Schneier on Security
OCTOBER 1, 2024
This vulnerability hacks a feature that allows ChatGPT to have long-term memory, where it uses information from past conversations to inform future conversations with that same user. A researcher found that he could use that feature to plant “false memories” into that context window that could subvert the model. A month later, the researcher submitted a new disclosure statement.
Tech Republic Security
OCTOBER 1, 2024
Version 24H2 adds the sudo command and alerts users when an application accesses their physical location. Microsoft polished other security features, too.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Malwarebytes
OCTOBER 1, 2024
Ireland’s privacy watchdog Data Protection Commission (DPC) has fined Meta €91M ($101M) after the discovery in 2019 that Meta had stored 600 million Facebook and Instagram passwords in plaintext. The DPC ruled that Meta was in violation of GDPR on several occasions related to this breach. It determined that the company failed to “notify the DPC of a personal data breach concerning storage of user passwords in plaintext” without delay, and failed to “document personal data breaches concerning the
Tech Republic Security
OCTOBER 1, 2024
A report from insurer QBE predicts that the world will experience 211 significant cyber attacks this year, marking a 105% increase over four years.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Security Affairs
OCTOBER 1, 2024
AFP suffered a cyberattack affecting its IT systems and content delivery for partners, the incident impacted some client services. Agence France-Presse (AFP) reported a cyberattack on Friday that impacted its IT systems and content delivery for partners. The media agency confirmed that the global news coverage remains unaffected, however some client services were impacted.
Tech Republic Security
OCTOBER 1, 2024
If you’re curious about how to create a secure password, read our in-depth guide covering password security and best practices.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Malwarebytes
OCTOBER 1, 2024
A common way to activate digital subscriptions such as Netflix, Prime or Disney+ on a new TV is to visit a website and enter the code seen on your screen. It’s much easier than having to authenticate using a remote and typing a username and password. Scammers are creating fake activation pages that they get indexed in Google to lure in victims.
Security Affairs
OCTOBER 1, 2024
US healthcare provider UMC Health System had to divert patients due to a network outage caused by a ransomware attack. On September 27, 2024, US healthcare provider UMC Health System announced an investigation into an IT outage across its network. UMC diverted patients for several days after taking IT systems offline following a ransomware attack. “However, out of an abundance of caution, we will continue to temporarily divert incoming emergency and non-emergency patients via ambulance to
The Hacker News
OCTOBER 1, 2024
Cybersecurity researchers are warning about active exploitation attempts targeting a newly disclosed security flaw in Synacor's Zimbra Collaboration. Enterprise security firm Proofpoint said it began observing the activity starting September 28, 2024.
Security Affairs
OCTOBER 1, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds D-Link DIR-820 Router, DrayTek Multiple Vigor Router, Motion Spell GPAC, SAP Commerce Cloud bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SonicWall SonicOS, ImageMagick and Linux Kernel vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
The Hacker News
OCTOBER 1, 2024
A new set of malicious packages has been unearthed in the Python Package Index (PyPI) repository that masqueraded as cryptocurrency wallet recovery and management services, only to siphon sensitive data and facilitate the theft of valuable digital assets.
Security Boulevard
OCTOBER 1, 2024
The U.S. and its Five Eyes alliance partners are warning enterprises techniques threat actors use to target Microsoft's Active Directory and ways that they can detect and mitigate such attacks. The post Five Eyes Agencies Put Focus on Active Directory Threats appeared first on Security Boulevard.
The Hacker News
OCTOBER 1, 2024
The threat actors behind the Rhadamanthys information stealer have added new advanced features to the malware, including using artificial intelligence (AI) for optical character recognition (OCR) as part of what's called "Seed Phrase Image Recognition.
We Live Security
OCTOBER 1, 2024
Despite their benefits, awareness campaigns alone are not enough to encourage widespread adoption of cybersecurity best practices.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
The Hacker News
OCTOBER 1, 2024
Since its emergence, Generative AI has revolutionized enterprise productivity. GenAI tools enable faster and more effective software development, financial analysis, business planning, and customer engagement. However, this business agility comes with significant risks, particularly the potential for sensitive data leakage.
We Live Security
OCTOBER 1, 2024
Having a recovery option built into the OS for all third-party software would be more efficient than relying on each software vendor to develop their own solution.
