- + VU#138043: A stack-based overflow vulnerability exists in the Microchip Advanced Software Framework (ASF) implementation of the tinydhcp server—Overview A stack-based overflow vulnerability exists in the tinydhcp...
- + VU#455367: Insecure Platform Key (PK) used in UEFI system firmware signature—Overview A vulnerability in the user of hard-coded Platform Keys (PK...
- + VU#244112: Multiple SMTP services are susceptible to spoofing attacks due to insufficient enforcement—Overview Multiple hosted, outbound SMTP servers are vulnerable to em...
- + VU#312260: Use-after-free vulnerability in lighttpd version 1.4.50 and earlier—Overview A use-after-free vulnerability in lighttpd in versions 1.4....
- + VU#456537: RADIUS protocol susceptible to forgery attacks.—Overview A vulnerability in the RADIUS protocol allows an attacker a...
- + VU#163057: BMC software fails to validate IPMI session.—Overview The Intelligent Platform Management Interface (IPMI) implem...
- + VU#238194: R Programming Language implementations are vulnerable to arbitrary code execution during deserialization of .rds and .rdx files—Overview A vulnerability in the R language that allows for arbitrary...
- + VU#253266: Keras 2 Lambda Layers Allow Arbitrary Code Injection in TensorFlow Models—Overview Lambda Layers in third party TensorFlow-based Keras models ...
- + VU#123335: Multiple programming languages fail to escape arguments properly in Microsoft Windows—Overview Various programming languages lack proper validation mechan...
- show more ...
As of 10/5/24 11:49pm. Last new 9/30/24 8:59pm. Score: 639
- + Election offices are preparing for a smooth voting process — and angry voters—html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org...
- + Former Mesa County clerk sentenced to 9 years for 2020 voting system breach—Former Mesa County clerk sentenced to 9 years for 2020 voting system b...
- + What’s new from this year’s Counter Ransomware Initiative summit, and what’s next—What’s new from this year’s Counter Ransomware Initiative summit, and ...
- + DOJ, Microsoft seize more than 100 domains used by the FSB—html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org...
- + Research reveals vulnerabilities in routers that left 700,000-plus exposed—Research reveals vulnerabilities in routers that left 700,000-plus exp...
- + Russian authorities arrest nearly 100 in raids tied to cybercriminal money laundering—Russian authorities arrest nearly 100 in raids tied to cybercriminal m...
- + America’s allies are shifting: Cyberspace is about persistence, not deterrence—America’s allies are shifting: Cyberspace is about persistence, not de...
- show more ...
As of 10/5/24 11:19pm. Last new 10/3/24 4:39pm. Score: 582
- + ISC StormCast for Friday, October 4th, 2024—Kickstart Your DShield Honeypot https://isc.sans.edu/diary/Kickstar...
- + ISC StormCast for Thursday, October 3rd, 2024—Security Related Docker Containers https://isc.sans.edu/diary/Secur...
- show more ...
As of 10/5/24 11:20pm. Last new 10/4/24 2:02am. Score: 536
- + CISA Adds One Known Exploited Vulnerability to Catalog—CISA has added one new vulnerability to its Known Exploited Vuln...
- + Russian Military Cyber Actors Target US and Global Critical Infrastructure—Summary The Federal Bureau of Investigation (FBI), Cybersecurity an...
- + #StopRansomware: RansomHub Ransomware—Summary Note: This joint Cybersecurity Advisory is part of an on...
- + Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations—Summary The Federal Bureau of Investigation (FBI), Cybersecurity an...
- + North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs—Summary The U.S. Federal Bureau of Investigation (FBI) and the foll...
- + CISA Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth—EXECUTIVE SUMMARY In early 2023, the Cybersecurity and Infrastructur...
- + People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action —Overview Background This advisory, authored by the Australian Sig...
- + #StopRansomware: Black Basta—SUMMARY Note : This joint Cybersecurity Advisory (CSA) is part of...
