2024 has seen a massive uptick in #deepfake videos, and as AI advancements continue, deepfakes become more realistic. It's crucial for organizations to learn how to recognize and protect against risks from these manipulated videos. Read our blog for tips: lmgsecurity.com/how-to-protect…

🛑 A new version of LightSpy #spyware targets iOS, expanding its capabilities with destructive features. With the number of plugins increasing from 12 to 28, it can capture everything from Wi-Fi credentials to SMS messages and even delete data. Read: thehackernews.com/2024/10/new-li…

LiteSpeed Cache WordPress plugin bug lets hackers get admin access - Bill Toulas bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

Fresh from #SAINTCON2024! Read Sherri Davidoff's new blog on the key takeaways from Matt Durrin & @TomPohl's presentation on Active Directory Certificate Services (ADCS) attacks and their prevention advice. ow.ly/NbrT50TXqVk #cybersecurity #ACDS #infosec #DFIR #security

The insider threat is alive and well: An intern at TikTok owner ByteDance was recently fired for allegedly maliciously interfering with their AI model training. Read more about this interesting story: arstechnica.com/tech-policy/20… #Cybersecurity #InsiderThreat #AI

Today’s cyberattacks now leverage #AI to infiltrate organizations through voice and video, making it harder than ever to distinguish real from fake. Watch our on-demand webinar to learn how to stay ahead of AI-powered threats and reduce your #risk: youtube.com/watch?v=EtZKCR…

A new version of the #FakeCall banking trojan is hijacking outgoing calls from a user to their bank, redirecting them to the attacker's phone number instead with the goal of stealing people's #sensitivedata and money from their bank accounts. Read more: bleepingcomputer.com/news/security/…

The popular WordPress plugin LiteSpeed Cache has fixed a dangerous privilege elevation flaw in it's free version - patch now! The vulnerability could allow unauthenticated site visitors to gain admin rights via a weakness in the "role simulation" feature. bleepingcomputer.com/news/security/…

It's easier than ever to be a hacker these days. Evil #AI tool #WormGPT can quickly find software vulnerabilities, and then write an exploit to match! Watch this video to see it in action and learn why it's crucial to prepare for AI-driven #hacking. youtube.com/watch?v=Nv1ciM…

Is your third-party software vulnerable? This video explores how third-party vendors are often the weak link in #cybersecurity, leading to unanticipated threats. You'll learn practical advice to strengthen your third-party risk management strategy. youtube.com/watch?v=Xg-UkN… #TPRM

Password manager LastPass is warning users about an ongoing scam. Attackers are writing reviews for the #LastPass Chrome extension promoting a fake customer support number that tricks callers into providing remote access to their computers. Read more: bleepingcomputer.com/news/security/…

On The The Stuph File Program Program, cyber security expert, Sherri Davidoff CEO of LMG Security, on AI, some of the pitfalls, and where it can take us in the future. Sherri is also the author of several books, including "Data Breaches: Crisis and Opportunity" youtu.be/OyfJLCZP9fc

New #phishing tactic alert! Attackers are using SVG attachments to evade detection and deliver phishing forms or malware. Since SVG files are text-based, they are not screened by many #cybersecurity tools. Learn more: ow.ly/NllV50U9gP8 #CISO #IT #cyberaware #infosec #SMB

Even if your organization has strong cybersecurity, a vulnerability in a vendor product can still put you at risk. Matt Durrin shows how our team exploited an administrative interface flaw in a commonly used software called Power Panel in this video: youtube.com/watch?v=cB8iri…

🚨 Cybercriminals are using NFC tech and Ghost Tap to exploit #Google Pay & Apple Pay, stealing funds from your digital wallet—no phone needed. Criminals can cash out globally, undetected. Learn more about this new threat: thehackernews.com/2024/11/ghost-… #infosec #cybersecurity

Get the scoop on today's top #AI scams! Deloitte predicts $40B in annual fraud losses from #genAI by 2027. Read our new blog to learn how to defend against #deepfakes, #voicecloning, & AI-enhanced #phishing & more: ow.ly/gljq50UaXL3 #Cybersecurity #cyberaware #CISO #IT

Learn more about web application security assessments! As our CPO Dan Featherman says, "With web application use increasing over the last 5 years, our team feels these tests simply don’t get the attention they deserve." Read the article: lmgsecurity.com/why-web-applic… #WebApp #Pentest

Learn about the rise in open source software cybersecurity incidents in this short video. Even if your organization doesn’t directly use #Linux or #OpenSource software, your providers likely do, and they can expose your organization to significant risks. youtube.com/watch?v=mctZZs…

AI models are revolutionizing software security, but we’re just at the beginning. This article discusses how Google's Big Sleep #LLM recently identified a buffer-underflow vulnerability in SQLite. Read more: darkreading.com/application-se… #AI #cybersecurity

I recently joined Peter Anthony Holder on the The Stuph File Program Program radio show to talk about everybody's favorite hot topic: Artificial Intelligence! We cover the benefits and pitfalls of AI in cybersecurity and where it can take us in the future. Listen here: youtube.com/watch?v=OyfJLC…