Tag: data exfiltration

Source URL: https://cloud.google.com/blog/products/identity-security/5-ways-google-cloud-can-help-you-minimize-credential-theft-risk/ Source: Cloud Blog Title: 5 ways Google Cloud can help you minimize credential theft risk Feedly Summary: Threat actors who target cloud environments are increasingly focusing on exploiting compromised cloud identities. A compromise of human or non-human identities can lead to increased risks, including cloud resource abuse and sensitive data exfiltration. These…

The Register: Medical monitoring machines spotted stealing patient data, users warned to pull the plug ASAP

Feb 3, 2025

—

by

Source URL: https://www.theregister.com/2025/02/03/backdoored_contec_patient_monitors_leak_data/ Source: The Register Title: Medical monitoring machines spotted stealing patient data, users warned to pull the plug ASAP Feedly Summary: PLUS: MGM settles breach suits; AWS doesn’t trust you with security defaults; A new .NET backdoor; and more Infosec in brief The United States Food and Drug Administration has told medical facilities…

Unit 42: Recent Jailbreaks Demonstrate Emerging Threat to DeepSeek

Jan 30, 2025

—

by

Source URL: https://unit42.paloaltonetworks.com/?p=138180 Source: Unit 42 Title: Recent Jailbreaks Demonstrate Emerging Threat to DeepSeek Feedly Summary: Evaluation of three jailbreaking techniques on DeepSeek shows risks of generating prohibited content. The post Recent Jailbreaks Demonstrate Emerging Threat to DeepSeek appeared first on Unit 42. AI Summary and Description: Yes Summary: The text outlines the research conducted…

Cloud Blog: Cloud CISO Perspectives: How cloud security can adapt to today’s ransomware threats

Jan 30, 2025

—

by

Source URL: https://cloud.google.com/blog/products/identity-security/cloud-ciso-perspectives-how-cloud-security-can-adapt-ransomware-threats/ Source: Cloud Blog Title: Cloud CISO Perspectives: How cloud security can adapt to today’s ransomware threats Feedly Summary: Welcome to the second Cloud CISO Perspectives for January 2025. Iain Mulholland, senior director, Security Engineering, shares insights on the state of ransomware in the cloud from our new Threat Horizons Report. The research…

The Register: Lazarus Group cloned open source projects to plant backdoors, steal credentials

—

by

Source URL: https://www.theregister.com/2025/01/29/lazarus_groups_supply_chain_attack/ Source: The Register Title: Lazarus Group cloned open source projects to plant backdoors, steal credentials Feedly Summary: Stealing crypto is so 2024. Supply-chain attacks leading to data exfil pays off better? North Korea’s Lazarus Group compromised hundreds of victims across the globe in a massive secret-stealing supply chain attack that was ongoing…

Unit 42: CL-STA-0048: An Espionage Operation Against High-Value Targets in South Asia

—

by

Source URL: https://unit42.paloaltonetworks.com/?p=138128 Source: Unit 42 Title: CL-STA-0048: An Espionage Operation Against High-Value Targets in South Asia Feedly Summary: A Chinese-linked espionage campaign targeted entities in South Asia using rare techniques like DNS exfiltration, with the aim to steal sensitive data. The post CL-STA-0048: An Espionage Operation Against High-Value Targets in South Asia appeared first…

Cloud Blog: Adversarial Misuse of Generative AI

—

by

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/adversarial-misuse-generative-ai/ Source: Cloud Blog Title: Adversarial Misuse of Generative AI Feedly Summary: Rapid advancements in artificial intelligence (AI) are unlocking new possibilities for the way we work and accelerating innovation in science, technology, and beyond. In cybersecurity, AI is poised to transform digital defense, empowering defenders and enhancing our collective security. Large language…

Hacker News: Microsoft Probing If DeepSeek-Linked Group Improperly Obtained OpenAI Data

—

by

Source URL: https://www.bloomberg.com/news/articles/2025-01-29/microsoft-probing-if-deepseek-linked-group-improperly-obtained-openai-data Source: Hacker News Title: Microsoft Probing If DeepSeek-Linked Group Improperly Obtained OpenAI Data Feedly Summary: Comments AI Summary and Description: Yes Summary: Microsoft and OpenAI are reportedly investigating a potential data exfiltration incident involving their technology linked to a Chinese AI startup, DeepSeek. This raises critical concerns about security and integrity in…

Bulletins: Vulnerability Summary for the Week of December 16, 2024

Jan 27, 2025

—

by