigilant when using mobile banking services on their smartphones. |
2024-10-31 Read more on Security Affairs (securityaffairs.com) |
Title: Charting the Path to Compliance Success with Intruder's Expert Guidance |
 Navigating the labyrinthine world of compliance frameworks can be a daunting task, but fear not, for Intruder is here to simplify the process by tackling the key vulnerability management criteria demanded by ISO 27001, SOC 2 and GDPR. To keep customer data safe, read on to understand how each framework requires you to address security best practices and ensure your business is in line with regulatory requirements. |
2024-10-30 Read more on The Hackers News (thehackernews.com) |
A Sneaky Snake in Our Midst: Cyber Sleuths Expose Trojanized Python Packages Prying on Cryptocurrency Wallets |
 British cyber security experts have identified a sly new threat lurking in the coding world, dubbed 'CryptoAITools'. This devious package poses as an innocent cryptocurrency trading tool but harbours some rather dodgy functionality, designed to pilfer sensitive data and drain victims' digital wallets. A whopping 1,300+ downloads later, this menace has been spotted on both the reputable Python Package Index and fake GitHub repositories - a stark reminder of how easily malicious code can slip under our radar in today's digital age. |
2024-10-30 Read more on The Hackers News (thehackernews.com) |
Malicious Ads on Facebook: New Threat Spreading Stealthy Stealer Malware |
 Cybersecurity boffins at Bitdefender have sniffed out an ongoing scam where hackers are using Meta's advertising platform and hijacking Facebook accounts to spread dodgy code called SYS01stealer, which siphons off sensitive info from users' PCs. The scammers are cleverly piggybacking on the reputations of well-known brands to reach a wider audience, making it trickier for users to spot their nefarious activities. |
2024-10-30 Read more on The Hackers News (thehackernews.com) |
Admins must leap to it - a critical open-source vulnerability has been discovered. |
 Spring Framework Vulnerability Alert: Patch Up Now!Java developers take note - a serious security flaw in the omnipresent Spring framework demands your urgent attention. The latest vulnerability, classified as high-risk, affects applications built using this widely-used development tool.While the Spring ecosystem remains incredibly popular among Java programmers, its extensive use also brings inherent risks when vulnerabilities like this arise. It's therefore crucial to ensure your application is updated to the latest version to prevent potential attacks.Don't wait - take immediate action and patch up your Spring framework today to safeguard your application against this critical issue. |
Chinese hackers gain access to Canada's government networks, leaving officials scrambling after discovering breach that went undetected for a staggering five-year period. |
 India has been identified as a new and serious threat to global cybersecurity, according to a report published by Canada's top intelligence agency. The Communications Security Establishment (CSE) lists the country among the biggest sources of cyber attacks against governments worldwide - and it's not just any old hackers, either; state-backed actors have allegedly been stealing valuable information from government networks for five whole years. |