Pierluigi Paganini

The risk of pasting confidential company data into ChatGPT

Experts warn that employees are providing sensitive corporate data to the popular artificial intelligence chatbot model ChatGPT. Researchers from Cyberhaven Labs analyzed the use of ChatGPT by 1.6 million workers at companies across industries. They reported that 5.6% of them have used it in the workplace and 4.9% have provided company data to the popular […]

The post The risk of pasting confidential company data into ChatGPT appeared first on Security Affairs.

March 13, 2023
0 comment
Read More >>

Security Affairs newsletter Round 410 by Pierluigi Paganini

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here.   PlugX malware delivered by exploiting flaws in Chinese programs Prometei botnet evolves and infected +10,000 […]

The post Security Affairs newsletter Round 410 by Pierluigi Paganini appeared first on Security Affairs.

March 12, 2023
0 comment
Read More >>

Acronis states that only one customer’s account has been compromised. Much ado about nothing

Acronis downplays the severity of the recent security breach explaining that only a single customer’s account was compromised. The CISO of Acronis downplayed a recent intrusion, revealing that only one customer was impacted. This week a threat actor, who goes online with the moniker “kernelware”, claimed the theft of data from technology firm Acronis and […]

The post Acronis states that only one customer’s account has been compromised. Much ado about nothing appeared first on Security Affairs.

March 12, 2023
0 comment
Read More >>

Cisco fixed CVE-2023-20049 DoS flaw affecting enterprise routers

Cisco fixed a high-severity DoS vulnerability (CVE-2023-20049) in IOS XR software that impacts several enterprise routers. Cisco has released security updates to address a high-severity DoS vulnerability, tracked as CVE-2023-20049 (CVSS score of 8.6), in IOS XR software used by several enterprise-grade routers. The vulnerability resides in the bidirectional forwarding detection (BFD) hardware offload feature […]

The post Cisco fixed CVE-2023-20049 DoS flaw affecting enterprise routers appeared first on Security Affairs.

March 12, 2023
0 comment
Read More >>

PlugX malware delivered by exploiting flaws in Chinese programs

Researchers observed threat actors deploying PlugX malware by exploiting flaws in Chinese remote control programs Sunlogin and Awesun. Researchers at ASEC (AhnLab Security Emergency response Center) observed threat actors deploying the PlugX malware by exploiting vulnerabilities in the Chinese remote control software Sunlogin and Awesun. Sunlogin RCE vulnerability (CNVD-2022-10270 / CNVD-2022-03672) is known to be […]

The post PlugX malware delivered by exploiting flaws in Chinese programs appeared first on Security Affairs.

March 11, 2023
0 comment
Read More >>

Prometei botnet evolves and infected +10,000 systems since November 2022

A new version of the Prometei botnet has infected more than 10,000 systems worldwide since November 2022, experts warn. Cisco Talos researchers reported that the Prometei botnet has infected more than 10,000 systems worldwide since November 2022. The crypto-mining botnet has a modular structure and employs multiple techniques to infect systems and evade detection. The Prometei botnet […]

The post Prometei botnet evolves and infected +10,000 systems since November 2022 appeared first on Security Affairs.

March 11, 2023
0 comment
Read More >>

CISA adds VMware’s Cloud Foundation bug to Known Exploited Vulnerabilities Catalog

US CISA added an actively exploited vulnerability in VMware’s Cloud Foundation to its Known Exploited Vulnerabilities Catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability in VMware’s Cloud Foundation, tracked as CVE-2021-39144 (CVSS score: 9.8), to its Known Exploited Vulnerabilities Catalog. The remote code execution vulnerability resides in the XStream open-source library. Unauthenticated attackers […]

The post CISA adds VMware’s Cloud Foundation bug to Known Exploited Vulnerabilities Catalog appeared first on Security Affairs.

March 11, 2023
0 comment
Read More >>

Law enforcement seized the website selling the NetWire RAT and arrested a Croatian man

An international law enforcement operation seized the infrastructure associated with the NetWire RAT and resulted in the arrest of its administrator. A coordinated international law enforcement operation resulted in the seizure of the infrastructure associated with the NetWire RAT, the police also arrested its administrator. Law enforcement seized the website www.worldwiredlabs[.]com and its alleged administrator, […]

The post Law enforcement seized the website selling the NetWire RAT and arrested a Croatian man appeared first on Security Affairs.

March 10, 2023
0 comment
Read More >>

AT&T is notifying millions of customers of data breach after a third-party vendor hack

AT&T is warning some of its customers that some of their information was exposed after the hack of a third-party vendor’s system. AT&T is notifying millions of customers that some of their information was exposed after a third-party vendor was hacked. CPNI is information related to the telecommunications services purchased by the customers, including the […]

The post AT&T is notifying millions of customers of data breach after a third-party vendor hack appeared first on Security Affairs.

March 10, 2023
0 comment
Read More >>

BMW exposes data of clients in Italy, experts warn

Cybernews researchers discovered that BMW exposed sensitive files that were generated by a framework that BMW Italy relies on. Original post at: https://cybernews.com/security/bmw-exposes-italy-clients/ Hackers have been enjoying their fair share of the spotlight by breaching car manufacturers’ defenses. The latest Cybernews discovery showcases that popular car brands sometimes leave their doors open, as if inviting […]

The post BMW exposes data of clients in Italy, experts warn appeared first on Security Affairs.

March 10, 2023
0 comment
Read More >>