Fri.Mar 15, 2024

article thumbnail

Improving C++

Schneier on Security

C++ guru Herb Sutter writes about how we can improve the programming language for better security. The immediate problem “is” that it’s Too Easy By Default™ to write security and safety vulnerabilities in C++ that would have been caught by stricter enforcement of known rules for type, bounds, initialization , and lifetime language safety.

Software 299
article thumbnail

5 Best VPNs for Travel in 2024 (Free & Paid VPNs)

Tech Republic Security

What’s the best VPN to use when traveling? Our in-depth guide helps you understand what to look for in a VPN and find the best solution for your needs.

VPN 186
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

attackgen: A cybersecurity incident response testing tool

Penetration Testing

AttackGen AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE ATT&CK framework. The tool generates tailored incident response scenarios based on user-selected threat... The post attackgen: A cybersecurity incident response testing tool appeared first on Penetration Testing.

article thumbnail

MFA vs 2FA: Which Is Best for Your Business?

Tech Republic Security

Learn the key differences between multi-factor authentication (MFA) and two-factor authentication (2FA) and find out which one is best for your business needs.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Third-Party ChatGPT Plugins Could Lead to Account Takeovers

The Hacker News

Cybersecurity researchers have found that third-party plugins available for OpenAI ChatGPT could act as a new attack surface for threat actors looking to gain unauthorized access to sensitive data.

article thumbnail

Sophos: Cyber Security Professional Burnout Is Widespread, Creating Risk for APAC Organisations

Tech Republic Security

Burnout and fatigue among cyber professionals are leading to flow-on consequences like more data breaches, employee apathy to cyber duties and turnover of cyber workforces during a skills crisis.

More Trending

article thumbnail

6 Best VPNs for Gaming in 2024

Tech Republic Security

Here are the top VPNs for gaming. They offer fast speeds, reliable connections and enhanced security to enhance your gaming experience.

VPN 149
article thumbnail

Google Introduces Enhanced Real-Time URL Protection for Chrome Users

The Hacker News

Google on Thursday announced an enhanced version of Safe Browsing to provide real-time, privacy-preserving URL protection and safeguard users from visiting potentially malicious sites. “The Standard protection mode for Chrome on desktop and iOS will check sites against Google’s server-side list of known bad sites in real-time,” Google’s Jonathan Li and Jasika Bawa said.

145
145
article thumbnail

UK Defence Secretary jet hit by an electronic warfare attack in Poland

Security Affairs

Russian hackers have knocked down the GPS and communications of Defence Secretary Grant Shapps RAF Dassault Falcon 900 jet with electronic warfare attack. Defence Secretary Grant Shapps RAF Dassault Falcon 900 jet flew from Poland, where he visited British troops in Steadfast Defender, to the UK. The UK defence chief confirmed the complete support of his country for Ukraine.

Hacking 141
article thumbnail

Former telecom manager admits to doing SIM swaps for $1,000

Bleeping Computer

A former manager at a telecommunications company in New Jersey pleaded guilty to conspiracy charges for accepting money to perform unauthorized SIM swaps that enabled an accomplice to hack customer accounts. [.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Moldovan citizen sentenced in connection with the E-Root cybercrime marketplace case

Security Affairs

US DoJ sentenced a Moldovan national (31) to 42 months in federal prison for operating the E-Root cybercrime marketplace. U.S. District Court sentenced the Moldovan national (31) Sandu Boris Diaconu to 42 months in federal prison for conspiracy to commit access device and computer fraud and possession of 15 or more unauthorized access devices. Diaconu was operating the E-Root cybercrime marketplace.

article thumbnail

McDonald's IT systems outage impacts restaurants worldwide

Bleeping Computer

McDonald's restaurants are suffering global IT outages that prevent employees from taking orders and accepting payments, causing some stores to close for the day. [.

article thumbnail

Microsoft Preps AI-Based Copilot for Security for April 1 Release

Security Boulevard

Microsoft for more than a year has been infusing generative AI capabilities throughout much of its product and services portfolio – such as Microsoft 365 and Bing – through its Copilot initiative, an effort to help enterprise IT administrators, developers, and other users to get the benefits of the emerging technology in their work. Come. The post Microsoft Preps AI-Based Copilot for Security for April 1 Release appeared first on Security Boulevard.

article thumbnail

Shelter: ROP-based sleep obfuscation to evade memory scanners

Penetration Testing

Shelter Shelter is a completely weaponized sleep obfuscation technique that allows you to fully encrypt your in-memory payload making extensive use of ROP. This crate comes with the following characteristics: AES-128 encryption. Whole PE... The post Shelter: ROP-based sleep obfuscation to evade memory scanners appeared first on Penetration Testing.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

McDonald's: Global outage was caused by "configuration change"

Bleeping Computer

McDonald's has blamed a third-party service provider's configuration change, not a cyberattack, for the global outage that forced many of its fast-food restaurants to close. [.

article thumbnail

French Gov. Leaks 43 Million People’s Data — ‘France Travail’ Says Sorry

Security Boulevard

La grande cybermalveillance: French government’s employment agency loses control of citizens’ data after biggest breach in Gallic history. The post French Gov. Leaks 43 Million People’s Data — ‘France Travail’ Says Sorry appeared first on Security Boulevard.

