Schneier on Security
OCTOBER 1, 2024
This vulnerability hacks a feature that allows ChatGPT to have long-term memory, where it uses information from past conversations to inform future conversations with that same user. A researcher found that he could use that feature to plant “false memories” into that context window that could subvert the model. A month later, the researcher submitted a new disclosure statement.
Tech Republic Security
OCTOBER 1, 2024
Version 24H2 adds the sudo command and alerts users when an application accesses their physical location. Microsoft polished other security features, too.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Malwarebytes
OCTOBER 1, 2024
Ireland’s privacy watchdog Data Protection Commission (DPC) has fined Meta €91M ($101M) after the discovery in 2019 that Meta had stored 600 million Facebook and Instagram passwords in plaintext. The DPC ruled that Meta was in violation of GDPR on several occasions related to this breach. It determined that the company failed to “notify the DPC of a personal data breach concerning storage of user passwords in plaintext” without delay, and failed to “document personal data breaches concerning the
Tech Republic Security
OCTOBER 1, 2024
A report from insurer QBE predicts that the world will experience 211 significant cyber attacks this year, marking a 105% increase over four years.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
The Last Watchdog
OCTOBER 1, 2024
Pittsburgh, PA, Oct. 1, 2024 — ForAllSecure , the world’s most advanced application security testing company, today announced it is changing its corporate name to Mayhem Security (“Mayhem”), signaling a new era of growth and opportunity aligned with its award-winning Mayhem Application Security platform. Founded by a team of researchers from Carnegie Mellon, the company’s focus has evolved from research, development, and education to a product company centered arou
Tech Republic Security
OCTOBER 1, 2024
If you’re curious about how to create a secure password, read our in-depth guide covering password security and best practices.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Security Affairs
OCTOBER 1, 2024
North Korea-linked APT Kimsuky has been linked to a cyberattack on Diehl Defence, a German manufacturer of advanced military systems. North Korea-linked APT group Kimsuky has been linked to a cyberattack on Diehl Defence, a defense firm specializing in the production of advanced military systems. Diehl Defence GmbH & Co. KG is a German weapon manufacturer headquartered in Ăśberlingen.
Security Boulevard
OCTOBER 1, 2024
Security operations platform provider Exabeam announced its first product release since acquiring LogRhythm earlier this year, a provider of self-hosted and cloud-native SIEM platforms, log management, network monitoring and behavior and security analytics products. The post Exabeam Brings AI Security Operations to On-Premises, Cloud Native and Hybrid Environments appeared first on Security Boulevard.
Security Affairs
OCTOBER 1, 2024
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds D-Link DIR-820 Router, DrayTek Multiple Vigor Router, Motion Spell GPAC, SAP Commerce Cloud bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SonicWall SonicOS, ImageMagick and Linux Kernel vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog.
eSecurity Planet
OCTOBER 1, 2024
This week was relatively quiet regarding new vulnerabilities, but we’re seeing a few issues, like flaws in WhatsApp Gold and NVIDIA. Additionally, researchers published a report on a Kia dealer portal vulnerability that’s since been fixed but affected millions of vehicles. The flaw could have allowed RCE on vehicles, including unlocking the car, tracking its travel patterns, and causing it to honk.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Security Affairs
OCTOBER 1, 2024
AFP suffered a cyberattack affecting its IT systems and content delivery for partners, the incident impacted some client services. Agence France-Presse (AFP) reported a cyberattack on Friday that impacted its IT systems and content delivery for partners. The media agency confirmed that the global news coverage remains unaffected, however some client services were impacted.
The Hacker News
OCTOBER 1, 2024
Cybersecurity researchers are warning about active exploitation attempts targeting a newly disclosed security flaw in Synacor's Zimbra Collaboration. Enterprise security firm Proofpoint said it began observing the activity starting September 28, 2024.
Security Affairs
OCTOBER 1, 2024
US healthcare provider UMC Health System had to divert patients due to a network outage caused by a ransomware attack. On September 27, 2024, US healthcare provider UMC Health System announced an investigation into an IT outage across its network. UMC diverted patients for several days after taking IT systems offline following a ransomware attack. “However, out of an abundance of caution, we will continue to temporarily divert incoming emergency and non-emergency patients via ambulance to
The Hacker News
OCTOBER 1, 2024
A new set of malicious packages has been unearthed in the Python Package Index (PyPI) repository that masqueraded as cryptocurrency wallet recovery and management services, only to siphon sensitive data and facilitate the theft of valuable digital assets.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Zero Day
OCTOBER 1, 2024
Regular measurement is one way to accurately gauge your level of hypertension. Wrist-based blood pressure monitoring remains elusive, but YHE offers a method that appears better than the rest.
