A federal report published today found that Tesla’s Autopilot system was involved in at least 13 fatal crashes in which drivers misused the system in ways the automaker should have foreseen—and done more to prevent. Not only that, but the report called out Tesla as an “industry outlier” because its driver assistance features lacked some […]
An unidentified attacker hacked a Czech news service’s website and published a fake story on Tuesday claiming that an assassination attempt had been made against the newly elected Slovak president, Peter Pellegrini. According to the government-owned public service Czech News Agency (CTK), the attacker posted the false article directly to its website, meaning the story […]
As the company also explains in a public security advisory published on Friday, this zero-day bug enables unauthenticated attackers to escape the user’s virtual file system (VFS) and download system files.
Last year, the Open Worldwide Application Security Project (OWASP) published multiple versions of the “OWASP Top 10 For Large Language Models,” reaching a 1.0 document in August and a 1.1 document in October. These documents not only demonstrate the rapidly evolving nature of Large Language Models, but the evolving ways in which they can be […]
A leading UK security agency has today published a new guide for small and medium-sized businesses (SMBs) designed to help reduce the potential impact of cyber-attacks when using online services. The National Cyber Security Centre (NCSC) said its Using online services safely guide is specifically aimed at organizations that may not have access to dedicated […]
On December 11, 2023 WPScan published Marc Montpas’ research on the stored XSS vulnerability in the popular Popup Builder plugin (200,000+ active installation) that was fixed in version 4.2.3. A couple of days later, on December 13th, the Balada Injector campaign started infecting websites with older versions of the Popup Builder. The attack used a […]
Published On : 2023-12-15 EXECUTIVE SUMMARY At CYFIRMA, our mission is to empower you with the latest insights into the dynamic landscape of cybersecurity threats, addressing risks that impact both organizations and individuals. This report details a sophisticated cyber threat involving a malicious Word file with an embedded macro that, upon opening, prompts victims to […]
Dec 15, 2023NewsroomCryptocurrency / Malware Crypto hardware wallet maker Ledger published a new version of its “@ledgerhq/connect-kit” npm module after unidentified threat actors pushed malicious code that led to the theft of more than $600,000 in virtual assets. The compromise was the result of a former employee falling victim to a phishing attack, the company […]
The FBI has published guidance on how companies can request a delay in disclosing cyber incidents to the Securities and Exchange Commission (SEC). The document is a followup to new rules that the SEC approved in June requiring companies to quickly disclose “material” cybersecurity incidents and share the details of their cybersecurity risk management, strategy […]