SecurityWeek

GenAI users are uploading data to over eight apps every month – what are the security and privacy concerns?

Acuvity emerged from stealth with $9 million seed funding to provide solutions for enterprises to safely adopt GenAI.

Cisco has released patches for multiple vulnerabilities, including two critical-severity flaws in Smart Licensing Utility.

Franklin Ifeanyichukwu Okwonna and Ebuka Raphael Umeti were sentenced to prison in the US for business email compromise (BEC) fraud.

Microchip Technology says employee contact information and other types of data was stolen in an August ransomware attack.

An AI model trained on 10 to the 26th floating-point operations per second must now be reported to the U.S. government and could soon trigger even stricter requirements in California.

Two DrayTek vulnerabilities added by CISA to its KEV catalog have been exploited by multiple threat groups to steal data from organizations worldwide.

The US has cracked down on an influence operation sponsored by the Russian government, announcing charges, sanctions and domain seizures.

Microsoft is experimenting with a major new security mitigation to block attacks targeting flaws in the Windows Common Log File System (CLFS).

The FBI warns of North Korean threat actors conducting social engineering campaigns targeting employees in the cryptocurrency industry.

YubiKey security keys can be cloned via a side-channel attack that leverages a vulnerability in a cryptographic library.

Zyxel has released patches for multiple vulnerabilities in its networking devices, including a critical flaw impacting access points and security routers.

The White House has released a roadmap for addressing internet routing (BGP) security issues, mainly through RPKI adoption.

D-Link warns of multiple remote code execution vulnerabilities impacting its discontinued DIR-846 router model.

Google has released Android security updates to patch an exploited local privilege escalation vulnerability.

The US oil giant updated an SEC filing to confirm malicious hackers “accessed and exfiltrated information” from its corporate systems.

VMware rolls out patch for a high-severity code execution vulnerability in the Fusion hypervisor.

CSOs Jaya Baloo and Jonathan Trull discuss the route, role, and requirements in becoming and being a successful CISO.

Dutch agency said a database with billions of photos of faces amounted to serious violations of GDPR.

The FTC complaint alleges that Verkada’s failures allowed a hacker to access customers’ security cameras.