Mon.Nov 11, 2024

article thumbnail

GUEST ESSAY: The promise and pitfalls of using augmented reality– ‘AR’ — in cybersecurity

The Last Watchdog

Augmented reality use cases have become prevalent in our society. The technology, which first emerged primarily in the world of gaming and entertainment, now promises to reshape our reality with interactive information and immersive experiences. In short, AR is undoubtedly a groundbreaking technology that will reinvent how we interact with the digital world.

article thumbnail

How to migrate from X to Bluesky without losing your followers

Zero Day

This extension lets you easily migrate your follows and block list from X (formerly Twitter) to Bluesky, but you need to act fast because its functionality may be short-lived. Here's why.

145
145
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Tor Network Thwarts IP Spoofing Attack

Penetration Testing

A coordinated attack targeting the Tor network has been neutralized thanks to the swift action of the Tor community and security researchers. In late October, the Tor Project faced a... The post Tor Network Thwarts IP Spoofing Attack appeared first on Cybersecurity News.

article thumbnail

News alert: Sweet Security rolls out its advanced runtime detection and response platform for AWS

The Last Watchdog

Tel Aviv, Israel, Nov. 11, 2024, CyberNewswire — Sweet Security today announced the availability of its cloud-native detection and response platform on the Amazon Web Services (AWS) marketplace. Sweet’s solution unifies threat detection across cloud infrastructure, network, workloads, and applications. It provides deep runtime context that enables security teams to quickly extract actual attack narratives from a sea of isolated incidents.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Security Flaws in Popular ML Toolkits Enable Server Hijacks, Privilege Escalation

The Hacker News

Cybersecurity researchers have uncovered nearly two dozen security flaws spanning 15 different machine learning (ML) related open-source projects. These comprise vulnerabilities discovered both on the server- and client-side, software supply chain security firm JFrog said in an analysis published last week.

Software 121
article thumbnail

The AI Machine Gun of the Future Is Already Here

WIRED Threat Level

The Pentagon is pursuing every available option to keep US troops safe from the rising tide of adversary drones, including a robotic twist on its standard-issue small arms.

103
103

More Trending

article thumbnail

GuLoader Campaign Targets European Industrial Sector with Evolving Evasion Techniques

Penetration Testing

Cado Security Labs has uncovered a targeted GuLoader malware campaign aimed at European industrial and engineering companies. This campaign leverages sophisticated evasion tactics to deliver Remote Access Trojans (RATs), specifically... The post GuLoader Campaign Targets European Industrial Sector with Evolving Evasion Techniques appeared first on Cybersecurity News.

article thumbnail

THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 04 - Nov 10)

The Hacker News

⚠️ Imagine this: the very tools you trust to protect you online—your two-factor authentication, your car’s tech system, even your security software—turned into silent allies for hackers. Sounds like a scene from a thriller, right? Yet, in 2024, this isn’t fiction; it’s the new cyber reality.

article thumbnail

Unpatched Epson Devices at Risk: CVE-2024-47295 Allows Easy Hijacking

Penetration Testing

A newly discovered security vulnerability, CVE-2024-47295, affecting multiple SEIKO EPSON products, could allow attackers to take control of devices with administrative privileges. This issue arises from an insecure initial password... The post Unpatched Epson Devices at Risk: CVE-2024-47295 Allows Easy Hijacking appeared first on Cybersecurity News.

Risk 96
article thumbnail

A new fileless variant of Remcos RAT observed in the wild

Security Affairs

Fortinet researchers discovered a new phishing campaign spreading a variant of the commercial malware Remcos RAT. Fortinet’s FortiGuard Labs recently uncovered a phishing campaign spreading a new variant of the Remcos RAT. Remcos is a commercial remote administration tool (RAT) that is sold online to allow buyers remote control over computers. Threat actors use Remcos to steal sensitive information and control victims’ computers for malicious activities.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

JavaScript Drive-By Attacks: New Exploits without 0-Day in Google Chrome

Penetration Testing

Ron Masas from Imperva Threat Research has uncovered a new way attackers can target Chrome users without relying on 0-day vulnerabilities. This approach leverages the File System Access API, which... The post JavaScript Drive-By Attacks: New Exploits without 0-Day in Google Chrome appeared first on Cybersecurity News.

article thumbnail

Amazon discloses employee data breach after May 2023 MOVEit attacks

Security Affairs

Amazon disclosed a data breach exposing employee data, with information allegedly stolen in the May 2023 MOVEit attacks. Amazon disclosed a data breach that exposed employee information after data was allegedly stolen during the May 2023 MOVEit attacks. The company said that the data was stolen from a third-party vendor. Amazon did not disclose the number of impacted employees.

article thumbnail

HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities

The Hacker News

Hewlett Packard Enterprise (HPE) has released security updates to address multiple vulnerabilities impacting Aruba Networking Access Point products, including two critical bugs that could result in unauthenticated command execution. The flaws affect Access Points running Instant AOS-8 and AOS-10 - AOS-10.4.x.x: 10.4.1.4 and below Instant AOS-8.12.x.x: 8.12.0.2 and below Instant AOS-8.10.x.

84
article thumbnail

I changed 5 ChatGPT settings and instantly became more productive - here's how

Zero Day

Customizing your ChatGPT experience with these simple tips makes every future AI conversation so much more productive.

