Merck & Co.’s proposed settlement with insurers over a $1.4 billion claim related to the NotPetya attack will change the language the insurance industry uses to exclude acts of war in its policies, and organizations need to consider how those changes affect risk, said attorney Peter Halprin. The settlement will resolve an ongoing legal dispute […]
The latest World Economic Forum Global Risks Report 2024 highlighted the rising tide of cyber threats and places misinformation and disinformation as the most severe risk globally. It also warned of low-cost crime havens and issues surrounding concentrated AI power in few hands. Misinformation and Undermining Truth Misinformation and disinformation have emerged as the most […]
The breach occurred when a threat actor impersonated Framework’s CEO and tricked an accountant into sharing a spreadsheet containing customer data, including names, email addresses, and outstanding balances.
Jan 12, 2024NewsroomCryptocurrency / Malware Cybersecurity researchers have identified a new attack that exploits misconfigurations in Apache Hadoop and Flink to deploy cryptocurrency miners within targeted environments. “This attack is particularly intriguing due to the attacker’s use of packers and rootkits to conceal the malware,” Aqua security researchers Nitzan Yaakov and Assaf Morag said in […]
This month’s best new modules include TipTop’s latest Buchla reissue, a unique quad envelope from Eowave and serious audio seasoning from Frap Tools. Buchla & TipTop Audio Model 296t TipTop Audio’s officially licensed Buchla modules have been some of our favourites over the last year. Bringing the iconic Buchla modules to a more accessible, Eurorack-compatible […]
Jan 11, 2024NewsroomVulnerability / Cyber Attack Cybersecurity researchers have developed a proof-of-concept (PoC) code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source Enterprise Resource Planning (ERP) system to execute a memory-resident payload. The vulnerability in question is CVE-2023-51467 (CVSS score: 9.8), a bypass for another severe shortcoming in the same software […]
Governance & Risk Management , IT Risk Management Cyber Regulation Requires EU Agencies to Assess Risks and Report Incidents Akshaya Asokan (asokan_akshaya) • January 10, 2024 The European Union adopted a regulation intended to strengthen institutional cybersecurity. (Image: Shutterstock) The European Union adopted a regulation on mandatory cyber hygiene intended to beef up […]
The first vulnerability enables an attacker to reset the API key and access sensitive log information, while the second vulnerability allows for arbitrary script injection into affected web pages.
A team of computer scientists led by the University of Massachusetts Amherst recently announced a new method for automatically generating whole proofs that can be used to prevent software bugs and verify that the underlying code is correct. This new method, called Baldur, leverages the artificial intelligence power of LLMs, and, when combined with the […]