How to prioritize effectively with threat modelingCrisis? What Crisis! Webinar How does your security team prioritize work? When a new attack from a state actor hits...
Year: 2023
Multiple Global Car Brands Discovered to Have API Vulnerabilities
Multiple Global Car Brands Discovered to Have API VulnerabilitiesConnected cars are a way of life for millions, but that also means they provide additional attack vectors...
USENIX Security ’22 – Theresa Stadler, Bristena Oprisanu, Carmela Troncoso – ‘Synthetic Data – Anonymisation Groundhog Day’
USENIX Security ’22 – Theresa Stadler, Bristena Oprisanu, Carmela Troncoso – ‘Synthetic Data – Anonymisation Groundhog Day’Our thanks to USENIX for publishing their Presenter’s USENIX Security...
Why You Need Continuous Password Monitoring for True Protection
Why You Need Continuous Password Monitoring for True ProtectionSome free password policy tools out there tout password protection without actively monitoring if user credentials become compromised...
Why These CAPTCHAs Don’t Work
Why These CAPTCHAs Don’t WorkWhy These CAPTCHAs Just Don’t Work Over the past four years, I’ve been the lead technical artist here at Arkose Labs. It...
Data Security: Your Ultimate Duty to Your Online Customer
Data Security: Your Ultimate Duty to Your Online CustomerRetail business leaders deal with many risks that threaten their businesses' economic stability and viability. And while physical...
ReversingLabs Threat Analysis and Hunting Solution January 2023 Update: Driving SecOps Forward
ReversingLabs Threat Analysis and Hunting Solution January 2023 Update: Driving SecOps Forward Learn how your organization can reduce cyber risks (as well as operational workload and...
Best Practices in Dependency Management: Cooking a Meal of Gourmet Code
Best Practices in Dependency Management: Cooking a Meal of Gourmet Code The post Best Practices in Dependency Management: Cooking a Meal of Gourmet Code appeared...
Tesla “Solar Factory” Implicated in FSD Fraud: Workers Directed to Classify Images for Driving
Tesla “Solar Factory” Implicated in FSD Fraud: Workers Directed to Classify Images for DrivingElon Musk launched the Tesla concept for chargers as solar powered. He promised...
Digital Trust Digest: This Week’s Must-Know News
Digital Trust Digest: This Week’s Must-Know NewsThe Digital Trust Digest is a curated overview of the week’s top cybersecurity news. Here's what happened the week of...
Step on It: What to Know About TISAX Compliance in the Automotive Market
Step on It: What to Know About TISAX Compliance in the Automotive MarketThe automotive industry is one of the largest in the world, with sales estimated...
Naked Security 33 1/3 – Cybersecurity predictions for 2023 and beyond
Naked Security 33 1/3 – Cybersecurity predictions for 2023 and beyondThe problem with anniversaries is that there's an almost infinite number of them every day...Leer másNaked SecurityThe...
Inside a scammers’ lair: Ukraine busts 40 in fake bank call-centre raid
Inside a scammers’ lair: Ukraine busts 40 in fake bank call-centre raidWhen someone calls you up to warn you that your bank account is under attack...
PyTorch: Machine Learning toolkit pwned from Christmas to New Year
PyTorch: Machine Learning toolkit pwned from Christmas to New YearThe bad news: the crooks have your SSH private keys. The good news: only users of the...
0 - CT 0 – CT – Cybersecurity Architecture – Crypto Security Cyber Security News FeedzyAuto FeedzyAutoTOP nakedsecurity
S3 Ep116: Last straw for LastPass? Is crypto doomed? [Audio + Text]
S3 Ep116: Last straw for LastPass? Is crypto doomed? [Audio + Text]Lots of big issues this week: breaches, encryption, supply chains and patching problems. Listen now!...
0 - CT 0 - CT - CISO Strategics - Supply Chain & Supply Chain Attacks 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad 0 - CT - SOC - CSIRT Operations - Data Leak & Breach Incidents Notepad 0 – CT – Cybersecurity Architecture – Crypto Security Cyber Security News FeedzyAuto FeedzyAutoTOP nakedsecurity
Serious Security: How to improve cryptography, resist supply chain attacks, and handle data breaches
Serious Security: How to improve cryptography, resist supply chain attacks, and handle data breachesLessons for us all: improve cryptography, fight cybercrime, own your supply chain... and...
CircleCI – code-building service suffers total credential compromise
CircleCI – code-building service suffers total credential compromiseThey're saying "rotate secrets"... in plain English, they mean "change your credentials". The company has a tool to help...