article thumbnail

Ransomware’s appetite for US healthcare sees known attacks double in a year

Malwarebytes

Following the February 21 attack on Change Healthcare , scores of people in the US have been living with the brutal, real-world effects of ransomware. Described by the American Hospital Association (AHA) President and CEO Rick Pollack as “the most significant and consequential incident of its kind against the US health care system in history,” the attack has stopped billions of dollars in payments flowing between doctors, hospitals, pharmacies and insurers.

article thumbnail

Sinking Section 702 Wiretap Program Offered One Last Lifeboat

WIRED Threat Level

For months, US lawmakers have examined every side of a historic surveillance debate. With the introduction of the SAFE Act, all that's left to do now is vote.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Top 10 Cybersecurity Assessment Companies in 2024

Security Boulevard

The world of cybersecurity is a constant battle against evolving threats. In 2024, several companies are standing out for their innovative solutions in different security domains. This year, the cybersecurity market is expected to grow by $300 billion by 2024. Utilizing cyber security assessments is crucial for maintaining the security of assets, and this blog […] The post Top 10 Cybersecurity Assessment Companies in 2024 appeared first on Kratikal Blogs.

article thumbnail

ShadowSyndicate Ransomware Gang Targets aiohttp CVE-2024-23334 Flaw: Patch Now!

Penetration Testing

A recently patched vulnerability in the popular Python web framework aiohttp has swiftly landed on the radar of notorious ransomware operators, according to a report from Cyble Global Sensor Intelligence (CGSI). The flaw, tracked... The post ShadowSyndicate Ransomware Gang Targets aiohttp CVE-2024-23334 Flaw: Patch Now! appeared first on Penetration Testing.

article thumbnail

Think CEOs Are Not Liable for Cyber Risk….Think Again

Security Boulevard

The Cybersecurity and Infrastructure Security Agency (CISA) recently released its new Secure Software Development Attestation Form. The announcement indicates an ongoing trend placing the cybersecurity onus on software vendors and their organization’s leadership, specifically their CEOs. This mandate is much more than a compliance checkbox. It’s a call to CEOs to foster a security culture […] The post Think CEOs Are Not Liable for Cyber Risk….Think Again appeared first on OX Security.

article thumbnail

linWinPwn: Swiss-Army knife for Active Directory Pentesting using Linux

Penetration Testing

linWinPwn linWinPwn is a bash script that wraps many Active Directory tools for enumeration (LDAP, RPC, ADCS, MSSQL, Kerberos), vulnerability checks (noPac, ZeroLogon, MS17-010, MS14-068), object modifications (password change, add user to a group,... The post linWinPwn: Swiss-Army knife for Active Directory Pentesting using Linux appeared first on Penetration Testing.

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

From foodie to firewall: Kyser Clark's rise to senior penetration tester

Hack the Box

When Kyser started his career in food production, he didn’t know he’d end up working as a senior penetration tester! Learn all about his cybersecurity career journey.

Firewall 111
article thumbnail

FBI IC3 Report Highlights BEC, Ransomware

Digital Shadows

Get insights from the FBI's Internet Crime Report and our research, learn cybercrime trends' impact, and how to protect your organization.

article thumbnail

Microsoft announces Office LTSC 2024 preview starting next month

Bleeping Computer

Microsoft announced that Office LTSC 2024, the next Office LTSC release, will enter a commercial preview phase starting next month and will be generally available later this year. [.

110
110
article thumbnail

HackerGPT 2.0 Unveils New AI Cyber Defense Strategies

eSecurity Planet

HackerGPT, first launched in 2023, is a ChatGPT-powered tool that merges AI technology with cybersecurity-focused expertise. Now, with the beta release of HackerGPT 2.0 in February 2024, it serves as an extensive repository of hacking tools and techniques to actively assist users in managing complex cybersecurity protection strategies. It uses advanced natural language processing to provide insights into both offensive and defensive cyber activities.

Mobile 110
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

International Monetary Fund email accounts hacked in cyberattack

Bleeping Computer

The International Monetary Fund (IMF) disclosed a cyber incident on Friday after unknown attackers breached 11 IMF email accounts earlier this year. [.

article thumbnail

Crypto Phishing Kit Impersonating Login Pages: Stay Informed

Security Boulevard

In the ever-evolving landscape of cybersecurity, a fresh menace has emerged, targeting crypto enthusiasts through a sophisticated phishing kit. This crypto phishing kit, part of an elaborate attack scheme dubbed CryptoChameleon, is strategically engineered to focus on mobile devices, raising concerns about the security of cryptocurrency services. Learning how to avoid crypto phishing is crucial […] The post Crypto Phishing Kit Impersonating Login Pages: Stay Informed appeared first on TuxCare.

Phishing 105
article thumbnail

Scareware scam: Restoro and Reimage fined $26 million by FTC

Graham Cluley

Two firms have been fined $26 million by the US Federal Trade Commission (FTC) for scaring consumers into believing their computers were infected by malware. Read more in my article on the Hot for Security blog.

Scams 103
article thumbnail

Strengthening Trust in Your Brand With Better Communication and Monitoring

Security Boulevard

Brand impersonation and suboptimal experiences can diminish or eliminate your customers’ trust, especially if they lose money to fraud. The post Strengthening Trust in Your Brand With Better Communication and Monitoring appeared first on Security Boulevard.

article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.