NCSA Webboard
    • ล่าสุด
    • แท็ก
    • ฮิต
      • ติดต่อสำนักงาน
    • ลงทะเบียน
    • เข้าสู่ระบบ

    Cyber Threat Intelligence 21 May 2025

    Cyber Security News
    1
    1
    94
    โหลดโพสเพิ่มเติม
    • เก่าสุดไปยังใหม่สุด
    • ใหม่สุดไปยังเก่าสุด
    • Most Votes
    ตอบ
    • ตอบโดยตั้งกระทู้ใหม่
    เข้าสู่ระบบเพื่อตอบกลับ
    Topic นี้ถูกลบไปแล้ว เฉพาะผู้ใช้งานที่มีสิทธิ์ในการจัดการ Topic เท่านั้นที่จะมีสิทธิ์ในการเข้าชม
    • NCSA_THAICERTN
      NCSA_THAICERT
      แก้ไขล่าสุดโดย

      Industrial Sector

      • CISA Releases Thirteen Industrial Control Systems Advisories
        "CISA released thirteen Industrial Control Systems (ICS) advisories on May 20, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS."
        https://www.cisa.gov/news-events/alerts/2025/05/20/cisa-releases-thirteen-industrial-control-systems-advisories

      Vulnerabilities

      • Motors <= 5.6.67 - Unauthenticated Privilege Escalation Via Password Update/Account Takeover
        "The Motors theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.6.67. This is due to the theme not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to change arbitrary user passwords, including those of administrators, and leverage that to gain access to their account."
        https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-themes/motors/motors-5667-unauthenticated-privilege-escalation-via-password-updateaccount-takeover
        https://www.bleepingcomputer.com/news/security/premium-wordpress-motors-theme-vulnerable-to-admin-takeover-attacks/
      • NATO-Flagged Vulnerability Tops Latest VMware Security Patch Batch
        "Broadcom-owned VMware on Tuesday rolled out urgent patches for two sets of flaws that expose its flagship infrastructure software to data leakage, command execution and denial-of-service attacks, with no temporary workarounds available. The virtualization technology giant pushed out two separate bulletins documenting at least 7 vulnerabilities in the VMware Cloud Foundation, VMware ESXi, vCenter Server, Workstation, and Fusion product lines."
        https://www.securityweek.com/nato-flagged-vulnerability-tops-latest-vmware-security-patch-batch/
        https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25733
        https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717
      • Freshly Discovered Bug In OpenPGP.js Undermines Whole Point Of Encrypted Comms
        "Security researchers are sounding the alarm over a fresh flaw in the JavaScript implementation of OpenPGP (OpenPGP.js) that allows both signed and encrypted messages to be spoofed. Discovered by Codean Labs' Edoardo Geraci and Thomas Rinsma, the vulnerability essentially undermines the core purpose of using public key cryptography to secure communications."
        https://www.theregister.com/2025/05/20/openpgp_js_flaw/
        https://github.com/openpgpjs/openpgpjs/security/advisories/GHSA-8qff-qr5q-5pr8