- + #StopRansomware: Akira Ransomware—SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of...
- + Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways—SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA)...
As of 10/5/24 11:20pm. Last new 9/30/24 11:35pm. Score: 529
- + Friday Squid Blogging: Map of All Colossal Squid Sightings—Interesting map , from this paper . Blog moderation policy. [Aut...
- + Weird Zimbra Vulnerability—Hackers can execute commands on a remote computer by sending malforme...
- + California AI Safety Bill Vetoed—Governor Newsom has vetoed the state’s AI safety bill. I ha...
- + Hacking ChatGPT by Planting False Memories into Its Data—This vulnerability hacks a feature that allows ChatGPT to have long-te...
- + Friday Squid Blogging: Squid Game Season Two Teaser—The teaser for Squid Game Season Two dropped. Blog moderation ...
- + Clever Social Engineering Attack Using Captchas—This is really interesting. It’s a phishing attack targeting...
- + FBI Shuts Down Chinese Botnet—The FBI has shut down a botnet run by Chinese hackers: The botne...
- + AI and the 2024 US Elections—For years now, AI has undermined the public’s ability to trust w...
- + Squid Fishing in Japan—Fishermen are catching more squid as other fish are depleted. Bl...
- + NIST Recommends Some Common-Sense Password Rules—NIST’s second draft of its “ SP 800-63-4 “—its...
- show more ...
As of 10/5/24 11:29pm. Last new 10/4/24 6:20pm. Score: 507
- + Friday Squid Blogging: Map of All Colossal Squid Sightings—Interesting map , from this paper . Blog moderation policy. [Aut...
- + Weird Zimbra Vulnerability—Hackers can execute commands on a remote computer by sending malforme...
- + California AI Safety Bill Vetoed—Governor Newsom has vetoed the state’s AI safety bill. I ha...
- + Hacking ChatGPT by Planting False Memories into Its Data—This vulnerability hacks a feature that allows ChatGPT to have long-te...
- + Friday Squid Blogging: Squid Game Season Two Teaser—The teaser for Squid Game Season Two dropped. Blog moderation ...
- + Clever Social Engineering Attack Using Captchas—This is really interesting. It’s a phishing attack targeting...
- + FBI Shuts Down Chinese Botnet—The FBI has shut down a botnet run by Chinese hackers: The botne...
- + AI and the 2024 US Elections—For years now, AI has undermined the public’s ability to trust w...
- + Squid Fishing in Japan—Fishermen are catching more squid as other fish are depleted. Bl...
- + NIST Recommends Some Common-Sense Password Rules—NIST’s second draft of its “ SP 800-63-4 “—its...
- show more ...
As of 10/5/24 11:29pm. Last new 10/4/24 8:08pm. Score: 476
- + CISA Adds One Known Exploited Vulnerability to Catalog—CISA has added one new vulnerability to its Known Exploited Vuln...
- + Russian Military Cyber Actors Target US and Global Critical Infrastructure—Summary The Federal Bureau of Investigation (FBI), Cybersecurity an...
- + #StopRansomware: RansomHub Ransomware—Summary Note: This joint Cybersecurity Advisory is part of an on...
- + Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations—Summary The Federal Bureau of Investigation (FBI), Cybersecurity an...
- + North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs—Summary The U.S. Federal Bureau of Investigation (FBI) and the foll...
- + CISA Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth—EXECUTIVE SUMMARY In early 2023, the Cybersecurity and Infrastructur...
- + People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action —Overview Background This advisory, authored by the Australian Sig...
- + #StopRansomware: Black Basta—SUMMARY Note : This joint Cybersecurity Advisory (CSA) is part of...
- + #StopRansomware: Akira Ransomware—SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of...
- show more ...
As of 10/5/24 11:29pm. Last new 9/30/24 8:55pm. Score: 460
- + Pixel's Proactive Approach to Security: Addressing Vulnerabilities in Cellular Modems—Posted by Sherk Chung, Stephan Chen, Pixel team, and Roger Piqueras Jo...
