Troy Hunt

MAY 19, 2024

This is the 400th time I've sat down in front of the camera and done one of these videos. Every single week since the 23rd of September in 2016 regardless of location, health, stress and all sorts of other crazy things that have gone on in my life for nearly the last 8 years now, I've done a video. As with so many of the things I create, these are as much for me as they are for you; doing these videos every week has given me a regular cadence amidst some pretty crazy times.

Data breaches 233

Data breaches 233

Lohrman on Security

MAY 19, 2024

The dramatic growth in GenAI and AI adoption is bringing increased demand for energy to power data centers. Where is this heading? How can we navigate a sustainable energy future with exploding technology usage?

Technology 217

Technology 217

Penetration Testing

MAY 19, 2024

Security researcher Amal Murali recently published the technical details and proof-of-concept (PoC) for critical remote code execution (RCE) vulnerability in Git, tracked as CVE-2024-32002 (CVSS 9.1). This vulnerability could be exploited during the routine... The post Critical Git Vulnerability CVE-2024-32002: Researcher Unveils RCE Exploit with PoC appeared first on Penetration Testing.

Penetration Testing 145

Penetration Testing 145

Bleeping Computer

MAY 19, 2024

The American Radio Relay League (ARRL) warns it suffered a cyberattack, which disrupted its IT systems and online operations, including email and the Logbook of the World. [.

134

134

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Penetration Testing

MAY 19, 2024

A proof-of-concept (PoC) exploit code for a recently patched zero-day CVE-2024-4947 vulnerability in Google Chrome has surfaced, making it crucial for users to immediately update their browsers to the latest versions. Last week, Google... The post PoC Exploit Published for Chrome 0-day CVE-2024-4947 Vulnerability appeared first on Penetration Testing.

Penetration Testing 141

Penetration Testing 141

Bleeping Computer

MAY 19, 2024

Since Google enabled its AI-powered search feature, many people have tried and failed to disable the often incorrect AI Overviews feature in regular search results. However, there are ways to turn it off using a new "Web" search mode, which we explain in this article. [.

Artificial Intelligence 131

Artificial Intelligence Technology 131

The Hacker News

MAY 19, 2024

The threat actors behind the Windows-based Grandoreiro banking trojan have returned in a global campaign since March 2024 following a law enforcement takedown in January.

Banking 126

Banking Phishing Malware 126

Security Affairs

MAY 19, 2024

WebTPA, a third-party administrator that provides healthcare management and administrative services, disclosed a data breach. WebTPA is a third-party administrator that provides healthcare management and administrative services. The US company disclosed a data breach that impacted almost 2.5 million people. According to the report sent by the WebTPA to the U.S.

Data breaches 137

Data breaches Healthcare Insurance Identity Theft 137

The Hacker News

MAY 19, 2024

The U.S. Department of Justice (DoJ) has charged two arrested Chinese nationals for allegedly orchestrating a pig butchering scam that laundered at least $73 million from victims through shell companies. The individuals, Daren Li, 41, and Yicheng Zhang, 38, were arrested in Atlanta and Los Angeles on April 12 and May 16, respectively.

Scams 121

Scams 121

Security Affairs

MAY 19, 2024

A new Grandoreiro banking trojan campaign has been ongoing since March 2024, following the disruption by law enforcement in January. IBM X-Force warns of a new Grandoreiro banking trojan campaign that has been ongoing since March 2024. Operators behind the Grandoreiro banking trojan have resumed operations following a law enforcement takedown in January.

Banking 133

Banking Malware Antivirus Accountability 133

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Bleeping Computer

MAY 19, 2024

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added three security vulnerabilities to its 'Known Exploited Vulnerabilities' catalog, one impacting Google Chrome and two affecting some D-Link routers. [.

Cybersecurity 117

Cybersecurity 117

The Hacker News

MAY 19, 2024

Cybersecurity researchers have observed a spike in email phishing campaigns starting early March 2024 that delivers Latrodectus, a nascent malware loader believed to be the successor to the IcedID malware. "These campaigns typically involve a recognizable infection chain involving oversized JavaScript files that utilize WMI's ability to invoke msiexec.

