CAI cloud worm gives competitors’ malware the boot, then steals secrets and mines for coin

There’s no honor among thieves as a new worm steals from other infectious software. It pilfers “multiple” victims’ credentials and mines for cryptocurrency while killing competitors’ processes, including similar secret-harvesting malware. It’s called Cloud AI Infrastructure Attack Framework (CAI), and Read More …

Confidential computing’s core trust mechanism is broken. The fix may not exist

Vendors are trying to position “confidential computing” as the technical backbone of Europe’s sovereign cloud ambitions. But new research shows that a security protocol used to prove cryptographic trust in the system may have a fundamental architectural flaw. Confidential computing Read More …

AdaptHealth says attackers sweet-talked their way into cloud systems and stole patient data

AdaptHealth says attackers used social engineering to breach its systems and steal sensitive patient data, including passwords associated with insurance billing. The medical equipment company disclosed the attack to the Securities and Exchange Commission (SEC) on Thursday, noting that attackers accessed internal Read More …

More than 12,000 servers supported a coordinated phishing infrastructure worldwide

When a suspicious email lands in your inbox promising financial rewards or urgent payment requests, the infrastructure behind that email is rarely what it appears to be. An investigation by Comparitech revealed a coordinated spam and phishing network spanning 12,704 servers in Read More …

App host Vercel says it was hacked and customer data stolen

Cloud app hosting giant Vercel this weekend said hackers had breached its internal systems and accessed customer data. Hackers have claimed they have stolen sensitive customer credentials from Vercel’s systems and are selling the data online. In a statement on Read More …

AWS says more than 600 FortiGate firewalls hit in AI-augmented campaign

Cybercriminals armed with off-the-shelf generative AI tools compromised more than 600 internet-exposed FortiGate firewalls across 55 countries in just over a month, according to a new incident report from AWS. The campaign, which ran from mid-January to mid-February, relied less Read More …

Data leak at Abu Dhabi finance summit exposes global figures

Former British prime minister David Cameron and hedge fund billionaire Alan Howard were among the hundreds whose passports and other identification papers were leaked online after they attended an Abu Dhabi conference, the Financial Times reported on Feb 17. The Read More …

EU Parliament blocks AI tools over cyber, privacy fears

he European Parliament has disabled AI features on the work devices of lawmakers and their staff over cybersecurity and data protection concerns, according to an internal email seen by POLITICO. The chamber emailed its members on Monday to say it Read More …

Novel Technique to Detect Cloud Threat Actor Operations

Cloud-based alerting systems often struggle to distinguish between normal cloud activity and targeted malicious operations by known threat actors. The difficulty doesn’t lie in an inability to identify complex alerting operations across thousands of cloud resources or in a failure Read More …

Airbus to migrate critical apps to a sovereign Euro cloud

Airbus is preparing to tender a major contract to migrate mission-critical workloads to a digitally sovereign European cloud – but estimates only an 80/20 chance of finding a suitable provider. The aerospace manufacturer, which has already consolidated its datacenter estate Read More …