- + Evaluating Mitigations & Vulnerabilities in Chrome—Posted by Alex Gough, Chrome Security Team The Chrome Security Tea...
- + A new path for Kyber on the web—Posted by David Adrian, David Benjamin, Bob Beck & Devon O'Brien, ...
- + Deploying Rust in Existing Firmware Codebases—Posted by Ivan Lozano and Dominik Maier, Android Team Android's use...
- + Private AI For All: Our End-To-End Approach to AI Privacy on Android—Posted by Dave Kleidermacher, VP Engineering, Android Security and Pri...
- + Post-Quantum Cryptography: Standards and Progress—Posted by Royal Hansen, VP, Privacy, Safety and Security Engineering, ...
- + Keeping your Android device safe from text message fraud—Posted by Nataliya Stanetsky and Roger Piqueras Jover, Android Securit...
- + Improving the security of Chrome cookies on Windows—Posted by Will Harris, Chrome Security Team Cybercriminals using c...
- + Building security into the redesigned Chrome downloads experience—Posted by Jasika Bawa, Lily Chen, and Daniel Rubery, Chrome Security ...
- + Sustaining Digital Certificate Security - Entrust Certificate Distrust—Posted by Chrome Root Program, Chrome Security Team Update (09/1...
- show more ...
As of 10/5/24 11:29pm. Last new 10/3/24 1:03pm. Score: 459
- + MAR-10448362-1.v1 Volt Typhoon—Notification This report is provided "as is" for informational pur...
- + MAR-10478915-1.v1 Citrix Bleed— Notification This report is provided "as...
- + MAR-10454006.r5.v1 SUBMARINE, SKIPJACK, SEASPRAY, WHIRLPOOL, and SALTWATER Backdoors — Notification This report is provided "...
- + MAR-10430311-1.v1 Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475— Notification This report is provided "as...
- + Infamous Chisel Malware Analysis Report—Infamous Chisel–A collection of components associated with Sandworm de...
- + MAR-10459736.r1.v1 WHIRLPOOL Backdoor— Notification This report is provided "...
- + MAR-10454006.r4.v2 SEASPY and WHIRLPOOL Backdoors— Notification This report is provided "as is" f...
- + MAR-10454006-r3.v1 Exploit Payload Backdoor — Notification This report is provided "as...
- + MAR-10454006-r2.v1 SEASPY Backdoor — Notification This report is provided "as...
- + MAR-10454006-r1.v2 SUBMARINE Backdoor— Notification This report is provided "as is" ...
As of 10/5/24 11:29pm. Last new 10/1/24 12:24am. Score: 450
- + CISA is warning us (again) about the threat to critical infrastructure networks—Government-run water systems and other critical infrastructure are sti...
- + Threat actor believed to be spreading new MedusaLocker variant since 2022—Cisco Talos has discovered a financially motivated threat actor, activ...
- + Are hardware supply chain attacks “cyber attacks?”—The recent attacks in the Middle East triggering explosions on pag...
- + Simple Mail Transfer Pirates: How threat actors are abusing third-party infrastructure to send spam—Attackers are abusing normal features of legitimate web sites to trans...
- + Talos discovers denial-of-service vulnerability in Microsoft Audio Bus; Potential remote code execution in popular open-source PLC—Cisco Talos’ Vulnerability Research team recently disclosed two...
- + Talk of election security is good, but we still need more money to solve the problem—Last week, six Secretaries of State testified to U.S. Congress about...
- + We can try to bridge the cybersecurity skills gap, but that doesn’t necessarily mean more jobs for defenders—I have written about the dreaded “cybersecurity skills gap...
- + Vulnerability in Acrobat Reader could lead to remote code execution; Microsoft patches information disclosure issue in Windows API—Cisco Talos’ Vulnerability Research team discovered two vulnera...
