Troy Hunt

NOVEMBER 16, 2024

I have absolutely no problem at all talking about the code I've screwed up. Perhaps that's partly because after 3 decades of writing software (and doing some meaningful stuff along the way), I'm not particularly concerned about showing my weaknesses. And this week, I screwed up a bunch of stuff; database queries that weren't resilient to SQL database scale changes, partially completed breach notifications I didn't notice until it was too late to easily fix, and some quer

Software 218

Software 218

Security Affairs

NOVEMBER 16, 2024

Palo Alto Networks confirmed active exploitation of a zero-day in its PAN-OS firewall and released new indicators of compromise (IoCs). Last week, Palo Alto Networks warned customers to limit access to their next-gen firewall management interface due to a potential remote code execution vulnerability (CVSSv4.0 Base Score: 9.3) in PAN-OS. The cybersecurity company had no further details on the vulnerability and was not aware of the active exploitation of the flaw.

Firewall 133

Firewall Internet Internet VPN 133

The Hacker News

NOVEMBER 16, 2024

Palo Alto Networks has released new indicators of compromise (IoCs) a day after the network security vendor confirmed that a new zero-day vulnerability impacting its PAN-OS firewall management interface has been actively exploited in the wild.

Firewall 143

Firewall Network Security 143

Penetration Testing

NOVEMBER 16, 2024

A high-severity vulnerability in WP Time Capsule, a popular WordPress backup plugin, has left over 20,000 websites vulnerable to complete takeover. Discovered by security researcher Rein Daelman, the flaw (CVE-2024-8856)... The post CVE-2024-8856: WP Time Capsule Plugin Vulnerability Exposes 20,000+ Sites to TakeOver appeared first on Cybersecurity News.

Backups 109

Backups Cybersecurity 109

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Security Affairs

NOVEMBER 16, 2024

Court filing revealed that NSO Group used WhatsApp exploits after the instant messaging firm sued the surveillance company. NSO Group developed malware that relied on WhatsApp exploits to infect target individuals even after the Meta-owned instant messaging company sued the surveillance firm. “As a threshold matter, NSO admits that it developed and sold the spyware described in the Complaint, and that NSO’s spyware—specifically its zero-click installation vector called “Eden,” which was pa

Spyware 125

Spyware Surveillance Malware Hacking 125

WIRED Threat Level

NOVEMBER 16, 2024

Plus: An “AI granny” is wasting scammers’ time, a lawsuit goes after spyware-maker NSO Group’s executives, and North Korea–linked hackers take a crack at macOS malware.

Spyware 120

Spyware Malware Hacking 120

Penetration Testing

NOVEMBER 16, 2024

A vulnerability in the popular workflow management platform Apache Airflow could inadvertently expose sensitive configuration data, potentially compromising system security. The flaw, tracked as CVE-2024-45784 and assigned a CVSS score... The post CVE-2024-45784: Apache Airflow Vulnerability Exposes Sensitive Data in Logs appeared first on Cybersecurity News.

Cybersecurity 88

Cybersecurity 88

Zero Day

NOVEMBER 16, 2024

Bigger than a power bank, smaller than a power station, this is the perfect choice for those wanting AC power when out and about.

Banking 98

Banking 98

Penetration Testing

NOVEMBER 16, 2024

Perception Point’s latest findings have uncovered an advanced two-step phishing technique exploiting Microsoft Visio files (.vsdx) and SharePoint to launch highly deceptive credential theft campaigns. Traditionally used for professional diagrams... The post Two-Step Phishing Technique Leveraging Microsoft Visio Files Exposed by Researchers appeared first on Cybersecurity News.

Phishing 73

Phishing Cybersecurity 73

Zero Day

NOVEMBER 16, 2024

The latest Bose QuietComfort Earbuds boast powerful noise cancellation, a 30-hour battery life, and remarkable audio output.

97

97

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Security Boulevard

NOVEMBER 16, 2024

Despite advances in security technology, cybersecurity attacks and data breaches are increasingly common as attackers keep discovering new vulnerabilities and infiltration methods. Organizations now understand that a cyberattack or data breach is often inevitable—it’s typically a question of when, not if. The positive side is that cybersecurity crisis management plans can help businesses prepare effectively […] The post Cyber Crisis Management Plan: Shield for Brand Reputation appeared first on

Data breaches 64

Data breaches Technology Cybersecurity Risk 64

Zero Day

NOVEMBER 16, 2024

The Auskang 5,000mAh power bank is only about as thick as a few credit cards, but it has enough power to reliably charge your smartphone or other USB-C device.

