Dark Reading Daily -- August 23, 2024

A prompt injection flaw in the AI feature of the workforce collaboration suite makes malicious queries of data sources appear legitimate.

LATEST SECURITY NEWS & COMMENTARY

Slack Patches AI Bug That Let Attackers Steal Data From Private Channels

A prompt injection flaw in the AI feature of the workforce collaboration suite makes malicious queries of data sources appear legitimate.

NFC Traffic Stealer Targets Android Users & Their Banking Info

The malware builds on a near-field communication tool in combination with phishing and social engineering to steal cash.

Infostealers Waltz Through macOS to Grab Crypto Wallets, Browser Creds

Ironically, Macs' lower risk profile may make them more susceptible to any given threat than the average Windows or Linux system.

NSA Issues Tips for Better Logging, Threat Detection in LotL Incidents

The guidance is part of a coordinated, global effort to eradicate living-off-the-land techniques used against critical infrastructure.

Why End of Life for Applications Is the Beginning of Life for Hackers

In the next year, more than 35,000 applications will move to end-of-life status. To manage risk effectively, we need to plan ahead.

Google Chrome Update Fixes Flaw Exploited in the Wild

New Chrome release set to roll out over the next few days addresses 38 security issues in the browser.

MORE NEWS / MORE COMMENTARY


HOT TOPICS
'Styx Stealer' Blows Its Own Cover With Sloppy OpSec Mistake An individual in Turkey is behind a new information stealer that researchers have recently observed in multiple attacks. Chinese Wi-Fi Router Vendor Draws US Congressional Ire Two congressmen want the US Commerce Department to examine the company's goods and decide if they pose a threat. Name That Toon: Security Games Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. Critical Thinking AI in Cybersecurity: A Stretch or a Possibility? It might still sound far-fetched to say AI can develop critical thinking skills and help us make decisions in the cybersecurity industry. But we're not far off. MORE

PRODUCTS & RELEASES

Malicious Links, AI-Enabled Tools, and Attacks on SMBs Among Top Cybersecurity Threats in H1 Mimecast Global Threat Intelligence Report

IBM SkillsBuild Cybersecurity and Data Analytics Certificates to be Deployed in Community College Systems

New ISAGCA Report Explores Zero-Trust Outcomes in OT Cybersecurity

MORE PRODUCTS & RELEASES

EDITORS' CHOICE

Microsoft Copilot Studio Exploit Leaks Sensitive Cloud Data

A server-side request forgery (SSRF) bug in Microsoft's tool for creating custom AI chatbots potentially exposed info across multiple tenants within cloud environments.

LATEST FROM THE EDGE

The Silver Bullet of MFA Was Never Enough

There is no such thing as a silver bullet in cybersecurity. No, not even multifactor authentication.

LATEST FROM DR TECHNOLOGY

Researchers Highlight How Poisoned LLMs Can Suggest Vulnerable Code

CodeBreaker technique can create code samples that poison the output of code-completing large language models, resulting in vulnerable — and undetectable — code suggestions.

LATEST FROM DR GLOBAL

Chinese Threat Actors Use MSI Files to Bypass Windows, VT Detection

Analysts have been picking up increased cases of malware delivery via Windows Installer files in Southeast Asia.

WEBINARS

View More Dark Reading Webinars >>

WHITE PAPERS

View More White Papers >>

FEATURED REPORTS

View More Dark Reading Reports >>