Cybersecurity
OpenAI Finds Growing Exploitation of AI Tools by Foreign Threat Groups
OpenAI’s latest “Disrupting Malicious Uses of AI” report shows that hackers and influence operators are moving toward a more organised use of artificial intelligence (AI). The findings reveal that adversaries are spreading their operations across multiple AI systems, for instance, using ChatGPT for reconnaissance and planning, while relying on other models for execution and automation….
How to get better results from bug bounty programs without wasting money – Help Net Security
The wrong bug bounty strategy can flood your team with low-value reports. The right one can surface critical vulnerabilities that would otherwise slip through. A new academic study based on Google’s Vulnerability Rewards Program (VRP) offers rare data on how to tell the difference. The team behind the study included experts from Harvard, Bocconi University,…
The Y2K38 Bug Is a Vulnerability, Not Just a Date Problem, Researchers Warn
Time Manipulation Allows Hackers to Trigger Y2K38 Bug Today Widely known time-related software bugs that could cause significant disruptions when triggered in more than a decade are actually exploitable by hackers today, researchers warn. One of the bugs, known as ‘The Year 2038 problem’ and Y2K38, could cause computers to malfunction on January 19, 2038….
GhostRedirector poisons Windows servers: Backdoors with a side of Potatoes
ESET researchers have identified a new threat actor, whom we have named GhostRedirector, that compromised at least 65 Windows servers mainly in Brazil, Thailand, and Vietnam. GhostRedirector used two previously undocumented, custom tools: a passive C++ backdoor that we named Rungan, and a malicious Internet Information Services (IIS) module that we named Gamshen. While Rungan…
Detour Dog Caught Running DNS-Powered Malware Factory for Strela Stealer
A threat actor named Detour Dog has been outed as powering campaigns distributing an information stealer known as Strela Stealer. That’s according to findings from Infoblox, which found the threat actor to maintain control of domains hosting the first stage of the stealer, a backdoor called StarFish. The DNS threat intelligence firm said it has…
Neue Phishing-Variante greift Gmail-Nutzer an
srcset=” 7008w, 300w, 768w, 1024w, 1536w, 2048w, 1240w, 150w, 854w, 640w, 444w” width=”1024″ height=”576″ sizes=”auto, (max-width: 1024px) 100vw, 1024px”>Hacker haben gefälschte PDF-Dateien an Gmail-Nutzer verschickt, die täuschend echt wirken. Prae_Studio – shutterstock.com Forscher des Sicherheitsunternehmens Varonis haben eine raffinierte Phishing-Methode entdeckt, die auf Gmail-Nutzer zielt. Dabei kommt eine Malware zum Einsatz, die sich nicht nur…
News brief: Cybersecurity weakened by government shutdown | TechTarget
The U.S. government shut down at 12:01 ET on Wednesday after Congress failed to reach a funding deal. Hundreds of thousands of employees across multiple federal programs have been affected — and the effects will ripple across the cybersecurity industry. Since the current administration took office in January, cybersecurity agencies have been under the…
Small Businesses and Ransomware: Navigating the AI Era Threat
Ransomware has evolved from a niche hacker tactic into a mainstream threat, and small businesses are increasingly in the crosshairs. While large enterprises have resources to invest in cybersecurity teams, threat intelligence, and AI-driven defence tools, many small businesses remain underprotected. In 2025, ransomware attacks will become faster, more automated, and more sophisticated thanks to…
4 ways to use time to level up your security monitoring – Help Net Security
SIEMs excel at correlating events and firing alerts, but their ingest pipelines can get overwhelmed when scaled. And because most SIEMs rely on general-purpose log storage platforms, even with lower-cost archive tiers, long-term retention at full fidelity remains expensive, forcing teams to choose between visibility and budget. With AI making the threat landscape more complex…
Are cybercriminals hacking your systems – or just logging in?
As bad actors often simply waltz through companies’ digital front doors with a key, here’s how to keep your own door locked tight 11 Sep 2025 • , 5 min. read Why break a door down and set the house alarm off when you have a key and a code to walk in silently? This…