      Malware

      • Ivanti EPMM RCE Vulnerability Chain Exploited In The Wild
        "On March 13th, 2025, Ivanti disclosed that Endpoint Manager Mobile (EPMM) is affected by a vulnerability chain combining an authentication bypass (CVE-2025-4427) and a post-authentication remote code execution vulnerability (CVE-2025-4428). These flaws, which stem from unsafe use of Java Expression Language in error messages and misconfigured routing, can be exploited together to achieve unauthenticated RCE. Therefore, while neither of these vulnerabilities have been assigned critical severity (their CVSS scores are 5.3 and 7.2, respectively), in combination they should certainly be treated as critical. Ivanti has confirmed limited exploitation in-the-wild of these vulnerabilities as 0-days prior to their disclosure, and Wiz can now confirm ongoing exploitation in-the-wild of these vulnerabilities."
        https://www.wiz.io/blog/ivanti-epmm-rce-vulnerability-chain-cve-2025-4427-cve-2025-4428
        https://www.theregister.com/2025/05/21/ivanti_rce_attacks_ongoing/
      • Malicious ‘Checker’ Packages On PyPI Probe TikTok And Instagram For Valid Accounts
        "We often hear about the importance of secure data. Have I Been Pwned and similar websites exist to see if passwords or emails are listed online. However, many people do not understand the ramifications of their own leaked data. Obtaining valid credentials, even just emails, can initiate an exploit chain. Compromised credentials have been responsible for many cyber incidents, including the 2015 Ukraine electric power attack. A lot of cyber threat actors, from the Lazarus Group to Volt Typhoon, have collected personal emails before initiating an exploit. By ensuring that the email they have is associated with an account, threat actors can target their exploits."
        https://socket.dev/blog/malicious-checker-packages-on-pypi-probe-tiktok-and-instagram
        https://thehackernews.com/2025/05/malicious-pypi-packages-exploit.html
      • RedisRaider: Weaponizing Misconfigured Redis To Mine Cryptocurrency At Scale
        "Datadog Security Researchers recently discovered an emerging cryptojacking malware campaign targeting Redis on Linux. The threat actor behind this campaign deploys a sophisticated Linux worm that we’ve named RedisRaider. RedisRaider uses custom scanning logic to identify publicly accessible Redis servers across the internet, before exploiting them in an attempt to propagate a fork of the XMRig miner."
        https://securitylabs.datadoghq.com/articles/redisraider-weaponizing-misconfigured-redis/
        https://thehackernews.com/2025/05/go-based-malware-deploys-xmrig-miner-on.html
      • Sarcoma Ransomware Unveiled: Anatomy Of a Double Extortion Gang
        "It is with great pleasure and honor that I present the first report produced by the Malware Analysis Lab, led by Luigi Martire. The lab was established within the Cybersecurity Observatory of the Unipegaso University, which I have the privilege of directing. Our mission is to analyze the main malware threats affecting systems worldwide, dissect major malicious codes, and share our findings with the international community. This is an open project, so if you are interested, feel free to contact me and contribute to future analyses. Our first report focuses on a very dangerous threat, the Sarcoma Ransomware."
        https://securityaffairs.com/178072/malware/sarcoma-ransomware-unveiled-anatomy-of-a-double-extortion-gang.html
        https://securityaffairs.com/wp-content/uploads/2025/05/Sarcoma-Ransomware.pdf
      • VanHelsing Ransomware Builder Leaked On Hacking Forum
        "The VanHelsing ransomware-as-a-service operation published the source code for its affiliate panel, data leak blog, and Windows encryptor builder after an old developer tried to sell it on the RAMP cybercrime forum. VanHelsing is a RaaS operation launched in March 2025, promoting the ability to target Windows, Linux, BSD, ARM, and ESXi systems. Since then, the operation has shown some success, with Ransomware.live stating that there are eight known victims for the ransomware gang."
        https://www.bleepingcomputer.com/news/security/vanhelsing-ransomware-builder-leaked-on-hacking-forum/
      • Cloudy With a Chance Of Hijacking Forgotten DNS Records Enable Scam Actor
        "Hazy Hawk is a DNS-savvy threat actor that hijacks abandoned cloud resources of high-profile organizations. By “cloud resources” we mean things like S3 buckets and Azure endpoints. You might have read about domain hijacking; we and other security vendors have written about different techniques for grabbing control of forgotten domain names several times over the past year. While domain names can be hijacked through stolen accounts, we think the most interesting hijacks leverage DNS misconfigurations. Because DNS is not widely understood as a threat vector, these kinds of attacks can run undetected for long periods of time. At the same time, these attacks require a technical sophistication that isn’t commonplace in the cybercriminal world. Hazy Hawk finds gaps in DNS records that are quite challenging to identify, and we believe they must have access to commercial passive DNS services to do so."
        https://blogs.infoblox.com/threat-intelligence/cloudy-with-a-chance-of-hijacking-forgotten-dns-records-enable-scam-actor/
        https://www.bleepingcomputer.com/news/security/hazy-hawk-gang-exploits-dns-misconfigs-to-hijack-trusted-domains/
        https://www.darkreading.com/cloud-security/hazy-hawk-cybercrime-gang-cloud-resources
        https://thehackernews.com/2025/05/hazy-hawk-exploits-dns-records-to.html
        https://hackread.com/hazy-hawk-attack-abandoned-cloud-assets-since-2023/
      • Exploiting The AI Boom: How Threat Actors Are Targeting Trust In Generative Platforms Like Kling AI
        "As generative AI continues to capture global attention, threat actors are quick to exploit AI’s capabilities and popularity. From deepfake scams to impersonation attacks, the rising trust in AI-powered platforms has created new openings for cyber criminals. In early 2025, Check Point Research began tracking a sophisticated threat campaign that capitalized on this trend, specifically by impersonating Kling AI, a widely used image and video synthesis tool with over 6 million users."
        https://blog.checkpoint.com/security/exploiting-the-ai-boom-how-threat-actors-are-targeting-trust-in-generative-platforms-like-kling-ai/
        https://www.darkreading.com/threat-intelligence/fake-kling-ai-malvertisements-lure-victims
      • Duping Cloud Functions: An Emerging Serverless Attack Vector
