India’s Digital Personal Data Protection Bill: What works, what it lacksA new draft of India’s data protection bill is set to be debated in Parliament, but...
Day: January 13, 2023
Introducing IPyIDA: A Python plugin for your reverse‑engineering toolkit
Introducing IPyIDA: A Python plugin for your reverse‑engineering toolkitESET Research announces IPyIDA 2.0, a Python plugin integrating IPython and Jupyter Notebook into IDA The post Introducing...
Intel boosts VM security, guards against stack attacks in new Xeon release
Intel boosts VM security, guards against stack attacks in new Xeon releaseIntel today announced the rollout of the fourth generation of its Xeon family of server...
Data leak exposes information of 10,000 French social security beneficiaries
Data leak exposes information of 10,000 French social security beneficiaries[Editor's note: This article originally appeared on the Le Monde Informatique website.] More than 10,000 beneficiaries of...
Study shows attackers can use ChatGPT to significantly enhance phishing and BEC scams
Study shows attackers can use ChatGPT to significantly enhance phishing and BEC scamsSecurity researchers have used the GPT-3 natural language generation model and the ChatGPT chatbot...
Cybercriminals bypass Windows security with driver-vulnerability exploit
Cybercriminals bypass Windows security with driver-vulnerability exploitThe Scattered Spider cybercrime group has recently been observed attempting to deploy a malicious kernel driver using a tactic called...
Cybersecurity spending and economic headwinds in 2023
Cybersecurity spending and economic headwinds in 2023Now that everyone, their brother, sister, and dog have chimed in on cybersecurity predictions for 2023, here are a few...
CloudSek launches free security tool that helps users win bug bounty
CloudSek launches free security tool that helps users win bug bountyCybersecurity firm CloudSek has launched BeVigil, a tool that can tell users how safe the apps...
How to prioritize effectively with threat modeling
How to prioritize effectively with threat modelingCrisis? What Crisis! Webinar How does your security team prioritize work? When a new attack from a state actor hits...
Multiple Global Car Brands Discovered to Have API Vulnerabilities
Multiple Global Car Brands Discovered to Have API VulnerabilitiesConnected cars are a way of life for millions, but that also means they provide additional attack vectors...
USENIX Security ’22 – Theresa Stadler, Bristena Oprisanu, Carmela Troncoso – ‘Synthetic Data – Anonymisation Groundhog Day’
USENIX Security ’22 – Theresa Stadler, Bristena Oprisanu, Carmela Troncoso – ‘Synthetic Data – Anonymisation Groundhog Day’Our thanks to USENIX for publishing their Presenter’s USENIX Security...
Why You Need Continuous Password Monitoring for True Protection
Why You Need Continuous Password Monitoring for True ProtectionSome free password policy tools out there tout password protection without actively monitoring if user credentials become compromised...
Why These CAPTCHAs Don’t Work
Why These CAPTCHAs Don’t WorkWhy These CAPTCHAs Just Don’t Work Over the past four years, I’ve been the lead technical artist here at Arkose Labs. It...
Data Security: Your Ultimate Duty to Your Online Customer
Data Security: Your Ultimate Duty to Your Online CustomerRetail business leaders deal with many risks that threaten their businesses' economic stability and viability. And while physical...
ReversingLabs Threat Analysis and Hunting Solution January 2023 Update: Driving SecOps Forward
ReversingLabs Threat Analysis and Hunting Solution January 2023 Update: Driving SecOps Forward Learn how your organization can reduce cyber risks (as well as operational workload and...
Best Practices in Dependency Management: Cooking a Meal of Gourmet Code
Best Practices in Dependency Management: Cooking a Meal of Gourmet Code The post Best Practices in Dependency Management: Cooking a Meal of Gourmet Code appeared...
Tesla “Solar Factory” Implicated in FSD Fraud: Workers Directed to Classify Images for Driving
Tesla “Solar Factory” Implicated in FSD Fraud: Workers Directed to Classify Images for DrivingElon Musk launched the Tesla concept for chargers as solar powered. He promised...
Digital Trust Digest: This Week’s Must-Know News
Digital Trust Digest: This Week’s Must-Know NewsThe Digital Trust Digest is a curated overview of the week’s top cybersecurity news. Here's what happened the week of...
Step on It: What to Know About TISAX Compliance in the Automotive Market
Step on It: What to Know About TISAX Compliance in the Automotive MarketThe automotive industry is one of the largest in the world, with sales estimated...
Naked Security 33 1/3 – Cybersecurity predictions for 2023 and beyond
Naked Security 33 1/3 – Cybersecurity predictions for 2023 and beyondThe problem with anniversaries is that there's an almost infinite number of them every day...Leer másNaked SecurityThe...
Inside a scammers’ lair: Ukraine busts 40 in fake bank call-centre raid
Inside a scammers’ lair: Ukraine busts 40 in fake bank call-centre raidWhen someone calls you up to warn you that your bank account is under attack...
PyTorch: Machine Learning toolkit pwned from Christmas to New Year
PyTorch: Machine Learning toolkit pwned from Christmas to New YearThe bad news: the crooks have your SSH private keys. The good news: only users of the...
Serious Security: How to improve cryptography, resist supply chain attacks, and handle data breaches
Serious Security: How to improve cryptography, resist supply chain attacks, and handle data breachesLessons for us all: improve cryptography, fight cybercrime, own your supply chain... and...
S3 Ep116: Last straw for LastPass? Is crypto doomed? [Audio + Text]
S3 Ep116: Last straw for LastPass? Is crypto doomed? [Audio + Text]Lots of big issues this week: breaches, encryption, supply chains and patching problems. Listen now!...
RSA crypto cracked? Or perhaps not!
RSA crypto cracked? Or perhaps not!Stand down from blue alert, it seems... but why not plan your cryptographic agility anyway?Leer másNaked SecurityStand down from blue alert,...
CircleCI – code-building service suffers total credential compromise
CircleCI – code-building service suffers total credential compromiseThey're saying "rotate secrets"... in plain English, they mean "change your credentials". The company has a tool to help...
Popular JWT cloud security library patches “remote” code execution hole
Popular JWT cloud security library patches “remote” code execution holeIt's remotely triggerable, but attackers would already have pretty deep network access if they could "prime" your...
Microsoft Patch Tuesday: One 0-day; Win 7 and 8.1 get last-ever patches
Microsoft Patch Tuesday: One 0-day; Win 7 and 8.1 get last-ever patchesGet 'em while they're hot. And get 'em for the very last time, if you...
S3 Ep117: The crypto crisis that wasn’t (and farewell forever to Win 7) [Audio + Text]
S3 Ep117: The crypto crisis that wasn’t (and farewell forever to Win 7) [Audio + Text]Tell us in the comments... What's the REAL reason there was...
Rackspace Confirms Play Ransomware Gang Responsible for Recent Breach
Rackspace Confirms Play Ransomware Gang Responsible for Recent BreachCloud services provider Rackspace on Thursday confirmed that the ransomware gang known as Play was responsible for last...