Sun.Apr 14, 2024

article thumbnail

Upcoming Speaking Engagements

Schneier on Security

This is a current list of where and when I am scheduled to speak: I’m speaking twice at RSA Conference 2024 in San Francisco. I’ll be on a panel on software liability on May 6, 2024 at 8:30 AM, and I’m giving a keynote on AI and democracy on May 7, 2024 at 2:25 PM. The list is maintained on this page.

Software 256
article thumbnail

Weekly Update 395

Troy Hunt

Data breach verification: that seems like a good place to start given the discussion in this week's video about Accor. Watch the vid for the whole thing but in summary, data allegedly taken from Accor was published to a popular hacking forum and the headlines inevitably followed. However, per that story: Cybernews couldn’t confirm the authenticity of the data.

Retail 238
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Deciphering Metrics: From NCAA Women’s Basketball to Cyber Trends

Lohrman on Security

Iowa’s Caitlin Clark clearly propelled NCAA women’s basketball viewership. But what do past numbers teach us about future expectations — in both basketball and cyber metrics?

180
180
article thumbnail

Critical PHP Vulnerabilities Patched: Update Immediately to Mitigate Attacks

Penetration Testing

The PHP development team has released urgent security patches for multiple vulnerabilities affecting versions 8.1.28, 8.2.18, and 8.3.6. These vulnerabilities, ranging from critical command injection flaws to potential account compromises, require immediate attention from... The post Critical PHP Vulnerabilities Patched: Update Immediately to Mitigate Attacks appeared first on Penetration Testing.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

U.S. and Australian police arrested Firebird RAT author and operator

Security Affairs

A joint investigation conducted by U.S. and Australian authorities led to the arrest of two key figures behind the Firebird RAT operation. A joint law enforcement operation conducted by the Australian Federal Police (AFP) and the FBI resulted in the arrest and charging of two individuals suspected of creating and selling the Firebird RAT, which was later renamed as Hive.

article thumbnail

Popular Text Editor Notepad++ Compromised in “WikiLoader” Malware Attack

Penetration Testing

A sophisticated malware campaign targeting the widely-used Notepad++ text editor has been uncovered by security researchers at AhnLab Security Emergency Response Center (ASEC). Dubbed “WikiLoader,” this attack demonstrates the alarming ingenuity of modern threat... The post Popular Text Editor Notepad++ Compromised in “WikiLoader” Malware Attack appeared first on Penetration Testing.

Malware 111

More Trending

article thumbnail

Espionage Campaign Returns: LightSpy Targets Southern Asia

Penetration Testing

The resurgence of the LightSpy mobile spyware campaign poses a renewed and alarming threat to individuals and organizations in Southern Asia, particularly those potentially connected to India. This sophisticated espionage toolkit, analyzed by the... The post Espionage Campaign Returns: LightSpy Targets Southern Asia appeared first on Penetration Testing.

article thumbnail

OpenTable won't add first names, photos to old reviews after backlash

Bleeping Computer

OpenTable has reversed its decision to show members' first names and profile pictures in past anonymous reviews after receiving backlash from members who felt it was a breach of privacy. [.

99
article thumbnail

Roku Experiences Second Data Breach Incident Affecting Over Half a Million Accounts

Penetration Testing

Streaming giant Roku has publicly acknowledged a second data breach incident impacting approximately 576,000 user accounts. This follows an initial breach in March 2024, compromising approximately 15,000 accounts. Credential Stuffing Remains the Prime Suspect... The post Roku Experiences Second Data Breach Incident Affecting Over Half a Million Accounts appeared first on Penetration Testing.

article thumbnail

Medium bans AI-generated content from its paid Partner Program

Bleeping Computer

Medium is banning AI-generated content from its paid Partner program, notifying users that the new policy goes into effect on May 1, 2024. [.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

PurpleLab: Revolutionizing Cybersecurity Testing with Speed and Simplicity

Penetration Testing

What is PurpleLab? This solution will allow you to easily deploy an entire lab to create/test your detection rules, simulate logs, play tests, download and run malware and mitre attack techniques, restore the sandbox,... The post PurpleLab: Revolutionizing Cybersecurity Testing with Speed and Simplicity appeared first on Penetration Testing.

article thumbnail

Linux Backdoor Infection Scare, Massive Social Security Number Heist

Security Boulevard

In episode 325, Tom and Kevin discuss a significant backdoor threat that nearly compromised Linux systems globally, stemming from an infiltration into an open-source project called XZ Utils by attackers who gained commit access and inserted a backdoor. The episode further delves into a cybersecurity incident where hackers stole 340,000 social security numbers from a […] The post Linux Backdoor Infection Scare, Massive Social Security Number Heist appeared first on Shared Security Podcast.

article thumbnail

Canadian retail chain Giant Tiger data breach may have impacted millions of customers

Security Affairs

A threat actor claimed the hack of the Canadian retail chain Giant Tiger and leaked 2.8 million records on a hacker forum. A threat actor, who goes online with the moniker ShopifyGUY, claimed responsibility for hacking the Canadian retail chain Giant Tiger and leaked 2.8 million records on a hacker forum. Giant Tiger is a Canadian discount store chain that operates over 260 stores across Canada.

Retail 143
article thumbnail

Deciphering Metrics: From NCAA Women’s Basketball to Cyber Trends

Security Boulevard

Iowa’s Caitlin Clark clearly propelled NCAA women’s basketball viewership. But what do past numbers teach us about future expectations — in both basketball and cyber metrics? The post Deciphering Metrics: From NCAA Women’s Basketball to Cyber Trends appeared first on Security Boulevard.

64
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

USENIX Security ’23 – How to Bind Anonymous Credentials to Humans

Security Boulevard

Authors/Presenters: *Julia Hesse, Nitin Singh, Alessandro Sorniotti* Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott ; and via the organizations YouTube channel. Permalink The post USENIX Security ’23 – How to Bind Anonymous Credentials to Humans appeared first on Security Boulevard.

article thumbnail

Scale Your Security with vCISO as a Service

Security Boulevard

Businesses of all sizes, from startups to established organizations, need robust cybersecurity measures to protect their data and infrastructure. However, building a best-in-class security program can be a challenge, especially for companies with limited resources or expertise. This is where […] The post Scale Your Security with vCISO as a Service appeared first on WeSecureApp :: Simplifying Enterprise Security.