SecOps & Risk mitigation
CyberProof uses OSINT and threat intelligence feeds for visibility into threats.
CyberProof’s adaptable playbooks address continuously evolving threats with updated strategies.
Professionals manage sophisticated networks, leveraging experience to counter advanced threats.
Professionals manage sophisticated networks, leveraging experience to counter advanced threats.
24/7 global SOC support ensures incident response with guaranteed SLA.
24/7 global SOC support ensures incident response with guaranteed SLA.
CyberProof develops recovery plans, restoring capabilities after a cyber incident.
Classify and manage enterprise assets, understanding risks and data sensitivity.
Non-destructive tests uncover potential exploits in assets and applications.
Mitigate security issues early with CyberProof’s training and awareness programs.
Rigorous security assessment for on-premise and cloud applications to ensure protection.
IAM manages user access, monitors for anomalies, ensuring security.
Cloud First approach ensures compliance and security within cloud environments.
Managed service for SIEM, EDR, MXDR, and threat intelligence solutions.
Identify, assess, and mitigate security vulnerabilities through regular scanning.
Partners
See all partnersCase Studies
90% increase in visibility after deploying Microsoft XDR with CyberProof
Enterprise saves millions on data ingestion & storage following cloud migration.
International logistics company sees 40% savings in security operations costs
Threat Alerts
Critical Flaw in NVIDIA Container Toolkit Allows Full Host Takeover
Researchers have recently identified a critical security flaw CVE-2024-0132 (CVSS Score 8.3) in the NVIDIA Container Toolkit, which is widely used to provide containerized AI applications with access to GPU resources. This container-escape vulnerability allows an attacker with control over container images running on the NVIDIA Toolkit to break out of the container and gain unauthorized access to the underlying host system. Environments that allow third-party or external container images, or AI models, are particularly at risk.
An attacker exploiting CVE-2024-0132 can craft a malicious container image designed to trigger the vulnerability within the NVIDIA Container Toolkit. When executed on a target platform, either directly or through supply chain manipulation, the image allows the attacker to mount and gain full read access to the host’s file system. This visibility into the underlying infrastructure potentially exposes sensitive data from other users. Furthermore, by accessing Container Runtime Unix sockets (docker.sock/containerd.sock), the attacker can exploit Linux socket behavior to execute arbitrary commands with root privileges, leading to full control of the host system.
FIN7 Exploits AI Trend with Fake Nude Image Sites
The notorious hacking group FIN7 has adopted a new tactic, setting up fake websites that claim to offer AI-generated nude images. These sites, designed to look legitimate and rank high in search results, entice users interested in deepfake technology. However, instead of delivering promised images, they install malware on visitors’ computers.
Active since at least 2013 and linked to various ransomware operations, FIN7’s latest scheme involves sites like nude-ai[.]pro and iNude[.]ai. Users are encouraged to upload photos for transformation into nude images, but upon attempting to download the results, they unknowingly receive malware-laden files instead. This malware includes tools like Lumma Stealer and NetSupport RAT, capable of harvesting sensitive information and giving attackers remote access.
This strategy reflects FIN7’s ability to adapt to current trends, using social engineering to exploit curiosity about controversial technology. As such, individuals and organizations face increased risks, including identity theft and data breaches. It serves as a stark reminder of the importance of vigilance when interacting with seemingly innocuous online content, particularly from unverified sources.