Sat.Jul 01, 2023 - Fri.Jul 07, 2023

article thumbnail

Self-Driving Cars Are Surveillance Cameras on Wheels

Schneier on Security

Police are already using self-driving car footage as video evidence: While security cameras are commonplace in American cities, self-driving cars represent a new level of access for law enforcement ­ and a new method for encroachment on privacy, advocates say. Crisscrossing the city on their routes, self-driving cars capture a wider swath of footage.

article thumbnail

Who’s Behind the DomainNetworks Snail Mail Scam?

Krebs on Security

If you’ve ever owned a domain name, the chances are good that at some point you’ve received a snail mail letter which appears to be a bill for a domain or website-related services. In reality, these misleading missives try to trick people into paying for useless services they never ordered, don’t need, and probably will never receive.

Scams 266
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

News Alert: Nuvoton underscores its commitment to 8-bit MCU production sustainability

The Last Watchdog

Hsinchu, Taiwan – July 6, 2023 – Nuvoton Technology, one of the world’s leading suppliers of microcontrollers, has proudly launched its MUG51 8-bit MCU series of low power microcontrollers designed for battery-free devices. Nuvoton is committed to sustainable 8-bit MCU production and product longevity to ensure a reliable supply, giving customers the confidence to commit to long-term products, platforms, and projects.

article thumbnail

Weekly Update 354

Troy Hunt

I'm in Thailand! It's spectacular here, and even more so since recording this video and getting out of Bangkok and into the sorts of natural beauty you see in all the videos. Speaking of which, rather than writing more here (whilst metres away from the most amazing scenery), I'm going to push the publish button on this week's video and go enjoy it.

Software 231
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

The AI Dividend

Schneier on Security

For four decades, Alaskans have opened their mailboxes to find checks waiting for them, their cut of the black gold beneath their feet. This is Alaska’s Permanent Fund, funded by the state’s oil revenues and paid to every Alaskan each year. We’re now in a different sort of resource rush, with companies peddling bits instead of oil: generative AI.

article thumbnail

CL0P Ransomware Gang Attacks Top June Cyber Headlines

Lohrman on Security

The CL0P ransomware gang, reportedly based in Russia, has breached at least 122 organizations using MOVEit zero day exploits. Here’s what you need to know.

More Trending

article thumbnail

Weekly Update 355

Troy Hunt

Alrighty, "The Social Media" Without adding too much here as I think it's adequately covered in the video, since last week we've had another change at Twitter that has gotten some people cranky (rate limits) and another social media platform to jump onto (Threads). I do wonder how impactful the 1k tweet view limit per day is for most people (I have no idea how many I usually see, I just know I've never hit the limit yet), and as I say in the video, I find it increasingly h

Media 195
article thumbnail

Class-Action Lawsuit for Scraping Data without Permission

Schneier on Security

I have mixed feelings about this class-action lawsuit against OpenAI and Microsoft, claiming that it “scraped 300 billion words from the internet” without either registering as a data broker or obtaining consent. On the one hand, I want this to be a protected fair use of public data. On the other hand, I want us all to be compensated for our uniquely human ability to generate language.

Internet 245
article thumbnail

Snappy: A tool to detect rogue WiFi access points on open networks

Bleeping Computer

Cybersecurity researchers have released a new tool called 'Snappy' that can help detect fake or rogue WiFi access points that attempts to steal data from unsuspecting people. [.

article thumbnail

The Importance of Penetration Testing in Cloud Security

Tech Republic Security

Read about penetration testing in cloud security and its importance, details about how it's done and the most common threats to cloud security. The post The Importance of Penetration Testing in Cloud Security appeared first on TechRepublic.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Free Akira ransomware decryptor released for victims who wish to recover their data without paying extortionists

Graham Cluley

There's good news for any business that has fallen victim to the Akira ransomware. Security researchers have developed a free decryption tool for files that have been encrypted since the Akira ransomware first emerged in March 2023. Read more in my article on the Tripwire State of Security blog.

article thumbnail

Belgian Tax Hack

Schneier on Security

Here’s a fascinating tax hack from Belgium (listen to the details here , episode #484 of “No Such Thing as a Fish,” at 28:00). Basically, it’s about a music festival on the border between Belgium and Holland. The stage was in Holland, but the crowd was in Belgium. When the copyright collector came around, they argued that they didn’t have to pay any tax because the audience was in a different country.

Hacking 238
article thumbnail

Microsoft denies data breach, theft of 30 million customer accounts

Bleeping Computer

Microsoft has denied the claims of the so-called hacktivists "Anonymous Sudan" that they breached the company's servers and stole credentials for 30 million customer accounts. [.

article thumbnail

Is Quantum Computing Right for Your Business?

Tech Republic Security

Learn about the benefits and use cases of quantum computing. Also, get details about quantum cryptography from an expert. The post Is Quantum Computing Right for Your Business? appeared first on TechRepublic.

