Sun.Apr 25, 2021

article thumbnail

Cryptomining Campaign Leverages MS Exchange Server Flaw

Data Breach Today

Cybereason Says Russian Hacking Group Prometei is Behind the Campaign A Russian botnet group called Prometei is exploiting critical Microsoft Exchange Server vulnerabilities to mine cryptocurrency from various organizations across the world, a new report by security firm Cybereason finds. The group appears to be financially-motivated.

Mining 301
article thumbnail

Hackers are targeting Soliton FileZen file-sharing servers

Security Affairs

Threat actors are exploiting two flaws in the popular file-sharing server FileZen to steal sensitive data from businesses and government organizations. Threat actors are exploiting two vulnerabilities in the popular file-sharing server FileZen , tracked as CVE-2020-5639 and CVE-2021-20655 , to steal sensitive data from businesses and government organizations.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Facebook Disrupts Palestinian APT Activities

Data Breach Today

Social Media Giant says 2 Groups Were Conducting Cyberespionage Facebook says it disrupted two Palestinian advanced persistent threat groups that targeted victims across the Middle East as part of cyber espionage campaigns. The groups used malware and advanced social engineering tactics to target journalists, human rights activists and military groups.

Military 284
article thumbnail

10,000+ unpatched ABUS Secvest home alarms can be deactivated remotely

Security Affairs

10,000+ unpatched ABUS Secvest home alarm systems could be remotely disabled exposing customers to intrusions and thefts. Researchers from Eye Security have found thousands of unpatched ABUS Secvest home alarm systems exposed online despite the vendor has addressed a critical bug (CVE-2020-28973) in January. A remote attacker could exploit the vulnerability to disable alarm systems and expose homes and corporate buildings to intrusions. “The ABUS Secvest wireless alarm system FUAA50000

Passwords 110
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

VPN Hacks Are a Slow-Motion Disaster

WIRED Threat Level

Recent spying attacks against Pulse Secure VPN are just the latest example of a long-simmering cybersecurity meltdown.

article thumbnail

Security Affairs newsletter Round 311

Security Affairs

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. A member of the FIN7 group was sentenced to 10 years in prison Is BazarLoader malware linked to Trickbot operators? Monero Cryptocurrency campaign exploits ProxyLogon flaws Codecov was a victim of a supply chain attack Crooks made more than $560K with a simple clipboard hijacker Experts demonstrated how to hack a utility and take over a smart m