        "Google Cloud Platform (GCP) Cloud Functions are event-triggered, serverless functions that automatically scale and execute code in response to specific events like Hypertext Transfer Protocol (HTTP) requests or data changes. Tenable Research published an article discussing a vulnerability they discovered within GCP’s Cloud Functions serverless compute service and its Cloud Build continuous integration and continuous delivery or deployment (CI/CD) pipeline service."
        https://blog.talosintelligence.com/duping-cloud-functions-an-emerging-serverless-attack-vector/
      • Phishing In The Multiverse: Analyzing a Malicious Email Targeting Apple And Yahoo Users
        "Apple Pay is a mobile payment and digital wallet service that allows users to make payments using their Apple devices. Digital wallets are now widely embraced, and Apple Pay is considered one of the most trusted and secure platforms. However, even the most secure systems cannot protect against user deception. Cybercriminals are also exploiting these platforms for phishing attacks. In this article, we will break down a recent phishing strategy that cleverly mimics an Apple Pay invoice to steal sensitive user data, including credit card details and their Yahoo Mail account."
        https://cofense.com/blog/phishing-in-the-multiverse-analyzing-a-malicious-email-targeting-apple-and-yahoo-users
      • Large Retailers Land In Scattered Spider's Ransomware Web
        "Large retailers across the UK and US experiencing a high volume of calls into IT help desks regarding password resets might want to consider that they have a Scattered Spider cyberattack on their hands. Fancy French fashion house Dior has joined the growing list of retailers falling victim to cyberattacks in recent weeks. The hack comes on the stilettos of previous breaches of Harrods, the Co-Op Group, and Marks & Spencer. Dior was compromised on May 7, and the attackers made off with the sensitive data of an undisclosed number of customers across China and South Korea."
        https://www.darkreading.com/threat-intelligence/large-retailers-scattered-spider-ransomware-web
      • Threat Analysis: Malicious NPM Package Leveraged In O365 Phishing Attack
        "In early April 2025, a novel and sophisticated phishing attempt targeting our clients was identified by Fortra’s Suspicious Email Analysis (SEA) team. The threat actor’s main goal was to harvest Microsoft O365 credentials. While phishing attacks are not new, nor a rare occurrence, the approach employed in this case is notable due to its complexity and creative use of modern technologies, including the linking of an .htm file, use of AES, calling to a well-known Content Delivery Network (CDN) and a npm package containing the malicious code. All of these tactics have been observed before, however this is the first time Fortra has documented them being used together to deliver a Microsoft O365 phish."
        https://www.fortra.com/blog/threat-analysis-malicious-npm-package-leveraged-o365-phishing-attack
        https://www.darkreading.com/threat-intelligence/novel-phishing-attack-combines-aes-npm-packages
      • New Nitrogen Ransomware Targets Financial Firms In The US, UK And Canada
        "Nitrogen, a ransomware strain, has emerged as a major threat to organizations worldwide, with a particular focus on the financial sector. First identified in September 2024, Nitrogen has rapidly gained notoriety for its sophisticated attack methods and devastating impact. This ransomware encrypts critical data and demands substantial payments for decryption. It has targeted industries such as finance, construction, manufacturing, and technology, primarily in the United States, Canada, and the United Kingdom."
        https://hackread.com/nitrogen-ransomware-targets-financial-firms-us-uk-canada/
      • Hidden Threats Of Dual-Function Malware Found In Chrome Extensions
        "An unknown actor has been continuously creating malicious Chrome Browser extensions since approximately February, 2024. The actor creates websites that masquerade as legitimate services, productivity tools, ad and media creation or analysis assistants, VPN services, Crypto, banking and more to direct users to install corresponding malicious extensions on Google’s Chrome Web Store (CWS). The extensions typically have a dual functionality, in which they generally appear to function as intended, but also connect to malicious servers to send user data, receive commands, and execute arbitrary code."
        https://dti.domaintools.com/dual-function-malware-chrome-extensions/
        https://thehackernews.com/2025/05/100-fake-chrome-extensions-found.html
      • From Banks To Battalions: SideWinder’s Attacks On South Asia’s Public Sector
        "This campaign aligns with previous reporting on SideWinder’s evolving tactics, toolset updates and expanding geographic focus. Earlier analyses have documented the group’s interest in high-value sectors such as nuclear research and maritime infrastructure [1] and its consistent use of legacy Microsoft Office exploits [2] and server-side polymorphism to evade detection [3]. These patterns are also visible in the current campaign, which leverages similar delivery mechanisms alongside credential theft components to maintain persistent access in government environments across South Asia. SideWinder has demonstrated consistent activity over time, maintaining a steady pace of operations without prolonged inactivity — a pattern that reflects organizational continuity and sustained intent."
        https://www.acronis.com/en-us/cyber-protection-center/posts/from-banks-to-battalions-sidewinders-attacks-on-south-asias-public-sector/
        https://thehackernews.com/2025/05/south-asian-ministries-hit-by.html
      • Major Russian State Services Disrupted, Reportedly Due To Cyberattack
        "Access to several major Russian state services was disrupted on Tuesday, reportedly due to a distributed denial-of-service (DDoS) attack “originating from abroad.” As of the time of writing, outage monitoring site Downdetector showed ongoing disruptions to Russia's tax service (FNS), as well as services for managing secure digital keys (Goskey) and documents (Saby), among others."
        https://therecord.media/major-russian-state-services-disrupted-ddos
      • KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS
        "KrebsOnSecurity last week was hit by a near record distributed denial-of-service (DDoS) attack that clocked in at more than 6.3 terabits of data per second (a terabit is one trillion bits of data). The brief attack appears to have been a test run for a massive new Internet of Things (IoT) botnet capable of launching crippling digital assaults that few web destinations can withstand. Read on for more about the botnet, the attack, and the apparent creator of this global menace."
        https://krebsonsecurity.com/2025/05/krebsonsecurity-hit-with-near-record-6-3-tbps-ddos/