107
107
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

The ROI of Security Investments: How Cybersecurity Leaders Prove It

The Hacker News

Cyber threats are intensifying, and cybersecurity has become critical to business operations. As security budgets grow, CEOs and boardrooms are demanding concrete evidence that cybersecurity initiatives deliver value beyond regulation compliance. Just like you wouldn’t buy a car without knowing it was first put through a crash test, security systems must also be validated to confirm their value.

article thumbnail

CVE-2024-11068 (CVSS 9.8): Critical D-Link DSL-6740C Flaw, Immediate Replacement Advised

Penetration Testing

TWCERT/CC has issued multiple security advisories for the D-Link DSL-6740C modem, revealing a range of severe vulnerabilities that could expose users to remote attacks. The modem, which is no longer... The post CVE-2024-11068 (CVSS 9.8): Critical D-Link DSL-6740C Flaw, Immediate Replacement Advised appeared first on Cybersecurity News.

article thumbnail

New GootLoader Campaign Targets Users Searching for Bengal Cat Laws in Australia

The Hacker News

In an unusually specific campaign, users searching about the legality of Bengal Cats in Australia are being targeted with the GootLoader malware. "In this case, we found the GootLoader actors using search results for information about a particular cat and a particular geography being used to deliver the payload: 'Are Bengal Cats legal in Australia?

Malware 80
article thumbnail

Ghostscript Update Patches Six Critical Vulnerabilities: Code Execution, Buffer Overflow, and Path Traversal Risks

Penetration Testing

Popular document rendering engine Ghostscript has released a critical security update addressing multiple vulnerabilities, some of which could lead to remote code execution. Ghostscript, a widely used interpreter for PostScript... The post Ghostscript Update Patches Six Critical Vulnerabilities: Code Execution, Buffer Overflow, and Path Traversal Risks appeared first on Cybersecurity News.

Risk 78
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Ubuntu Unity still has one of my favorite PC interfaces of all time

Zero Day

If you're looking for an efficient desktop, Unity is hard to beat, and there's an official spin ready to make your life a bit easier.

122
122
article thumbnail

Dell Enterprise SONIC OS Patches Critical Security Vulnerabilities

Penetration Testing

Dell has released security updates for its Enterprise SONIC operating system to address multiple vulnerabilities, including critical ones that could allow attackers to compromise affected systems. The vulnerabilities, identified as... The post Dell Enterprise SONIC OS Patches Critical Security Vulnerabilities appeared first on Cybersecurity News.

article thumbnail

This device proved to me that rugged smartphones can, in fact, have it all

Zero Day

This smartphone has a quad-core processor, a 20-day battery (on standby), and even a 100-megapixel camera!

98
article thumbnail

VPNs and Clouds: New Tools in the APT Arsenal, ESET Warns

Penetration Testing

ESET’s latest APT Activity Report for April through September 2024 offers new insights into the evolving tactics, targets, and geographical reach of state-aligned Advanced Persistent Threat (APT) groups. The report... The post VPNs and Clouds: New Tools in the APT Arsenal, ESET Warns appeared first on Cybersecurity News.

article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

The Open Source AI : Understanding the New Standard

Security Boulevard

Open Source AI Definition 1.0 marks a milestone in transparent and ethical AI development by providing clear guidelines for truly open source AI, bringing the proven benefits of open-source to AI technology. The post The Open Source AI : Understanding the New Standard appeared first on Security Boulevard.

article thumbnail

ChatGPT continues to dominate, but this Google AI tool is picking up steam fast

Zero Day

Though ChatGPT is enjoying the highest overall user growth among generative AI services, another AI tool has seen its traffic more than triple in recent weeks.

107
107
article thumbnail

Trojan Malware Delivered via ZIP Concatenation: A New Threat to Windows Users

Penetration Testing

Cybercriminals are always looking for new ways to bypass security defenses, and the latest tactic, as reported by Perception Point, involves using ZIP concatenation to deliver Trojan malware to Windows... The post Trojan Malware Delivered via ZIP Concatenation: A New Threat to Windows Users appeared first on Cybersecurity News.

Malware 70
article thumbnail

Want a programming job in 2024? Learning any language helps, but only one is essential

Zero Day

Every employment site agrees: Your dream programming job demands this language.

108
108
article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.

article thumbnail

SEO Poisoning: Unmasking the Malware Networks Behind Fake E-Commerce

Penetration Testing

In a joint study with Japanese authorities and universities, Trend Micro has exposed a web of SEO malware families orchestrating fake e-commerce scams targeting Japanese users. The study highlights a... The post SEO Poisoning: Unmasking the Malware Networks Behind Fake E-Commerce appeared first on Cybersecurity News.

Malware 70
article thumbnail

The best microSD cards of 2024: Expert tested

Zero Day

I went hands-on with the best microSD cards from SanDisk, Lexar, ProGrade, and more to help you pick the right storage option based on your recording needs.

81
article thumbnail

DEF CON 32 – Outlook Unleashing RCE Chaos CVE 2024 30103

Security Boulevard

Authors/Presenters: Michael Gorelik, Arnold Osipov Our sincere appreciation to DEF CON , and the Presenters/Authors for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center ; and via the organizations YouTube channel. Permalink The post DEF CON 32 – Outlook Unleashing RCE Chaos CVE 2024 30103 appeared first on Security Boulevard.

article thumbnail

How to apply for the grant scheme to improve SME cybersecurity

BH Consulting

Irish small and medium enterprises selling internationally can avail of a grant scheme to review and update their cybersecurity. The Cyber Security Review Grant scheme subsidises both the cost of an initial assessment and subsequent remediation plan. Here’s how the process works: companies taking part must be clients of Enterprise Ireland, the Government’s agency that supports Irish businesses to development and grow.

article thumbnail

Enhance Innovation and Governance Through the Cloud Development Maturity Model

Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.