Google is rolling out a red team charged with testing the security of AI systems by running simulated but realistic attacks to uncover vulnerabilities or other weaknesses that could be exploited by cybercriminals.

The post Google Launches Red Team to Secure AI Systems Against Attacks appeared first on Security Boulevard.

Storm-0558 Breaks: Satya and Pooh, sitting in a tree, K.I.S.S.I.N.G.

The post ‘China’ Azure Breach: MUCH Worse Than Microsoft Said appeared first on Security Boulevard.

The post Microsoft Lost Its Keys, Voice Cloning Scams, The Biden-Harris Cybersecurity Labeling Program appeared first on Shared Security Podcast.

The post Microsoft Lost Its Keys, Voice Cloning Scams, The Biden-Harris Cybersecurity Labeling Program appeared first on Security Boulevard.

The Lazarus Group is behind a social engineering campaign that uses repository invitations and malicious npm packages to target developers on GitHub.

The post GitHub Developers Targeted by North Korea’s Lazarus Group appeared first on Security Boulevard.

Two banks earlier this year were the targets of open source supply chain attacks, the first of their kind in the industry.

The post Software Supply Chain Attackers Targeting Banks, Checkmarx Says appeared first on Security Boulevard.

Kevin is Free: Hackers’ hacker dies, aged 59.

The post R.I.P. Kevin Mitnick, 1963–2023 appeared first on Security Boulevard.

As cleantech becomes a bigger part of U.S. critical infrastructure, it faces a bigger risk from cyberattackers leveraging quantum attacks.

The post Cleantech and Quantum Computing: Critical Infrastructure Cybersecurity appeared first on Security Boulevard.

The post Top Threatening Network Vulnerability in 2023 appeared first on Kratikal Blogs.

The post Top Threatening Network Vulnerability in 2023 appeared first on Security Boulevard.

A new peer-to-peer (P2P) worm, P2PInfect, is spreading across instances of the Redis open source database software in the cloud.

The post New P2P Worm Puts Windows and Linux Redis Servers in its Sights appeared first on Security Boulevard.

FIN8 Group Using Modified Sardonic Malware for Deployment of BlackCat Ransomware     

According to the Symantec Threat Hunter Team, the financially motivated threat actor known as FIN8 has been observed using an updated version of a malware called Sardonic to deliver the BlackCat ransomware. The update on the Sardonic malware is an attempt on the part of the e-crime group to diversify its focus and maximize profits from infected entities. [1] 

The C++ based Sardonic backdoor has the ability to harvest system information and execute commands, and has a plugin system designed to load and execute additional malware payloads delivered as DLLs. Unlike the previous variant of Sardonic, which was designed in C++, the latest iteration packs in significant alterations, with most of the source code rewritten in C and modified so as to deliberately avoid similarities. 

In the latest incident analyzed by Symantec, Sardonic malware is embedded into a PowerShell script that was deployed into the targeted system after obtaining initial access. The script is designed to launch a .NET loader, which then decrypts and executes an injector module to ultimately run the implant. Successful infection leads to the deployment of BlackCat ransomware.    

The post FIN8 Group Using Modified Sardonic Malware for Deployment of BlackCat Ransomware appeared first on Security Boulevard.