      Breaches/Hacks/Leaks

      • Mobile Carrier Cellcom Confirms Cyberattack Behind Extended Outages
        "Wisconsin wireless provider Cellcom has confirmed that a cyberattack is responsible for the widespread service outage and disruptions that began on the evening of May 14, 2025. The incident disrupted voice and SMS services for customers across Wisconsin and Upper Michigan, leaving subscribers unable to make phone calls or send text messages. Today, after days of just calling it a technical outage, Cellcom CEO Brighid Riordan has confirmed what was already suspected: that the company suffered a cyberattack."
        https://www.bleepingcomputer.com/news/security/mobile-carrier-cellcom-confirms-cyberattack-behind-extended-outages/
      • SK Telecom Says Malware Breach Lasted 3 Years, Impacted 27 Million Numbers
        "SK Telecom says that a recently disclosed cybersecurity incident in April, first occurred all the way back in 2022, ultimately exposing the USIM data of 27 million subscribers. SK Telecom is the largest mobile network operator in South Korea, holding roughly half of the national market. On April 19, 2025, the company detected malware on its networks and responded by isolating the equipment suspected of being hacked."
        https://www.bleepingcomputer.com/news/security/sk-telecom-says-malware-breach-lasted-3-years-impacted-27-million-numbers/
      • Inside LockBit: The Inner Workings Of a Ransomware Giant
        "In May 2025, reports emerged indicating that the LockBit ransomware group had themselves suffered a data breach. This incident revealed a trove of sensitive information, including ransomware build records, chat transcripts between affiliates and victims, and configuration data. The leak offers an unprecedented glimpse into the daily operations of one of the most notorious ransomware-as-a-service (RaaS) ecosystems to date. The exposed data was made available via the Tor network hidden service, appearing on what seemed to be a LockBit ‘onion URL’."
        https://www.ontinue.com/resource/inside-lockbit-inner-workings-of-ransomware-giant/
        https://hackread.com/lockbit-leak-affiliates-pressure-tactics-rarely-paid/
      • Ohio’s Kettering Health System Facing Widespread Outages After Cyberattack
        "A cyberattack has disrupted hospitals and medical facilities in Ohio that are run by Kettering Health. A spokesperson told Recorded Future News that the nonprofit hospital network is “currently experiencing a cybersecurity incident resulting from unauthorized access.” In a message on its website and on social media, the network said the incident began on Tuesday morning and caused a system-wide technology outage that limited workers’ ability to access certain patient care systems."
        https://therecord.media/kettering-health-system-ohio-cyberattack
      • Ransomware Attack On Food Distributor Spells More Pain For UK Supermarkets
        "It's more bad news for UK supermarkets with chilled and frozen food distribution business Peter Green Chilled confirming a ransomware attack with customers. According to UK public broadcaster the BBC, which saw emails to the customers, the ransomware attack took hold on May 14 and by the following day customers were informed via email. Managing director Tom Binks said "the transport activities of the business" were continuing to run unchanged, although at the time of the emails sent on May 15, the company had said it wouldn't be processing new orders on that day."
        https://www.theregister.com/2025/05/20/ransomware_attack_on_food_distributor/
        https://therecord.media/peter-green-chilled-ransomware-uk-logistics-company

