Nate Nelson

1 week ago | darkreading.com | Nate Nelson

Researchers have identified nearly a dozen security issues in the research-oriented AI chatbot Perplexity. Perplexity was released one week after ChatGPT, right as the maelstrom around artificial intelligence (AI) chatbots began, in late 2022. From the beginning, it distinguished itself for its accuracy — providing users with deeply researched answers with citations to queries. Being innovative and early to market occasionally comes with a cost, though.

2 weeks ago | darkreading.com | Nate Nelson

Three newly discovered, malicious open source software (OSS) packages have been infecting legitimate software with Trojanized patches. Threat actors have long been known to conceal malware inside of legitimate (or legitimate-seeming) software packages, hoping to ensnare unwitting users into downloading them. It's not an easy thing to pull off, though, under the watchful eyes of thousands of developers. Many poisoned packages have lived and died in short windows of time, with few or no downloads.

2 weeks ago | datacenterknowledge.com | Nate Nelson

The rate of severe cloud security incidents affecting customers of Palo Alto Networks rose more than threefold over the course of 2024. By comparing the beginning and end of 2024, Palo Alto tracked a 388% increase in cloud security alerts affecting organizations. The overwhelming majority of that rise can be attributed to neither threats of low severity (up 10% through the year) nor even medium severity (up 21%), but high-severity incidents, which rose by a full 235%.

2 weeks ago | darkreading.com | Nate Nelson

Phishers, ransomware groups, and state-sponsored actors are using a decades-old domain name system (DNS) abuse technique to supercharge their malicious infrastructure. "Fast flux" has been around for years, and it doesn't involve any kind of exotic technologies or tools. It's all about abusing legitimate DNS features to make detecting and taking down malicious domains extra difficult. On April 3, the Cybersecurity and Infrastructure Security Agency (CISA) published an advisory about fast flux.

3 weeks ago | darkreading.com | Nate Nelson

Reported cybersecurity incidents in Israel rose 24% in 2024, largely thanks to Iran and its proxy militias. But the trajectory of this cyber conflict has not followed a straight path, as recent signals suggest it might be slowing and evolving. Any simple comparison of cyber threat data before and after Oct. 7, 2023, tells a seemingly straightforward story. In 2023, the Israel National Cyber Directorate (INCD) released 367 alerts about vulnerabilities, attacks, and threats.