Sat.Jul 01, 2023 - Fri.Jul 07, 2023

article thumbnail

Self-Driving Cars Are Surveillance Cameras on Wheels

Schneier on Security

Police are already using self-driving car footage as video evidence: While security cameras are commonplace in American cities, self-driving cars represent a new level of access for law enforcement ­ and a new method for encroachment on privacy, advocates say. Crisscrossing the city on their routes, self-driving cars capture a wider swath of footage.

article thumbnail

Who’s Behind the DomainNetworks Snail Mail Scam?

Krebs on Security

If you’ve ever owned a domain name, the chances are good that at some point you’ve received a snail mail letter which appears to be a bill for a domain or website-related services. In reality, these misleading missives try to trick people into paying for useless services they never ordered, don’t need, and probably will never receive.

Scams 276
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

News Alert: Nuvoton underscores its commitment to 8-bit MCU production sustainability

The Last Watchdog

Hsinchu, Taiwan – July 6, 2023 – Nuvoton Technology, one of the world’s leading suppliers of microcontrollers, has proudly launched its MUG51 8-bit MCU series of low power microcontrollers designed for battery-free devices. Nuvoton is committed to sustainable 8-bit MCU production and product longevity to ensure a reliable supply, giving customers the confidence to commit to long-term products, platforms, and projects.

article thumbnail

Weekly Update 354

Troy Hunt

I'm in Thailand! It's spectacular here, and even more so since recording this video and getting out of Bangkok and into the sorts of natural beauty you see in all the videos. Speaking of which, rather than writing more here (whilst metres away from the most amazing scenery), I'm going to push the publish button on this week's video and go enjoy it.

Software 244
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

The AI Dividend

Schneier on Security

For four decades, Alaskans have opened their mailboxes to find checks waiting for them, their cut of the black gold beneath their feet. This is Alaska’s Permanent Fund, funded by the state’s oil revenues and paid to every Alaskan each year. We’re now in a different sort of resource rush, with companies peddling bits instead of oil: generative AI.

article thumbnail

New Malware Targets 97 Browser Variants, 76 Crypto Wallets & 19 Password Managers

Tech Republic Security

Learn how the Meduza Stealer malware works, what it targets and how to protect your company from this cybersecurity threat. The post New Malware Targets 97 Browser Variants, 76 Crypto Wallets & 19 Password Managers appeared first on TechRepublic.

More Trending

article thumbnail

Weekly Update 355

Troy Hunt

Alrighty, "The Social Media" Without adding too much here as I think it's adequately covered in the video, since last week we've had another change at Twitter that has gotten some people cranky (rate limits) and another social media platform to jump onto (Threads). I do wonder how impactful the 1k tweet view limit per day is for most people (I have no idea how many I usually see, I just know I've never hit the limit yet), and as I say in the video, I find it increasingly h

Media 202
article thumbnail

Class-Action Lawsuit for Scraping Data without Permission

Schneier on Security

I have mixed feelings about this class-action lawsuit against OpenAI and Microsoft, claiming that it “scraped 300 billion words from the internet” without either registering as a data broker or obtaining consent. On the one hand, I want this to be a protected fair use of public data. On the other hand, I want us all to be compensated for our uniquely human ability to generate language.

Internet 264
article thumbnail

The Importance of Penetration Testing in Cloud Security

Tech Republic Security

Read about penetration testing in cloud security and its importance, details about how it's done and the most common threats to cloud security. The post The Importance of Penetration Testing in Cloud Security appeared first on TechRepublic.

article thumbnail

News Alert: Silent Signal discovers a critical vulnerability in IBM i System – CVE-2023-30990

The Last Watchdog

Budapest, Hungary, July 07, 2023 — Silent Signal, a leading technology provider of state-of-the-art ethical hacking services and solutions, discovered and reported a vulnerability to IBM, that has been confirmed and identified under CVE-2023-30990. The Remote Code Execution vulnerability permits unauthorized attackers to access the server, enabling perpetrators to infiltrate sensitive corporate assets and block ongoing business-critical services including the central server, database serve

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Microsoft Teams Exploit Tool Auto-Delivers Malware

Dark Reading

The "TeamsPhisher" cyberattack tool gives pentesters — and adversaries — a way to deliver malicious files directly to a Teams user from an external account, or tenant.

Malware 145
article thumbnail

Belgian Tax Hack

Schneier on Security

Here’s a fascinating tax hack from Belgium (listen to the details here , episode #484 of “No Such Thing as a Fish,” at 28:00). Basically, it’s about a music festival on the border between Belgium and Holland. The stage was in Holland, but the crowd was in Belgium. When the copyright collector came around, they argued that they didn’t have to pay any tax because the audience was in a different country.

Hacking 259
article thumbnail

Is Quantum Computing Right for Your Business?

Tech Republic Security

Learn about the benefits and use cases of quantum computing. Also, get details about quantum cryptography from an expert. The post Is Quantum Computing Right for Your Business? appeared first on TechRepublic.

