Alert
-
Blog
DevSecOps teams are ramping up the use of AI tools, but they’ve got serious concerns — AI-generated code is causing major security headaches, rampant ‘alert fatigue’, and is slowing down development processes
While a plethora of organizations globally are now using AI in their software development processes, DevSecOps teams are worried about the growing array of security risks, new research shows. In a recent survey by Black Duck Software, nine-in-ten developers reported using AI coding tools in their daily workflow and highlighted the marked benefits of integrating AI within the development lifecycle.…
Read More » -
Blog
The NCSC and FBI just issued a major alert over a state-backed hacker group – here’s what you need to know
The National Cyber Security Centre (NCSC) has warned that Iran-linked hackers are using social engineering to target government officials, lobbyists, and others. In a joint advisory with the FBI, the NCSC said hackers working for Iran’s Revolutionary Guard Corps (IRGC) are carrying out spear phishing attacks against people with links to Iranian and Middle Eastern affairs. They’ve been impersonating victims’…
Read More » -
Blog
CISA issues alert over two high-severity DrayTek vulnerabilities – here’s what you need to know
CISA has added three security flaws to its known exploited vulnerabilities (KEV) catalog, including two affecting DrayTek’s network equipment management software, VigorConnect. The third vulnerability added to the catalog affects Kingsoft’s popular WPS Office productivity suite. All three vulnerabilities were described as path traversal flaws, that allow attackers to read sensitive files they should not be able to access. The…
Read More » -
Blog
Alert issued for ‘Voldemort’ malware as dozens of organizations hit
Security experts have issued an alert over the ‘Voldemort’ malware campaign that’s hit more than 70 organizations globally. Uncovered by researchers at Proofpoint, the malware has mainly been used to attack insurance companies, which account for a quarter of victims, with other heavily-targeted sectors including aerospace, transport, and universities. In all, 18 different verticals were targeted. The malicious activity was…
Read More »