Penetration Testing
OCTOBER 1, 2024
Zimbra, one of the most widely used email and collaboration platforms globally, has recently been identified as vulnerable to a critical security flaw that could allow attackers to take full... The post PoC Exploit Releases for Zimbra RCE Flaw CVE-2024-45519: Mass Exploitation Detected appeared first on Cybersecurity News.
We Live Security
OCTOBER 1, 2024
Having a recovery option built into the OS for all third-party software would be more efficient than relying on each software vendor to develop their own solution.
Malwarebytes
OCTOBER 1, 2024
A common way to activate digital subscriptions such as Netflix, Prime or Disney+ on a new TV is to visit a website and enter the code seen on your screen. It’s much easier than having to authenticate using a remote and typing a username and password. Scammers are creating fake activation pages that they get indexed in Google to lure in victims.
Advertisement
Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!
Tech Republic Security
OCTOBER 1, 2024
Data collection, whether innocuous machine measurements or sensitive and regulated private information, plays a primary role in practically every business that uses the internet and IT infrastructure for business operations. Keeping that collected data safe and away from unauthorized users and criminal intruders is the job of the cybersecurity engineer.
The Hacker News
OCTOBER 1, 2024
The threat actors behind the Rhadamanthys information stealer have added new advanced features to the malware, including using artificial intelligence (AI) for optical character recognition (OCR) as part of what's called "Seed Phrase Image Recognition.
Webroot
OCTOBER 1, 2024
As October rolls around, it’s time to focus on cybersecurity. After all, it’s Cybersecurity Awareness Month —a perfect reminder to check in on the safety of your identity. If you’ve ever had your identity stolen or know someone who has, you understand how serious the problem is. From text scams to stolen passwords, criminals are finding new ways to steal personal information.
SecureWorld News
OCTOBER 1, 2024
When we're talking security, we often overlook a basic fact of human beings: the best protection strategies won't work if no one is paying attention. Too many cybersecurity training programs are designed with lots of focus on the factual content of the training, but with minimal effort to engage people. Boring training is ineffective, so we need to fundamentally rethink our approach to awareness.
Advertisement
Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.
Webroot
OCTOBER 1, 2024
From the apps on our smartphones to chatbot assistant services, artificial intelligence (AI) is transforming our lives in both big and small ways. But as exciting as AI can be, it’s also important to understand its potential risks. October is Cybersecurity Awareness Month , making it the perfect time to become more cyber-savvy about AI. Let’s dive in.
SecureWorld News
OCTOBER 1, 2024
On Sun day, California Governor Gavin Newsom vetoed Senate Bill 1047, a bill that aimed to implement the most extensive AI regulations in the United States. The bill, seen as a model for national AI legislation, sought to establish sweeping oversight over the booming artificial intelligence industry in California. The veto sparked mixed reactions. AI advocates and tech companies welcomed the move, citing concerns that strict regulations could stifle innovation and competitiveness in California's
NSTIC
OCTOBER 1, 2024
This blog is part of a larger NIST series during the month of October for Cybersecurity Awareness Month , called 'Staff Stories Spotlight.' Throughout the month of October this year, Q&A style blogs will be published featuring some of our unique staff members who have interesting backgrounds, stories to tell, and projects in the world of cybersecurity.
Heimadal Security
OCTOBER 1, 2024
Most people today have at least some experience with patching. If you own a smartphone, you will be familiar with Android or iOS updates. Same goes with the apps on your phone. Whether you use banking, travel or social media apps, you’ll occasionally get notifications pushing you to update these tools. While patching is common, […] The post Why Is IT Forcing You to Patch Your Software?
Advertisement
IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.
The Hacker News
OCTOBER 1, 2024
Since its emergence, Generative AI has revolutionized enterprise productivity. GenAI tools enable faster and more effective software development, financial analysis, business planning, and customer engagement. However, this business agility comes with significant risks, particularly the potential for sensitive data leakage.
Cisco Security
OCTOBER 1, 2024
Passwords are a problem and it’s hard to make a good one. So what can you do? Make them long, make them random, and maybe use a password manager. Passwords are a problem and it’s hard to make a good one. So what can you do? Make them long, make them random, and maybe use a password manager.
Zero Day
OCTOBER 1, 2024
Hurricane Helene's devastation highlights a need for more people to have easier access to satellite messaging. Here are your options right now.
We Live Security
OCTOBER 1, 2024
Despite their benefits, awareness campaigns alone are not enough to encourage widespread adoption of cybersecurity best practices.
Advertisement
Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.
Expert insights. Personalized for you.
239 
Let's personalize your content