Banking 97

Banking 97

Hacker's King

NOVEMBER 16, 2024

As vehicles become smarter and more connected, the risk of cyberattacks increases. A concerning vulnerability has been discovered in Kia cars, where hackers could potentially gain remote control of a vehicle using just its license plate number. This issue highlights a growing security threat in the automotive industry as more cars incorporate telematics, keyless entry, and remote-start features.

Hacking 52

Hacking Mobile Encryption Authentication 52

Zero Day

NOVEMBER 16, 2024

Save $80 on this brilliant DeWalt power tool kit -- the perfect for DIY beginners and tradespeople.

97

97

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Security Boulevard

NOVEMBER 16, 2024

Authors/Presenters: Michael Torres Our sincere appreciation to DEF CON , and the Presenters/Authors for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center ; and via the organizations YouTube channel. Permalink The post DEF CON 32 – Sudos And Sudon’ts: Peering Inside Sudo For Windows appeared first on Security Boulevard.

Education 59

Education Cybersecurity 59

Zero Day

NOVEMBER 16, 2024

Lenovo is well known for making innovative, reliable devices. But with an extensive catalog of products, it can be hard to find the right one. Here are the best Lenovo laptops we've tested.

85

85

Security Affairs

NOVEMBER 16, 2024

A botnet employed in DDoS or cryptomining attacks is exploiting a zero-day in end-of-life GeoVision devices to grow up. Researchers at the Shadowserver Foundation observed a botnet exploiting a zero-day in GeoVision EOL (end-of-Life) devices to compromise devices in the wild. The GeoVision zero-day, tracked as CVE-2024-11120 (CVSS 9.8), is a pre-auth command injection vulnerability that was discovered by Shadowserver Foundation and verified with the help of TWCERT.

DDOS 136

DDOS Internet Internet Hacking 136

Zero Day

NOVEMBER 16, 2024

We tested and researched the best mini PCs from Intel, Apple, and more that pack strong computing features into a small package.

85

85

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Zero Day

NOVEMBER 16, 2024

Code faster and work smarter with a Microsoft Visual Studio Professional 2022 license, now on sale for 94% off.

81

81

Zero Day

NOVEMBER 16, 2024

The Bluetti AC180 delivers up to 1800W of output, with 11 ports for ultimate flexibility.

75

75

Zero Day

NOVEMBER 16, 2024

Apple won't add a thermal camera to the iPhone, but now you can!

75

75

Zero Day

NOVEMBER 16, 2024

Get an annual BJ's Wholesale Club membership for 63% off right now to save on groceries, gas, household items, and more.

75

75

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity

Zero Day

NOVEMBER 16, 2024

The fast USB-C charging is great, but the cable's layout makes the Anker Nano Power Bank a mainstay in my everyday carry. And it's currently on sale for $32 on Amazon.

Banking 75

Banking 75

Zero Day

NOVEMBER 16, 2024

This deal gets you an annual Sam's Club membership for 50% off, so you can save even more ahead of the holidays.

75

75

Zero Day

NOVEMBER 16, 2024

The Baseus Nomos 5-in-1 charging station is a desktop powerhouse that is perfect for use at home or on the go. Just look at it!

75

75

Zero Day

NOVEMBER 16, 2024

This top-rated electric screwdriver has served me well for over a year. And you can buy the Hoto Rechargeable Electric Screwdriver for $42 on Amazon.

75

75

Advertisement

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

Zero Day

NOVEMBER 16, 2024

This Jackery portable power station is a fantastic entry-level model for camping and RV trips, or for emergencies and power outages.

75

75

Zero Day

NOVEMBER 16, 2024

The Hisense 50-inch Class R6 Series 4K TV is a top seller at Walmart for good reason: it's currently selling for nearly 50% off.

74

74

Zero Day

NOVEMBER 16, 2024

The Bluetti AC70 is portable and delivers enough power for your basic energy-intensive devices.

74

74

Zero Day

NOVEMBER 16, 2024

The Vtoman FlashSpeed 1500 is a portable power station with tons of power and thoughtful design. Its fast-charging feature is one of the best I've seen.

52

52

Advertisement

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.

Cybersecurity