The Last Watchdog
OCTOBER 1, 2024
Pittsburgh, PA, Oct. 1, 2024 — ForAllSecure , the world’s most advanced application security testing company, today announced it is changing its corporate name to Mayhem Security (“Mayhem”), signaling a new era of growth and opportunity aligned with its award-winning Mayhem Application Security platform. Founded by a team of researchers from Carnegie Mellon, the company’s focus has evolved from research, development, and education to a product company centered arou
Security Boulevard
OCTOBER 1, 2024
Security operations platform provider Exabeam announced its first product release since acquiring LogRhythm earlier this year, a provider of self-hosted and cloud-native SIEM platforms, log management, network monitoring and behavior and security analytics products. The post Exabeam Brings AI Security Operations to On-Premises, Cloud Native and Hybrid Environments appeared first on Security Boulevard.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
SecureList
OCTOBER 1, 2024
Key Group, or keygroup777, is a financially motivated ransomware group primarily targeting Russian users. The group is known for negotiating with victims on Telegram and using the Chaos ransomware builder. The first public report on Key Group’s activity was released in 2023 by BI.ZONE, a cybersecurity solutions vendor: the attackers drew attention when they left an ideological note during an attack on a Russian user, in which they did not demand money.
CompTIA on Cybersecurity
OCTOBER 1, 2024
Get the most out of cybersecurity awareness month with these resources from the CompTIA Community.
WIRED Threat Level
OCTOBER 1, 2024
UK law enforcement and international partners have released new details about the cybercriminal gang Evil Corp, including its use of the Lockbit ransomware platform and ties to Russian intelligence.
eSecurity Planet
OCTOBER 1, 2024
This week was relatively quiet regarding new vulnerabilities, but we’re seeing a few issues, like flaws in WhatsApp Gold and NVIDIA. Additionally, researchers published a report on a Kia dealer portal vulnerability that’s since been fixed but affected millions of vehicles. The flaw could have allowed RCE on vehicles, including unlocking the car, tracking its travel patterns, and causing it to honk.
Advertisement
Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!
Zero Day
OCTOBER 1, 2024
If you care about your phone privacy, consider tweaking these settings to prevent Android from targeting you with ads. Here's how.
Penetration Testing
OCTOBER 1, 2024
Zimbra, one of the most widely used email and collaboration platforms globally, has recently been identified as vulnerable to a critical security flaw that could allow attackers to take full... The post PoC Exploit Releases for Zimbra RCE Flaw CVE-2024-45519: Mass Exploitation Detected appeared first on Cybersecurity News.
Zero Day
OCTOBER 1, 2024
Regular measurement is one way to accurately gauge your level of hypertension. Wrist-based blood pressure monitoring remains elusive, but YHE offers a method that appears better than the rest.
SecureWorld News
OCTOBER 1, 2024
When we're talking security, we often overlook a basic fact of human beings: the best protection strategies won't work if no one is paying attention. Too many cybersecurity training programs are designed with lots of focus on the factual content of the training, but with minimal effort to engage people. Boring training is ineffective, so we need to fundamentally rethink our approach to awareness.
Advertisement
Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.
Zero Day
OCTOBER 1, 2024
Hurricane Helene's devastation highlights a need for more people to have easier access to satellite messaging. Here are your options right now.
SecureWorld News
OCTOBER 1, 2024
On Sun day, California Governor Gavin Newsom vetoed Senate Bill 1047, a bill that aimed to implement the most extensive AI regulations in the United States. The bill, seen as a model for national AI legislation, sought to establish sweeping oversight over the booming artificial intelligence industry in California. The veto sparked mixed reactions. AI advocates and tech companies welcomed the move, citing concerns that strict regulations could stifle innovation and competitiveness in California's
Zero Day
OCTOBER 1, 2024
The Suunto Wing headphones are my new go-to for maintaining awareness of my surroundings while enjoying hours of motivating music.
Webroot
OCTOBER 1, 2024
As October rolls around, it’s time to focus on cybersecurity. After all, it’s Cybersecurity Awareness Month —a perfect reminder to check in on the safety of your identity. If you’ve ever had your identity stolen or know someone who has, you understand how serious the problem is. From text scams to stolen passwords, criminals are finding new ways to steal personal information.
Advertisement
IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.
Expert insights. Personalized for you.
257 
Let's personalize your content