- + Four zero-days included in group of 79 vulnerabilities Microsoft discloses, including one with 9.8 severity score—Microsoft disclosed four vulnerabilities that are actively being ...
- + DragonRank, a Chinese-speaking SEO manipulator service provider—Key Takeaways Cisco Talos is disclosing a new threat called ...
- show more ...
As of 10/5/24 11:29pm. Last new 10/3/24 5:33pm. Score: 449
- + Zeek 6.0.8—Zeek is a powerful network analysis framework that is much different f...
- + ABB Cylon Aspect 3.07.02 Authenticated File Disclosure—ABB Cylon Aspect version 3.07.02 suffers from an authenticated arbitra...
- + Debian Security Advisory 5784-1—Debian Linux Security Advisory 5784-1 - Fabian Vogt reported that the ...
- + Debian Security Advisory 5783-1—Debian Linux Security Advisory 5783-1 - Multiple security issues have ...
- + TeamViewer Privilege Escalation—Proof of concept code for a flaw in TeamViewer that enables an unprivi...
- + Ubuntu Security Notice USN-7053-1—Ubuntu Security Notice 7053-1 - It was discovered that ImageMagick inc...
- + Debian Security Advisory 5782-1—Debian Linux Security Advisory 5782-1 - Several vulnerabilities have b...
- + Ubuntu Security Notice USN-7055-1—Ubuntu Security Notice 7055-1 - Goldberg, Miro Haller, Nadia Heninger,...
- + MD-Pro 1.0.76 Shell Upload / SQL Injection—MD-Pro version 1.0.76 suffers from remote SQL injection and shell uplo...
- + Computer Laboratory Management System 2024 1.0 Cross Site Scripting—Computer Laboratory Management System 2024 version 1.0 suffers from a ...
- show more ...
As of 10/5/24 11:30pm. Last new 10/4/24 8:19pm. Score: 446
- + Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability—Apple has released iOS and iPadOS updates to address two security issu...
- + U.S. and Microsoft Seize 107 Russian Domains in Major Cyber Fraud Crackdown—Microsoft and the U.S. Department of Justice (DoJ) on Thursday announc...
- + How to Get Going with CTEM When You Don't Know Where to Start—Continuous Threat Exposure Management (CTEM) is a strategic framework ...
- + Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors—Cloudflare has disclosed that it mitigated a record-breaking distribut...
- + WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks—A new high-severity security flaw has been disclosed in the LiteSpeed ...
- + Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks—Google has revealed the various security guardrails that have been inc...
- + The Secret Weakness Execs Are Overlooking: Non-Human Identities—For years, securing a company’s systems was synonymous with securing i...
- + New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking—Linux servers are the target of an ongoing campaign that delivers a st...
- + North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks—Threat actors with ties to North Korea have been observed delivering a...
- + INTERPOL Arrests 8 in Major Phishing and Romance Fraud Crackdown in West Africa—INTERPOL has announced the arrest of eight individuals in Côte d'Ivoir...
- show more ...
As of 10/5/24 11:30pm. Last new 10/5/24 3:35am. Score: 432
- + Palo Alto Networks: 5x Leader in the Gartner Magic Quadrant for SD-WAN—Palo Alto Networks is the only vendor recognized as a Leader in Single...
- + A Leader in 2024 Forrester Enterprise Firewall Solutions Wave—As businesses adopt AI and face increasingly advanced threats, organiz...
- + The Top 5 Largest Scale Intrusions in 2023—What Powered Them? Large-scale cyber intrusions increased during 202...
- + Palo Alto Networks Prevents Data Loss at Enterprise Scale with NVIDIA—The rapid adoption of generative AI (GenAI) applications is driving a ...
- + Unit 42 Incident Response Retainers Enhance Organizational Resilience—Cyberattacks have increased in speed, scale and sophistication in the ...
