The Last Watchdog

AUGUST 3, 2024

When Tanisha Martin, a veteran software quality assurance analyst, sought to move over to a security team a few years ago, the doors should have been wide open, given the much-ballyhooed cybersecurity skills shortage. Related: Modernizing security training Instead, she ran into a rigid wall of shortsightedness. So, Martin taught herself ethical hacking skills and then founded Black Girls Hack to guide others down the trail she blazed.

Hacking 246

Hacking Internet Internet Software 246

Bleeping Computer

AUGUST 3, 2024

A Chinese hacking group tracked as StormBamboo has compromised an undisclosed internet service provider (ISP) to poison automatic software updates with malware. [.

Software 139

Software Malware Internet Internet 139

The Hacker News

AUGUST 3, 2024

The U.S. Department of Justice (DoJ), along with the Federal Trade Commission (FTC), filed a lawsuit against popular video-sharing platform TikTok for "flagrantly violating" children's privacy laws in the country. The agencies claimed the company knowingly permitted children to create TikTok accounts and to view and share short-form videos and messages with adults and others on the service.

Accountability 125

Accountability 125

Bleeping Computer

AUGUST 3, 2024

A novel Linux Kernel cross-cache attack named SLUBStick has a 99% success in converting a limited heap vulnerability into an arbitrary memory read-and-write capability, letting the researchers elevate privileges or escape containers. [.

121

121

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Security Affairs

AUGUST 3, 2024

The U.S. Department of Justice has sued TikTok and its parent company, ByteDance, for extensive violations of children’s privacy laws. The Justice Department and the Federal Trade Commission (FTC) filed a civil lawsuit in the U.S. District Court for the Central District of California against TikTok Inc., its parent company ByteDance Ltd., and their affiliates (together, TikTok) for extensive violations of the Children’s Online Privacy Protection Act and its implementing regulations (COPPA)

Accountability 129

Accountability Data collection Risk Hacking 129

Trend Micro

AUGUST 3, 2024

This article by Trend Micro CEO Eva Chen brings focus back to striking the cybersecurity strategies balance between business C-suite and information technology (IT) departments.

Technology 88

Technology Cybersecurity Artificial Intelligence Cyber threats 88

SecureWorld News

AUGUST 3, 2024

In the rapid pace of Industrial Control Systems (ICS) and the Internet of Things (IoT), security can feel like an uphill battle against SCADA systems, which control and monitor essential infrastructure like power grids and water supplies, and IoT devices, which expand connectivity and functionality across industries, are integral to modern operations.

IoT 91

IoT Education Technology Passwords 91

WIRED Threat Level

AUGUST 3, 2024

Plus: Meta pays $1.4 million in a historic privacy settlement, Microsoft blames a cyberattack for a major Azure outage, and an artist creates a face recognition system to reveal your NYPD “coppelganger.

Hacking 73

Hacking 73

Security Boulevard

AUGUST 3, 2024

When Tennisha Martin, a veteran software quality assurance analyst, sought to move over to a security team a few years ago, the doors should have been wide open, given the much-ballyhooed cybersecurity skills shortage. Related: Modernizing security training Instead, … (more…) The post Black Hat Fireside Chat: ‘Black Girls Hack’ emphasizes diversity as effective force multiplier first appeared on The Last Watchdog.

Hacking 69

Hacking Software Cybersecurity 69

Thales Cloud Protection & Licensing

AUGUST 3, 2024

Fraud detection in banking josh.pearson@t… Sat, 08/03/2024 - 23:33 Banks and financial institutions (FIs) use fraud detection in banking technologies and strategies to reduce the risks of fraud to their business. These risks include the financial costs of fraud as well as the reputational damage that it causes. Identity & Access Management Ammar Faheem | Product Marketing Manager More About This Author > What is fraud detection in banking?

Banking 62

Banking Risk Authentication Cyber Attacks 62

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Penetration Testing

AUGUST 3, 2024

In today’s digital landscape, ensuring the security of web services is paramount. Enter BunkerWeb, a cutting-edge, open-source Web Application Firewall (WAF) that promises to make web security seamless and effective. Built on the robust... The post BunkerWeb: The Next-Generation Open-Source Web Application Firewall appeared first on Cybersecurity News.

Firewall 77

Firewall Cybersecurity 77

Security Boulevard

AUGUST 3, 2024

Authors/Presenters:Deevashwer Rathee, Anwesh Bhattacharya, Divya Gupta, Rahul Sharma, Dawn Song Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott ; and via the organizations YouTube channel.

Network Security 64

Network Security 64

Penetration Testing

AUGUST 3, 2024

Cybercriminals have seized over 35,000 registered domains using an attack researchers have dubbed “Sitting Ducks.” This method allows attackers to capture domains without accessing the owner’s account with the DNS provider or registrar. In... The post Domain Takeover: 35,000+ Victims of Sitting Ducks Attack appeared first on Cybersecurity News.

DNS 74

DNS Accountability Cybersecurity 74

Penetration Testing

AUGUST 3, 2024

Microsoft has seized a domain used by the Vietnamese group Storm-1152 to sell fraudulent accounts and CAPTCHA bypass services. The domain rockcaptcha[.]com was taken down six months after Microsoft announced a large-scale operation against Storm-1152,... The post Storm-1152’s CAPTCHA Bypass Operation Foiled by Microsoft appeared first on Cybersecurity News.

Accountability 63

Accountability Cybersecurity 63

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software