      General News

      • Containers Are Just Processes: The Illusion Of Namespace Security
        "In the early days of commercial open source, major vendors cast doubt on its security, claiming transparency was a flaw. In fact, that openness fueled strong communities and faster security improvements, making OSS often more secure than proprietary code. Today, a new kind of misinformation has emerged, the opposite of FUD: it downplays real open source security risks that should raise concern. The biggest security fallacy today is that Linux namespaces are security boundaries."
        https://www.helpnetsecurity.com/2025/05/20/containers-namespaces-security/
      • Why Legal Must Lead On AI Governance Before It’s Too Late
        "In this Help Net Security interview, Brooke Johnson, Chief Legal Counsel and SVP of HR and Security, Ivanti, explores the legal responsibilities in AI governance, highlighting how cross-functional collaboration enables safe, ethical AI use while mitigating risk and ensuring compliance."
        https://www.helpnetsecurity.com/2025/05/20/brooke-johnson-ivanti-ai-governance/
      • AI Voice Hijacking: How Well Can You Trust Your Ears?
        "How sure are you that you can recognize an AI-cloned voice? If you think you’re completely certain, you might be wrong. With only three seconds of audio, criminals can now clone a person’s voice, which can easily be obtained from videos shared online or on social media. An American mother almost fell victim to a virtual kidnapping scam, where a cloned voice convincingly mimicked her daughter’s cries for help. This case shows the level of ruthlessness criminals are willing to resort to."
        https://www.helpnetsecurity.com/2025/05/20/ai-voice-hijacking-threat/
      • Rising Cybersecurity Costs Will Force Organizations To Revisit Strategies
        "While spending on cybersecurity continues to increase, it’s not clear to what degree that level of spending is sustainable. Some might argue that after not spending enough on cybersecurity for decades, organizations are starting to realize, and cybersecurity is now finally getting its due. However, there are others who argue that as a percentage of overall IT spending, the amount allocated to cybersecurity is coming at the expense of other strategic imperatives."
        https://blog.barracuda.com/2025/05/19/rising-cybersecurity-costs-revisit-strategies
      • ESET APT Activity Report Q4 2024–Q1 2025
        "ESET APT Activity Report Q4 2024–Q1 2025 summarizes notable activities of selected advanced persistent threat (APT) groups that were documented by ESET researchers from October 2024 until the end of March 2025. The highlighted operations are representative of the broader landscape of threats we investigated during this period, illustrating the key trends and developments, and contain only a fraction of the cybersecurity intelligence data provided to customers of ESET’s private APT reports."
        https://www.welivesecurity.com/en/eset-research/eset-apt-activity-report-q4-2024-q1-2025/
        https://web-assets.esetstatic.com/wls/en/papers/threat-reports/eset-apt-activity-report-q4-2024-q1-2025.pdf
        https://www.eset.com/us/about/newsroom/research/eset-research-apt-report-russian-cyberattacks-in-ukraine-intensify-sandworm-unleashes-new-destructive-wiper/
        https://thehackernews.com/2025/05/chinese-hackers-deploy-marssnake.html
        https://www.darkreading.com/cyber-risk/asia-apt-actors-focus-expands-globally
        https://securityaffairs.com/178105/malware/china-linked-unsolicitedbooker-used-new-backdoor-marssnake.html
        https://www.infosecurity-magazine.com/news/russian-apt-intensify-cyber/
      • Closing Security Gaps In Multi-Cloud And SaaS Environments
        "In this Help Net Security interview, Kunal Modasiya, SVP, Product Management, GTM, and Growth at Qualys, discusses recent Qualys research on the state of cloud and SaaS security. He talks about how siloed visibility, fragmented tools, and a lack of incident response skills leave organizations vulnerable to misconfigurations, account hijacking, and other threats. Modasiya explains that only a unified, context-aware security strategy can consolidate risk insights, close remediation gaps, and align with how businesses build and operate applications."
        https://www.helpnetsecurity.com/2025/05/20/kunal-modasiya-qualys-cloud-saas-security-strategy/
      • Half Of Consumers Targeted By Social Media Fraud Ads