Phishing 119

Phishing Malware Cybersecurity 119

Security Affairs

MAY 19, 2024

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. North Korea-linked IT workers infiltrated hundreds of US firms Turla APT used two new backdoors to infiltrate a European ministry of foreign affairs City of Wichita disclosed a data breach after the recent ransomware attack CISA adds D-Link DIR ro

Artificial Intelligence 119

Artificial Intelligence Data breaches Ransomware Hacking 119

Tech Republic Security

MAY 19, 2024

Antivirus software is critical to ensure information security of organizational networks and resources. By establishing an antivirus policy, organizations can quickly identify and address malware and virus threats, as well as detect and appropriately respond to incidents. The purpose of this Antivirus Policy, written by Madeline Clarke for TechRepublic Premium, is to provide guidelines for.

Antivirus 88

Antivirus Information Security Malware Software 88

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Penetration Testing

MAY 19, 2024

Grav, a popular open-source content management system (CMS) known for its speed and flexibility, has a critical security flaw that could expose websites to malicious account takeovers and unauthorized access to sensitive files. The... The post CVE-2024-34082: Grav CMS Vulnerability Opens Door to Account Takeovers appeared first on Penetration Testing.

Accountability 77

Accountability Penetration Testing 77

Security Boulevard

MAY 19, 2024

In episode 330 Tom, Scott, and Kevin discuss the new features for iPhones and Android phones designed to warn users about secret trackers, possibly aiding in identifying stalkers. The hosts discuss Apple and Google’s collaboration on a technology called DOLT (Detecting Unwanted Location Trackers), aiming to improve user privacy by detecting Bluetooth trackers like Tiles […] The post New Tracker Warning Features on iPhones & Androids, 2024 Verizon Data Breach Investigations Report appeared fi

Data breaches 64

Data breaches Technology Social Engineering Data privacy 64

Penetration Testing

MAY 19, 2024

A recent analysis by S-RM, a global cybersecurity consultancy, has shed light on the escalating sophistication of the Akira ransomware group. The group, known for targeting small and medium-sized businesses, has adopted a novel... The post Akira Ransomware Now Uses APT-Style Tactics to Breach Corporate Networks appeared first on Penetration Testing.

Penetration Testing 68

Penetration Testing Ransomware Cybersecurity Backups 68

Security Boulevard

MAY 19, 2024

We're thrilled to announce that Scytale will support ISO 42001, the cornerstone framework for AI compliance standards. The post Scytale to Support ISO 42001, Ensuring Companies Sail Smoothly into AI Compliance appeared first on Scytale. The post Scytale to Support ISO 42001, Ensuring Companies Sail Smoothly into AI Compliance appeared first on Security Boulevard.

59

59

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity

Penetration Testing

MAY 19, 2024

Symantec’s Threat Hunter Team has revealed a concerning development in the cyber espionage landscape: the North Korean state-sponsored group Springtail (also known as Kimsuky) has added a new Linux backdoor, dubbed Gomir, to its... The post North Korean Espionage Group Springtail Unveils New Linux Backdoor in Escalating Cyber Campaign appeared first on Penetration Testing.

Penetration Testing 65

Penetration Testing Malware 65

Security Boulevard

MAY 19, 2024

Authors/Presenters: Deepak Sirone Jegan, Liang Wang, Siddhant Bhagat, Michael Swift Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott ; and via the organizations YouTube channel.

Network Security 59

Network Security 59

Penetration Testing

MAY 19, 2024

Cybersecurity researchers at Elastic Security Labs have issued a warning about the increasing prominence of LATRODECTUS, a malware loader exhibiting concerning similarities to the notorious ICEDID family. Their comprehensive analysis reveals a surge in... The post LATRODECTUS Malware Loader: Threat Poised to Replace ICEDID appeared first on Penetration Testing.

Malware 55

Malware Penetration Testing Cybersecurity 55

Security Boulevard

MAY 19, 2024

The dramatic growth in GenAI and AI adoption is bringing increased demand for energy to power data centers. Where is this heading? How can we navigate a sustainable energy future with exploding technology usage? The post AI’s Energy Appetite: Challenges for Our Future Electricity Supply appeared first on Security Boulevard.

Technology 49

Technology 49

Advertisement

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

Penetration Testing

MAY 19, 2024

AhnLab Security Intelligence Center (ASEC) has uncovered a new tactic employed by the notorious ViperSoftX malware. The latest analysis reveals that attackers are now utilizing Tesseract, an open-source Optical Character Recognition (OCR) engine, to... The post ViperSoftX Leverages Deep Learning with Tesseract to Exfiltrate Sensitive Information appeared first on Penetration Testing.

Penetration Testing 47

Penetration Testing Security Intelligence Engineering Malware 47