The US Cybersecurity and Infrastructure Security Agency (CISA) has this week added a vulnerability that was first disclosed in January in the GitLab open source platform to its Known Exploited Vulnerabilities (KEV) catalogue, prompting a flurry of warnings urging users of the service to apply available patches immediately. Tracked as CVE-2023-7028 and discovered through GitLab’s…
HM Revenue & Customs (HMRC) has confirmed the Github repository housing the source code for its online IR35 employment status checker tool has been restored, after it was deleted “in error” during a platform migration. The government tax collection agency recently completed the process of migrating its Check Employment Status for Tax (CEST) tool to…
As AMD is now well into their third generation of RDNA architecture GPUs, the sun has been slowly setting on AMD’s remaining Graphics Core Next (GCN) designs, better known by the architecture names of Polaris and Vega. In recent weeks the company dropped support for those GPU architectures in their open source Vulkan Linux driver,…
AMD Begins Polaris and Vega GPU Retirement Process, Reduces Ongoing Driver Support Read More »
Cyber professionals frustrated with stagnating salaries and poor working conditions are increasingly turning to the cyber criminal underground to increase their pay, cover expenses and replace dried-up work, the Chartered Institute of Information Security (CIISec) has warned in its latest State of the profession report. The study highlighted that a lack of appropriate remuneration is…
Cash-strapped cyber pros go rogue on the dark web Read More »
The operators of leading open source software (OSS) package repositories, including the Python Software Foundation and the Rust Foundation, have set out the actions they are taking to help better secure and protect the open source software (OSS) ecosystem, underscored by a series of high-profile OSS flaws in the past few years, most notably Log4Shell.…
OSS leaders detail commitments to bolster software security Read More »
Kaspersky has shared more details of a novel iOS spyware that it discovered earlier this year when its own devices came under attack in a campaign dubbed Operation Triangulation. Dozens of Kaspersky employees are understood to have been affected by the advanced persistent threat (APT) campaign, which employed a “sophisticated method” of distributing zero-click exploits…
Kaspersky opens up over spyware campaign targeting its staffers Read More »
Researchers at the University of Sheffield said they have successfully fooled a number of natural language processing (NLP) generative artificial intelligence (GenAI) tools – including ChatGPT – into producing effective code that can be used to launch real-world cyber attacks. The potential for tools like ChatGPT to be exploited and tricked into writing malicious code…
Research team tricks AI chatbots into writing usable malicious code Read More »
Microsoft has learned an important lesson after having to clean up a major data leak resulting from an “overly permissive” shared access signature (SAS) token accidentally disclosed by one of its employees. The incident took place in June 2023, when a Microsoft researcher shared a URL for an Azure Blob store in a public GitHub repository…
38TB Microsoft data leak highlights risks of oversharing Read More »
Accountability, access, diversity, choice, flexibility and transparency are among the key principles the Competition and Markets Authority (CMA) has set out in its preliminary report on foundational AI models. Discussing the report, Sarah Cardell, CEO of the CMA, said: “The speed at which AI is becoming part of everyday life for people and businesses is…
Software engineering covers all of Dunelm’s business domains. Over the past few years, the retailer has updated its IT infrastructure from running off-the-shelf ecommerce via IBM WebSphere on Rackspace to building everything in-house. “Like many companies, digital transformation starts with the website and goes deeper and wider after that,” says Paul Kerrison, director of engineering…