Software 176
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Microsoft Teams Exploit Tool Auto-Delivers Malware

Dark Reading

The "TeamsPhisher" cyberattack tool gives pentesters — and adversaries — a way to deliver malicious files directly to a Teams user from an external account, or tenant.

Malware 145
article thumbnail

The Password Game

Schneier on Security

Amusing parody of password rules. BoingBoing : For example, at a certain level, your password must include today’s Wordle answer. And then there’s rule #27: “At least 50% of your password must be in the Wingdings font.

Passwords 201
article thumbnail

300,000+ Fortinet firewalls vulnerable to critical FortiOS RCE bug

Bleeping Computer

Hundreds of thousands of FortiGate firewalls are vulnerable to a critical security issue identified as CVE-2023-27997, almost a month after Fortinet released an update that addresses the problem. [.

Firewall 142
article thumbnail

Thales: For Data Breaches, Cloud Assets are Biggest Cybersecurity Headache

Tech Republic Security

Thales cloud security study shows that 79% of organizations have more than one cloud provider and 75% of companies said they store at least 40% of their sensitive data in the cloud. The post Thales: For Data Breaches, Cloud Assets are Biggest Cybersecurity Headache appeared first on TechRepublic.

article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

Deepfaking it: What to know about deepfake?driven sextortion schemes

We Live Security

Criminals increasingly create deepfake nudes from people’s benign public photos in order to extort money from them, the FBI warns The post Deepfaking it: What to know about deepfake‑driven sextortion schemes appeared first on WeLiveSecurity

article thumbnail

How to Strengthen Cybersecurity in the Age of AI

Security Boulevard

To get ahead of the adversaries in this new AI age, cybersecurity research into new generative AI attacks and defenses must be further along. The post How to Strengthen Cybersecurity in the Age of AI appeared first on Security Boulevard.

article thumbnail

Apps with 1.5M installs on Google Play send your data to China

Bleeping Computer

Security researchers discovered two malicious file management applications on Google Play with a collective installation count of over 1.5 million that collected excessive user data that goes well beyond what's needed to offer the promised functionality. [.

Mobile 141
article thumbnail

How to add the Docker Scout feature to the Docker CLI

Tech Republic Security

In this TechRepublic How to Make Tech Work tutorial, Jack Wallen shows you how to add the Docker Scout feature to the Docker CLI. The post How to add the Docker Scout feature to the Docker CLI appeared first on TechRepublic.

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Researchers Uncover New Linux Kernel 'StackRot' Privilege Escalation Vulnerability

The Hacker News

Details have emerged about a newly identified security flaw in the Linux kernel that could allow a user to gain elevated privileges on a target host. Dubbed StackRot (CVE-2023-3269, CVSS score: 7.8), the flaw impacts Linux versions 6.1 through 6.4. There is no evidence that the shortcoming has been exploited in the wild to date.

126
126
article thumbnail

Email crypto phishing scams: stealing from hot and cold crypto wallets

SecureList

The higher the global popularity of cryptocurrencies and the more new ways of storing them, the wider the arsenal of tools used by malicious actors who are after digital money. Scammers tailor the complexity of technology they use and the thoroughness of their efforts to imitate legitimate websites to how well the target is protected and how large the amount is that they can steal if successful.

Scams 121
article thumbnail

Critical TootRoot bug lets attackers hijack Mastodon servers

Bleeping Computer

Mastodon, the free and open-source decentralized social networking platform, has patched four vulnerabilities, including a critical one that allows hackers to create arbitrary files on instance-hosting servers using specially crafted media files. [.

Media 138
article thumbnail

Microsoft Edge cheat sheet

Tech Republic Security

Microsoft Edge is the default browser for Windows 10. This cheat sheet covers the basics of Microsoft Edge, including how to set up the browser and optimize and use key features. The post Microsoft Edge cheat sheet appeared first on TechRepublic.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Google Searches for 'USPS Package Tracking' Lead to Banking Theft

Dark Reading

Attackers are leveraging well-executed brand impersonation in a Google ads malvertising effort that collects both credit card and bank details from victims.

Banking 127
article thumbnail

SEC Sends Wells Notice to SolarWinds Executives

Security Boulevard

On June 23, 2023, SolarWinds revealed via an SEC Form 8-K filing that the U.S. Securities and Exchange Commission (SEC) notified the company that “certain current and former executive officers and employees of the company, including the company’s chief financial officer and chief information security officer,” had received Wells Notices. What is a Wells Notice, The post SEC Sends Wells Notice to SolarWinds Executives appeared first on Security Boulevard.

article thumbnail

Cisco warns of bug that lets attackers break traffic encryption

Bleeping Computer

Cisco warned customers today of a high-severity vulnerability impacting some data center switch models and allowing attackers to tamper with encrypted traffic. [.

article thumbnail

OpenAI Is Hiring Researchers to Wrangle ‘Superintelligent’ AI

Tech Republic Security

The AI giant predicts human-like machine intelligence could arrive within 10 years, so they want to be ready for it in four. The post OpenAI Is Hiring Researchers to Wrangle ‘Superintelligent’ AI appeared first on TechRepublic.

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!