0 - CT 0 - CT - Cybersecurity Vendors - RSA Security 0 – CT – Cybersecurity Architecture – Crypto Security Cyber Security News FeedzyAuto FeedzyAutoTOP nakedsecurity
RSA crypto cracked? Or perhaps not!
RSA crypto cracked? Or perhaps not!Stand down from blue alert, it seems... but why not plan your cryptographic agility anyway?Leer másNaked SecurityStand down from blue alert,...
0 - CT 0 - CT - Cybersecurity Architecture - Cloud Security Cyber Security News FeedzyAuto FeedzyAutoTOP nakedsecurity
Popular JWT cloud security library patches “remote” code execution hole
Popular JWT cloud security library patches “remote” code execution holeIt's remotely triggerable, but attackers would already have pretty deep network access if they could "prime" your...
0 - CT 0 – CT – Cybersecurity Architecture – Crypto Security Cyber Security News FeedzyAuto FeedzyAutoTOP nakedsecurity
S3 Ep117: The crypto crisis that wasn’t (and farewell forever to Win 7) [Audio + Text]
S3 Ep117: The crypto crisis that wasn’t (and farewell forever to Win 7) [Audio + Text]Tell us in the comments... What's the REAL reason there was...
0 - CT 0 - CT - Cybersecurity Vendors - Microsoft Cyber Security News FeedzyAuto FeedzyAutoTOP nakedsecurity
Microsoft Patch Tuesday: One 0-day; Win 7 and 8.1 get last-ever patches
Microsoft Patch Tuesday: One 0-day; Win 7 and 8.1 get last-ever patchesGet 'em while they're hot. And get 'em for the very last time, if you...
0 - CT 0 - CT - SOC - CSIRT Operations - Data Leak & Breach Incidents Notepad 0 - CT - SOC - CSIRT Operations - Malware & Ransomware Cyber Security News The Hacker News
Rackspace Confirms Play Ransomware Gang Responsible for Recent Breach
Rackspace Confirms Play Ransomware Gang Responsible for Recent BreachCloud services provider Rackspace on Thursday confirmed that the ransomware gang known as Play was responsible for last...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad 0 - CT - SOC - CSIRT Operations - Malware & Ransomware Cyber Security News The Hacker News
Dridex Malware Now Attacking macOS Systems with Novel Infection Method
Dridex Malware Now Attacking macOS Systems with Novel Infection MethodA variant of the infamous Dridex banking malware has set its sights on Apple's macOS operating system...
0 - CT 0 - CT - Cybersecurity Vendors - Microsoft 0 - CT - SOC - CSIRT Operations - Malware & Ransomware Cyber Security News The Hacker News
Microsoft Reveals Tactics Used by 4 Ransomware Families Targeting macOS
Microsoft Reveals Tactics Used by 4 Ransomware Families Targeting macOSMicrosoft has shed light on four different ransomware families – KeRanger, FileCoder, MacRansom, and EvilQuest – that are...
Hackers Using CAPTCHA Bypass Tactics in Freejacking Campaign on GitHub
Hackers Using CAPTCHA Bypass Tactics in Freejacking Campaign on GitHubA South Africa-based threat actor known as Automated Libra has been observed employing CAPTCHA bypass techniques to...
Russian Turla Hackers Hijack Decade-Old Malware Infrastructure to Deploy New Backdoors
Russian Turla Hackers Hijack Decade-Old Malware Infrastructure to Deploy New BackdoorsThe Russian cyberespionage group known as Turla has been observed piggybacking on attack infrastructure used by...
Multiple Global Car Brands Discovered to Have API Vulnerabilities
Multiple Global Car Brands Discovered to Have API VulnerabilitiesConnected cars are a way of life for millions, but that also means they provide additional attack vectors...
USENIX Security ’22 – Theresa Stadler, Bristena Oprisanu, Carmela Troncoso – ‘Synthetic Data – Anonymisation Groundhog Day’
USENIX Security ’22 – Theresa Stadler, Bristena Oprisanu, Carmela Troncoso – ‘Synthetic Data – Anonymisation Groundhog Day’Our thanks to USENIX for publishing their Presenter’s USENIX Security...
Why You Need Continuous Password Monitoring for True Protection
Why You Need Continuous Password Monitoring for True ProtectionSome free password policy tools out there tout password protection without actively monitoring if user credentials become compromised...
Why These CAPTCHAs Don’t Work
Why These CAPTCHAs Don’t WorkWhy These CAPTCHAs Just Don’t Work Over the past four years, I’ve been the lead technical artist here at Arkose Labs. It...