Google Gemini bugs enable prompt leaks, injection via Workspace plugin

Laura FrenchMarch 12, 2024

Files containing malicious prompts could be used to manipulate interactions, researchers say.

Navigating the identity security minefield

PODCASTS

RESOURCES

FEATURED

Congratulations to our 2023 SC Media Women in IT Security honorees

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

Cyber security concept. Toy horse on a digital screen, symbolizes the attack of the Trojan virus. 3D illustration.

Cloud Security

Phishing campaign leverages AWS and GitHub to launch RATs

Steve ZurierMarch 12, 2024

Attackers continue to leverage popular AWS cloud and GitHub developer services as a way to “live-off-the-land” and launch malware.

Computer repair concept. Hardware or software error.

Network Security

BianLian ransomware crew exploiting bugs in JetBrains’ TeamCity platform

Simon HenderyMarch 12, 2024

Known for its adaptability, the threat group is once again taking advantage of recent vulnerabilities organizations may not have patched yet.

IT technician or engineer connects a gigabit network cable into switch in datacenter

Network Security

QNAP fixes three bugs on NAS devices, one critical authentication flaw

Steve ZurierMarch 11, 2024

The critical flaw is an authentication bug could let users compromise the security of the system.

The Cybersecurity and Infrastructure Security Agency (CISA) emblem is seen at its headquarters in Arlington, Va.

Vulnerability Management

CISA breached by hackers exploiting Ivanti bugs

Simon HenderyMarch 11, 2024

Magnet Goblin, a newly identified cyber gang, is the latest threat group discovered abusing the Ivanti flaws.

Microsoft's booth at the Mobile World Congress.

Vulnerability Management

Microsoft says Russia-backed Midnight Blizzard accessed its source code

Steve ZurierMarch 8, 2024

Security pros say targeting source code will continue because it lets attackers identify new bugs and inject their own malware into the software supply chain.

Ransomware

Change Healthcare hacker may be linked to China espionage gangs

Simon HenderyMarch 8, 2024

Researchers unearthed a possible connection between nation-state groups and the ALPHV/BlackCat affiliate responsible for the highly disruptive attack.

Network Security

JetBrains TeamCity critical flaw exploited; 1.4k servers compromised

Laura FrenchMarch 7, 2024

Attackers are creating hundreds of admin accounts, with a high potential for supply chain attacks.

Network Security

VMware patches critical, important bugs in ESXi, Workstation and Fusion

Steve ZurierMarch 7, 2024

Security pros say given the installed base of VMware products many companies have, it makes sense to apply the updates right away.

Google Gemini bugs enable prompt leaks, injection via Workspace plugin

Navigating the identity security minefield

PODCASTS

RESOURCES

FEATURED

Congratulations to our 2023 SC Media Women in IT Security honorees

Get daily email updates

Perspectives

Change Healthcare attack calls for health sector to take on a more proactive security stance

Six ways to protect an organization from commercial spyware

The rise of cyberattacks on financial institutions highlights the need to build a security culture

How teams can make use of the White House report on secure and measurable software

There’s nothing new about the battle for identity in cyberspace

In Brief

UnitedHealth sought to ease cashflow challenges after Change Healthcare attack

Many systems remain vulnerable to critical Fortinet FortiOS bug

New Dropbox phishing attacks target SaaS credentials

Brazil subjected to novel CHAVECLOAK trojan attacks

‘Unprecedented’ cyberattacks hit French government agencies

More Resources

Threat intelligence platform essentials: Integration and real-time data analysis

How active adversaries target your business

Are users ready to go passwordless? Why it’s better to move slowly

Getting zero-trust initiatives off the ground

Can AI rescue zero trust?

Phishing campaign leverages AWS and GitHub to launch RATs

BianLian ransomware crew exploiting bugs in JetBrains’ TeamCity platform

QNAP fixes three bugs on NAS devices, one critical authentication flaw

CISA breached by hackers exploiting Ivanti bugs

Microsoft says Russia-backed Midnight Blizzard accessed its source code

Change Healthcare hacker may be linked to China espionage gangs

JetBrains TeamCity critical flaw exploited; 1.4k servers compromised

VMware patches critical, important bugs in ESXi, Workstation and Fusion

EVENTS

Top Ten ATT&CK Techniques: The Rise of ‘Hunter-Killer’ Malware

Zero trust, untangled: A manager’s guide

How CISOs Manage Supply Chain Risk

Identity: Finding the balance between security and user experience

A CISO’s Guide to Effective Operational Technology (OT) Security Practices

Cybersecurity News, Awards, Webinars, eSummits, Research

Google Gemini bugs enable prompt leaks, injection via Workspace plugin

Navigating the identity security minefield

PODCASTS

RESOURCES

FEATURED

Congratulations to our 2023 SC Media Women in IT Security honorees

Get daily email updates

Perspectives

Change Healthcare attack calls for health sector to take on a more proactive security stance

Six ways to protect an organization from commercial spyware

The rise of cyberattacks on financial institutions highlights the need to build a security culture

How teams can make use of the White House report on secure and measurable software

There’s nothing new about the battle for identity in cyberspace

In Brief

UnitedHealth sought to ease cashflow challenges after Change Healthcare attack

Many systems remain vulnerable to critical Fortinet FortiOS bug

New Dropbox phishing attacks target SaaS credentials

Brazil subjected to novel CHAVECLOAK trojan attacks

‘Unprecedented’ cyberattacks hit French government agencies

More Resources

Threat intelligence platform essentials: Integration and real-time data analysis

How active adversaries target your business

Are users ready to go passwordless? Why it’s better to move slowly

Getting zero-trust initiatives off the ground

Can AI rescue zero trust?

Phishing campaign leverages AWS and GitHub to launch RATs

BianLian ransomware crew exploiting bugs in JetBrains’ TeamCity platform

QNAP fixes three bugs on NAS devices, one critical authentication flaw

CISA breached by hackers exploiting Ivanti bugs

Microsoft says Russia-backed Midnight Blizzard accessed its source code

Change Healthcare hacker may be linked to China espionage gangs

JetBrains TeamCity critical flaw exploited; 1.4k servers compromised

VMware patches critical, important bugs in ESXi, Workstation and Fusion

EVENTS

Top Ten ATT&CK Techniques: The Rise of ‘Hunter-Killer’ Malware

Zero trust, untangled: A manager’s guide

How CISOs Manage Supply Chain Risk

Identity: Finding the balance between security and user experience

A CISO’s Guide to Effective Operational Technology (OT) Security Practices