LLMs can be manipulated to generate harmful outputs through malicious prompts, posing risks to enterprises. To counter these attacks, companies must focus on the design, development, deployment, and operation of their AI systems.
A sophisticated trio of Chinese cyberespionage groups known as Cluster Alpha, Cluster Bravo, and Cluster Charlie are behind the Crimson Palace espionage campaign targeting government organizations in Southeast Asia.
The DHS Cyber Safety Review Board, led by Homeland Security officials, is preparing to announce its next investigation soon, as hinted by DHS undersecretary Rob Silvers. Silvers mentioned criteria for incident review but did not reveal details.
. The ImageMagick vulnerability (CVE-2016-3714) could allow remote code execution through crafted images. Linux Kernel flaw (CVE-2017-1000253) enables privilege escalation for unpatched systems.
CISA has identified vulnerabilities in industrial control system products from Baxter and Mitsubishi that are commonly used in healthcare and critical manufacturing sectors. Both the firms have released advisories with mitigation measures.
Poland has dismantled a cyber sabotage group with links to Russia and Belarus. The group attempted to disrupt the country through cyberattacks, extorting information from local government agencies and state companies related to security matters.
Known as Konni, the threat actor uses similar tactics in both countries since at least 2021, targeting entities like the Russian Ministry of Foreign Affairs, the Russian Embassy in Indonesia, and South Korean businesses, including a tax law firm.
Researchers have warned of the resurgence of Predator spyware, previously thought to be inactive due to sanctions and exposure, thanks to new infrastructure and evasive tactics.
Chinese APT group Stately Taurus exploited Visual Studio Code to target government entities in Southeast Asia for cyberespionage. They utilized the software’s reverse shell feature to infiltrate networks, a technique first detected in 2023.
TIDrone, linked to Chinese-speaking groups, deploys advanced malware through ERP software or remote desktop tools. Trend Micro identified the threat actor as actively pursuing military and satellite industrial supply chains in Taiwan.