Software 196
article thumbnail

Snappy: A tool to detect rogue WiFi access points on open networks

Bleeping Computer

Cybersecurity researchers have released a new tool called 'Snappy' that can help detect fake or rogue WiFi access points that attempts to steal data from unsuspecting people. [.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Researchers Uncover New Linux Kernel 'StackRot' Privilege Escalation Vulnerability

The Hacker News

Details have emerged about a newly identified security flaw in the Linux kernel that could allow a user to gain elevated privileges on a target host. Dubbed StackRot (CVE-2023-3269, CVSS score: 7.8), the flaw impacts Linux versions 6.1 through 6.4. There is no evidence that the shortcoming has been exploited in the wild to date.

144
144
article thumbnail

The Password Game

Schneier on Security

Amusing parody of password rules. BoingBoing : For example, at a certain level, your password must include today’s Wordle answer. And then there’s rule #27: “At least 50% of your password must be in the Wingdings font.

Passwords 216
article thumbnail

Thales: For Data Breaches, Cloud Assets are Biggest Cybersecurity Headache

Tech Republic Security

Thales cloud security study shows that 79% of organizations have more than one cloud provider and 75% of companies said they store at least 40% of their sensitive data in the cloud. The post Thales: For Data Breaches, Cloud Assets are Biggest Cybersecurity Headache appeared first on TechRepublic.

article thumbnail

Cisco warns of bug that lets attackers break traffic encryption

Bleeping Computer

Cisco warned customers today of a high-severity vulnerability impacting some data center switch models and allowing attackers to tamper with encrypted traffic. [.

article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

Iranian Hackers' Sophisticated Malware Targets Windows and macOS Users

The Hacker News

The Iranian nation-state actor known as TA453 has been linked to a new set of spear-phishing attacks that infect both Windows and macOS operating systems with malware. "TA453 eventually used a variety of cloud hosting providers to deliver a novel infection chain that deploys the newly identified PowerShell backdoor GorjolEcho," Proofpoint said in a new report.

Malware 141
article thumbnail

Free Akira ransomware decryptor released for victims who wish to recover their data without paying extortionists

Graham Cluley

There's good news for any business that has fallen victim to the Akira ransomware. Security researchers have developed a free decryption tool for files that have been encrypted since the Akira ransomware first emerged in March 2023. Read more in my article on the Tripwire State of Security blog.

article thumbnail

How to add the Docker Scout feature to the Docker CLI

Tech Republic Security

In this TechRepublic How to Make Tech Work tutorial, Jack Wallen shows you how to add the Docker Scout feature to the Docker CLI. The post How to add the Docker Scout feature to the Docker CLI appeared first on TechRepublic.

article thumbnail

300,000+ Fortinet firewalls vulnerable to critical FortiOS RCE bug

Bleeping Computer

Hundreds of thousands of FortiGate firewalls are vulnerable to a critical security issue identified as CVE-2023-27997, almost a month after Fortinet released an update that addresses the problem. [.

Firewall 142
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Email crypto phishing scams: stealing from hot and cold crypto wallets

SecureList

The higher the global popularity of cryptocurrencies and the more new ways of storing them, the wider the arsenal of tools used by malicious actors who are after digital money. Scammers tailor the complexity of technology they use and the thoroughness of their efforts to imitate legitimate websites to how well the target is protected and how large the amount is that they can steal if successful.

Scams 137
article thumbnail

Deepfaking it: What to know about deepfake?driven sextortion schemes

We Live Security

Criminals increasingly create deepfake nudes from people’s benign public photos in order to extort money from them, the FBI warns The post Deepfaking it: What to know about deepfake‑driven sextortion schemes appeared first on WeLiveSecurity

article thumbnail

Microsoft Edge cheat sheet

Tech Republic Security

Microsoft Edge is the default browser for Windows 10. This cheat sheet covers the basics of Microsoft Edge, including how to set up the browser and optimize and use key features. The post Microsoft Edge cheat sheet appeared first on TechRepublic.

article thumbnail

Apps with 1.5M installs on Google Play send your data to China

Bleeping Computer

Security researchers discovered two malicious file management applications on Google Play with a collective installation count of over 1.5 million that collected excessive user data that goes well beyond what's needed to offer the promised functionality. [.

Mobile 141
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Firefox 115 is out, says farewell to older Windows and Mac users

Naked Security

No zero-days this month, so you’re patching to stay ahead, not merely to catch up!

135
135
article thumbnail

Shell Becomes Latest Cl0p MOVEit Victim

Dark Reading

In another MOVEit attack, oil and gas giant Shell saw the release of the private information of its employees.

134
134
article thumbnail

OpenAI Is Hiring Researchers to Wrangle ‘Superintelligent’ AI

Tech Republic Security

The AI giant predicts human-like machine intelligence could arrive within 10 years, so they want to be ready for it in four. The post OpenAI Is Hiring Researchers to Wrangle ‘Superintelligent’ AI appeared first on TechRepublic.

article thumbnail

Microsoft denies data breach, theft of 30 million customer accounts

Bleeping Computer

Microsoft has denied the claims of the so-called hacktivists "Anonymous Sudan" that they breached the company's servers and stole credentials for 30 million customer accounts. [.

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!