        "Around half of consumers on both sides of the Atlantic have been targeted by social media advertising promoting retail fraud guides and services, and thinly disguised ‘refund hacks,’ according to new research from Netacea. The UK-based cybersecurity specialist polled over 2000 consumers in the UK and US to compile its 2025 Cyberfraud in Retail report. The study warned that fraud is increasingly normalized via high-profile ads on the surface web, designed to encourage consumers to participate in scams."
        https://www.infosecurity-magazine.com/news/half-consumers-targeted-social/
      • PowerSchool Hacker Pleads Guilty To Student Data Extortion Scheme
        "A 19-year-old college student from Worcester, Massachusetts, has agreed to plead guilty to a massive cyberattack on PowerSchool that extorted millions of dollars in exchange for not leaking the personal data of millions of students and teachers. According to the U.S. Department of Justice, Matthew D. Lane pleaded guilty to four federal charges of one count each of cyber extortion conspiracy, cyber extortion, unauthorized access to protected computers, and aggravated identity theft."
        https://www.bleepingcomputer.com/news/security/powerschool-hacker-pleads-guilty-to-student-data-extortion-scheme/
        https://cyberscoop.com/massachusetts-man-will-plead-guilty-in-powerschool-hack-case/
      • Account Takeover Scams Are Bypassing Fraud Defenses
        "Scammers are increasingly turning to account takeover fraud, as financial institutions ramp up their defenses. Instead of luring victims into making authorized transactions, cybercriminals are bypassing them altogether, hijacking their digital identities and draining accounts from within."
        https://www.bankinfosecurity.com/account-takeover-scams-are-bypassing-fraud-defenses-a-28438
      • Why Rigid Security Programs Keep Failing
        "Attackers don't care about your rules — so why are we still building security programs around them? On paper, everything looks solid: documented steps, escalation flows, and approval gates. But when things go sideways, I've watched those same plans crumble in minutes, especially in organizations obsessed with doing everything by the book."
        https://www.darkreading.com/vulnerabilities-threats/rigid-security-programs-fail
      • Uncensored AI Tool Raises Cybersecurity Alarms
        "A new AI chatbot called Venice.ai has gained popularity in underground hacking forums due to its lack of content restrictions. According to a recent investigation by Certo, the platform offers subscribers uncensored access to advanced language models for just $18 a month, significantly undercutting other dark web AI tools like WormGPT and FraudGPT, which typically sell for hundreds or even thousands of dollars. What sets Venice.ai apart is its minimal oversight. The platform stores chat histories only in users’ browsers, not on external servers, and markets itself as “private and permissionless.”"
        https://www.infosecurity-magazine.com/news/uncensored-ai-tool-cybersecurity/
      • Mounting GenAI Cyber Risks Spur Investment In AI Security
        "Around three-quarters (73%) of organizations are investing in AI-specific security tools, amid growing concern about GenAI cyber risks, according to Thales 2025 Data Threat Report. This investment comes either through new budgets or by reallocating existing resources. Over two-thirds have acquired such tools from their cloud providers, three in five are leveraging established security vendors and around half are turning to new or emerging startups."
        https://www.infosecurity-magazine.com/news/genai-cyber-risks-investment/
      • Vulnerability Exploitation Probability Metric Proposed By NIST, CISA Researchers
        "Researchers from CISA and NIST have proposed a new cybersecurity metric designed to calculate the likelihood that a vulnerability has been exploited in the wild. Peter Mell of NIST and Jonathan Spring of CISA have published a paper describing equations for what they call Likely Exploited Vulnerabilities, or LEV. Thousands of vulnerabilities are discovered every year in software and hardware, but only a small percentage are ever exploited in the wild."
        https://www.securityweek.com/vulnerability-exploitation-probability-metric-proposed-by-nist-cisa-researchers/
        https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.41.pdf

      อ้างอิง
      Electronic Transactions Development Agency(ETDA) 34605a79-32cf-4f4d-8181-115dd4566df1-image.png

      1 การตอบกลับ คำตอบล่าสุด ตอบ คำอ้างอิง 0
      • First post
        Last post