Systems

  • Blog
    digitpatrox1 week ago
    30

    Malicious PyPI packages abuse Gmail, websockets to hijack systems

    Seven malicious PyPi packages were found using Gmail’s SMTP servers and WebSockets for data exfiltration and remote command execution. The packages were discovered by Socket’s threat research team, who reported their findings to the PyPI, resulting in the removal of the packages. However, some of these packages were on PyPI for over four years, and based on third-party download counters,…

    Read More »
  • Blog
    digitpatrox1 week ago
    31

    “There needs to be an order of magnitude more effort”: AI security experts call for focused evaluation of frontier models and agentic systems

    Much more detailed work must be done to evaluate the security and safety risks associated with adopting AI models, according to a panel of experts in the field. At RSAC Conference 2025, representatives from Google DeepMind, Nvidia, and the UK AI Security Institute emphasized the current challenges involved with evaluating AI model risks and the uphill challenge security teams face…

    Read More »
  • Blog
    digitpatroxApril 8, 2025
    43

    Hackers lurked in Treasury OCC’s systems since June 2023 breach

    Unknown attackers who breached the Treasury’s Office of the Comptroller of the Currency (OCC) in June 2023 gained access to over 150,000 emails, according to anonymous sources familiar with the matter. The OCC is an independent bureau of the U.S. Department of the Treasury that oversees banks and federal savings associations and ensures they comply with applicable laws and regulations,…

    Read More »
  • Blog
    digitpatroxApril 3, 2025
    52

    Banks are persisting with the ‘patch and upgrade’ approach to legacy systems – and it’s swallowing up IT budgets

    Banks are spending a staggering 70% of their budgets on maintaining outdated legacy systems, with many using an expensive ‘patch and upgrade’ approach. According to research from RS2, this strategy is soaking up resources, placing significant strain on IT workers, and holding back digital transformation goals across the sector. RS2 said the traditional strategy of patch and upgrade – simply…

    Read More »
  • Blog
    digitpatroxMarch 31, 2025
    140

    Maintaining institutional memory is hard enough – AI knowledge systems will make it worse

    AI can hallucinate many things, but are we headed for a world where tools like ChatGPT and Gemini are crafting standard operating procedures or employee handbooks? Have we begun to entrust AI not just with our menial and creative tasks, but also given it the responsibility to maintain companies’ viability? God, I hope not. If the last few years are…

    Read More »
  • Blog
    digitpatroxMarch 27, 2025
    67

    Healthcare systems are rife with exploits — and ransomware gangs have noticed

    Healthcare organizations are facing serious threats from ransomware groups, with nearly nine-in-ten (89%) found to have medical devices that are vulnerable to exploits. That’s according to research from Claroty, which examined the state of security among healthcare organizations — and the diagnosis isn’t good. The report found that effectively all (99%) of healthcare organizations have at least one known, actively…

    Read More »
  • Blog
    digitpatroxMarch 26, 2025
    62

    The No-Stress Guide to Septic Systems

    It’s easier to get your head around maintenance when you have a clear sense of parts and function. Here’s an overview of how a conventional home septic system works: Instead of shunting wastewater into the sewer system, a septic system sends all water (and any waste) from sinks, showers, and toilets into a large watertight tank buried on the property.…

    Read More »
  • Blog
    digitpatroxMarch 25, 2025
    60

    EncryptHub linked to MMC zero-day attacks on Windows systems

    A threat actor known as EncryptHub has been linked to Windows zero-day attacks exploiting a Microsoft Management Console vulnerability patched this month. Uncovered by Trend Micro staff researcher Aliakbar Zahravi, this security feature bypass (dubbed ‘MSC EvilTwin’ and now tracked as CVE-2025-26633) resides in how MSC files are handled on vulnerable devices. Attackers can leverage the vulnerability to evade Windows…

    Read More »
  • Blog
    digitpatroxMarch 25, 2025
    64

    Best DIY Home Security Systems of 2025

    DIY home security systems have become a popular alternative to professionally installed systems. Even ADT, whose systems historically could only be bought through an installer, now allows you to buy its systems directly from the company and install them yourself. There are many things to consider when choosing a DIY home security system. Is it easy to set up and…

    Read More »
  • Blog
    digitpatroxMarch 25, 2025
    65

    New VanHelsing ransomware targets Windows, ARM, ESXi systems

    A new multi-platform ransomware-as-a-service (RaaS) operation named VanHelsing has emerged, targeting Windows, Linux, BSD, ARM, and ESXi systems. VanHelsing was first promoted on underground cybercrime platforms on March 7, offering experienced affiliates a free pass to join while mandating a deposit of $5,000 from less experienced threat actors. The new ransomware operation was first documented by CYFIRMA late last week,…

    Read More »
Load More
Back to top button
close