New Hugging Face Vulnerability Exposes AI Models to Supply Chain Attacks

Cybersecurity researchers have found that it's possible to compromise the Hugging Face Safetensors conversion service to ultimately hijack the models submitted by users and result in supply chain attacks.
"It's possible to send malicious pull requests with attacker-controlled data from the Hugging Face service to any repository on the platform, as well as hijack any models that are submitted

https://thehackernews.com/2024/02/new-hu...poses.html

Five Eyes Agencies Expose APT29's Evolving Cloud Attack Tactics

Cybersecurity and intelligence agencies from the Five Eyes nations have released a joint advisory detailing the evolving tactics of the Russian state-sponsored threat actor known as APT29.
The hacking outfit, also known as BlueBravo, Cloaked Ursa, Cozy Bear, Midnight Blizzard (formerly Nobelium), and The Dukes, is assessed to be affiliated with the Foreign Intelligence Service (SVR) of the

https://thehackernews.com/2024/02/five-e...pt29s.html

From Alert to Action: How to Speed Up Your SOC Investigations

Processing alerts quickly and efficiently is the cornerstone of a Security Operations Center (SOC) professional's role. Threat intelligence platforms can significantly enhance their ability to do so. Let's find out what these platforms are and how they can empower analysts.
The Challenge: Alert Overload
The modern SOC faces a relentless barrage of security alerts generated by SIEMs and EDRs.

https://thehackernews.com/2024/02/from-a...ed-up.html

Open-Source Xeno RAT Trojan Emerges as a Potent Threat on GitHub

An "intricately designed" remote access trojan (RAT) called Xeno RAT has been made available on GitHub, making it easily accessible to other actors at no extra cost.
Written in C# and compatible with Windows 10 and Windows 11 operating systems, the open-source RAT comes with a "comprehensive set of features for remote system management," according to its developer, who goes by the name

https://thehackernews.com/2024/02/open-s...es-as.html

WordPress LiteSpeed Plugin Vulnerability Puts 5 Million Sites at Risk

A security vulnerability has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable unauthenticated users to escalate their privileges.
Tracked as CVE-2023-40000, the vulnerability was addressed in October 2023 in version 5.7.0.1.
"This plugin suffers from unauthenticated site-wide stored [cross-site scripting] vulnerability and could allow any unauthenticated user

https://thehackernews.com/2024/02/wordpr...lugin.html

Cybersecurity Agencies Warn Ubiquiti EdgeRouter Users of APT28's MooBot Threat

In a new joint advisory, cybersecurity and intelligence agencies from the U.S. and other countries are urging users of Ubiquiti EdgeRouter to take protective measures, weeks after a botnet comprising infected routers was felled by law enforcement as part of an operation codenamed Dying Ember.
The botnet, named MooBot, is said to have been used by a Russia-linked threat actor known as

https://thehackernews.com/2024/02/cybers...quiti.html

TimbreStealer Malware Spreading via Tax-themed Phishing Scam Targets IT Users

Mexican users have been targeted with tax-themed phishing lures at least since November 2023 to distribute a previously undocumented Windows malware called TimbreStealer.
Cisco Talos, which discovered the activity, described the authors as skilled and that the "threat actor has previously used similar tactics, techniques and procedures (TTPs) to distribute a banking trojan known

https://thehackernews.com/2024/02/timbre...a-tax.html

Superusers Need Super Protection: How to Bridge Privileged Access Management and Ide

Traditional perimeter-based security has become costly and ineffective. As a result, communications security between people, systems, and networks is more important than blocking access with firewalls. On top of that, most cybersecurity risks are caused by just a few superusers – typically one out of 200 users. There’s a company aiming to fix the gap between traditional PAM and IdM

https://thehackernews.com/2024/02/superu...ow-to.html

Building Your Privacy-Compliant Customer Data Platform (CDP) with First-Party Data

In today's digital era, data privacy isn't just a concern; it's a consumer demand. Businesses are grappling with the dual challenge of leveraging customer data for personalized experiences while navigating a maze of privacy regulations. The answer? A privacy-compliant Customer Data Platform (CDP).
Join us for a transformative webinar where we unveil Twilio Segment's state-of-the-art CDP.

https://thehackernews.com/2024/02/buildi...liant.html

FBI Warns U.S. Healthcare Sector of Targeted BlackCat Ransomware Attacks

The U.S. government is warning about the resurgence of BlackCat (aka ALPHV) ransomware attacks targeting the healthcare sector as recently as this month.
"Since mid-December 2023, of the nearly 70 leaked victims, the healthcare sector has been the most commonly victimized," the government said in an updated advisory.
"This is likely in response to the ALPHV/BlackCat administrator's

https://thehackernews.com/2024/02/fbi-wa...or-of.html