Troy Hunt
JUNE 30, 2024
Last week, I wrote about The State of Data Breaches and got loads of feedback. It was predominantly sympathetic to the position I find myself in running HIBP, and that post was mostly one of frustration: lack of disclosure, standoffish organisations, downplaying breaches and the individual breach victims themselves making it worse by going to town on the corporate victims.
Lohrman on Security
JUNE 30, 2024
I’m always looking for best practices and examples to share around government AI and cyber projects. Monty 2.0 is certainly praiseworthy and a GenAI project to watch and learn from.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Bleeping Computer
JUNE 30, 2024
Fake IT support sites promote malicious PowerShell "fixes" for common Windows errors, like the 0x80070643 error, to infect devices with information-stealing malware. [.
Security Affairs
JUNE 30, 2024
Russia-linked APT group, reportedly APT29, is suspected to be behind a hack of TeamViewer ‘s corporate network. TeamViewer discovered that a threat actor has breached its corporate network and some reports attribute the intrusion to the Russia-linked APT group APT29 (aka SVR group , BlueBravo , Cozy Bear , Nobelium , Midnight Blizzard , and The Dukes ).
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Bleeping Computer
JUNE 30, 2024
The popular open source project, 'ip' had its GitHub repository archived, or made "read-only" by its developer as a result of a dubious CVE report filed for his project. Unfortunately, open-source developers have recently been met with an uptick in debatable or outright bogus CVEs filed for their projects. [.
Security Affairs
JUNE 30, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Infosys McCamish Systems data breach impacted over 6 million people A cyberattack shut down the University Hospital Centre Zagreb in Croatia US announces a $10M reward for Russia’s GRU hacker behind attacks on Ukraine New P2Pinfect version delivers
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Bleeping Computer
JUNE 30, 2024
Juniper Networks has released an emergency update to address a maximum severity vulnerability that leads to authentication bypass in Session Smart Router (SSR), Session Smart Conductor, and WAN Assurance Router products. [.
Penetration Testing
JUNE 30, 2024
In a move towards greater transparency and security, Microsoft has announced a new practice of assigning Common Vulnerabilities and Exposures (CVE) numbers for significant vulnerabilities found and fixed within their cloud services. This shift... The post Microsoft Issues CVE Numbers for Cloud Service Vulnerabilities appeared first on Cybersecurity News.
Bleeping Computer
JUNE 30, 2024
Google is working on a new Unrestricted WebUSB feature, which allows trusted isolated web apps to bypass security restrictions in the WebUSB API. [.
Penetration Testing
JUNE 30, 2024
Researchers at the University of California San Diego have published a groundbreaking paper detailing a new class of security vulnerabilities in Intel’s high-end CPUs. These vulnerabilities, dubbed “Indirector” attacks, exploit weaknesses in the chip’s... The post Indirector – High-Precision Branch Target Injection Attacks: A New Threat to Intel CPUs appeared first on Cybersecurity News.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
SecureBlitz
JUNE 30, 2024
In this post, I will address the future of manufacturing and talk about cutting-edge tech. Cutting-edge developments are about to trigger a technological revolution in the manufacturing sector. Innovations in artificial intelligence, 3D printing, robotics, quantum computing, and the Industrial Internet of Things are revolutionizing the design, manufacturing, and maintenance of products.
Penetration Testing
JUNE 30, 2024
A critical denial-of-service (DoS) vulnerability has been identified in media servers handling WebRTC’s DTLS-SRTP. This flaw, stemming from a race condition between ICE and DTLS traffic, can disrupt media sessions, threatening the availability of... The post Critical Vulnerability in WebRTC Media Servers Threatens Real-Time Communication appeared first on Cybersecurity News.
Security Boulevard
JUNE 30, 2024
Authors/Presenters:Athanasios Avgetidis, Omar Alrawi, Kevin Valakuzhy, Charles Lever, Paul Burbage, Angelos D. Keromytis, Fabian Monrose, Manos Antonakakis Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott ; and via the organizations YouTube channel.
Penetration Testing
JUNE 30, 2024
A security researcher has released proof-of-concept (PoC) exploit code targeting a high-severity vulnerability (CVE-2024-0193) within the Linux kernel. This use-after-free flaw in the netfilter subsystem, scored 7.8 on the CVSS scale, can be exploited... The post PoC Exploit Published for Linux Kernel Privilege Escalation Flaw (CVE-2024-0193) appeared first on Cybersecurity News.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Security Boulevard
JUNE 30, 2024
I’m always looking for best practices and examples to share around government AI and cyber projects. Monty 2.0 is certainly praiseworthy and a GenAI project to watch and learn from. The post Montgomery County, Md.’s Chatbot Shows GenAI in Action appeared first on Security Boulevard.
Penetration Testing
JUNE 30, 2024
In a recent report, Unit 42 researchers have revealed a concerning trend: threat actors are increasingly exploiting publicly available Cobalt Strike profiles to mask their malicious activities and bypass security measures. Cobalt Strike, a... The post Attackers Leveraging Public Cobalt Strike Profiles to Evade Detection appeared first on Cybersecurity News.
Zero Day
JUNE 30, 2024
Gen AI opens up all kinds of opportunities to obtain sensitive data without even building malware.
Penetration Testing
JUNE 30, 2024
Security researchers at Trend Micro have uncovered a sophisticated campaign by the Water Sigbin threat actor, also known as the 8220 Gang, targeting Oracle WebLogic servers to deploy XMRig cryptocurrency miners. This group, primarily... The post Water Sigbin Threat Actor Targets Oracle WebLogic Servers to Deploy XMRig Cryptominer appeared first on Cybersecurity News.
Advertisement
Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!
Penetration Testing
JUNE 30, 2024
The Document Foundation, the organization behind the popular open-source office suite LibreOffice, has issued an urgent security advisory regarding a critical vulnerability (CVE-2024-5261) in its LibreOfficeKit component. This flaw could allow attackers to intercept... The post CVE-2024-5261 (CVSS 10): LibreOffice Patches Critical Vulnerability in LibreOfficeKit appeared first on Cybersecurity News.
Expert insights. Personalized for you.
231 
Let's personalize your content