- + A Leader in the 2024 Gartner Magic Quadrant for EPP—For Cortex XDR, Palo Alto Networks is Recognized as a Leader Once Agai...
- + Forrester Names Palo Alto Networks a Leader in Attack Surface Management—Cortex Xpanse is recognized with the top vendor score in the strategy ...
- + The Hidden AI Risk Lurking In Your Business—Today, there are thousands of Generative AI (GenAI) tools available on...
- + Using Time in Your Favor During a Ransomware Attack—Slow-Playing the Attackers When you face extortion, there are battle...
- + Crush It, Don’t Get Crushed — Combat SOC Analyst Burnout with AI—Anyone who works in cybersecurity knows that it’s full of rewards and ...
- show more ...
As of 10/5/24 11:30pm. Last new 10/4/24 8:34pm. Score: 421
- + How To Scan a Website for Vulnerabilities: Top Tools and Techniques—Knowing how to scan a website for vulnerabilities can help keep you pr...
- + How Veeam Helped New Orleans Fight Ransomware—When faced with a ransomware attack, organizations and government agen...
- + Cohesity and Microsoft Tag Team To Improve Data Protection—Cohesity and Microsoft recently announced they have expanded their par...
- + NVIDIA CSO David Reber on AI and Cybersecurity—I spoke with David Reber, CSO of Nvidia , about how the modern cybers...
- + IBM’s Vision for Security in the Quantum Era—Enterprise technology solutions are predicated on the knowledge that l...
- + DigiCert Rolls Out Trust Lifecycle Manager—DigiCert this week launched a comprehensive digital trust solution t...
- + Tech Predictions for 2023: AI, Cloud, Edge, Cybersecurity, and More—So you think you can predict the course of technology in the year ahea...
- + Cynet’s George Tubin on XDR Cybersecurity—I spoke with George Tubin, Director of Product Strategy at Cynet , ab...
- + Understanding the Business Costs of Phishing Attacks—Phishing attacks—where hackers try to collect personal information usi...
- + Sophos CTO Joe Levy on AI in Cybersecurity—I spoke with Joe Levy, CTO at Sophos , about the challenges and poten...
As of 10/5/24 11:30pm. Last new 10/1/24 12:39am. Score: 421
- + GeoServer RCE Attack—A remote code execution vulnerability affecting GeoServer is under act...
- + Russian Cyber Espionage Attack—FortiGuard Labs continues to observe attack attempts exploiting the vu...
- + Jenkins RCE Attack—Cyber threat actors target Jenkins Arbitrary File Read vulnerability (...
- + ServiceNow Remote Code Execution Attack—FortiGuard Labs continue to observe attack attempts targeting the rece...
- + Apache OFBiz RCE Attack—FortiGuard Labs continues to observe attack attempts targeting the rec...
- + Ivanti Connect Secure and Policy Secure Attack—Widespread exploitation of zero-day vulnerabilities affecting Ivanti C...
- + PHP RCE Attack—FortiGuard Labs has observed significant level of exploitation attempt...
- + Check Point Quantum Security Gateways Information Disclosure Attack—Attackers exploit a zero-day vulnerability affecting Check Point Secur...
- + D-Link Multiple Devices Attack—Multiple D-link device vulnerabilities are being actively targeted. Ma...
- + Black Basta Ransomware—A new alert from CISA, the FBI, the Department of Health and Human Ser...
As of 10/5/24 11:31pm. Last new 10/1/24 12:41am. Score: 409
- + MITRE Adds Mitigations to EMB3D Threat Model—MITRE has expanded the EMB3D Threat Model with essential mitigations t...
- + US, Allies Release Guidance on Securing OT Environments—New guidance provides information on how to create and maintain a secu...
- + Cryptocurrency Wallets Targeted via Python Packages Uploaded to PyPI—Multiple Python packages referencing dependencies containing cryptocur...
- + Harmonic Raises $17.5M to Defend Against AI Data Harvesting—Harmonic has raised a total of $26 million to develop a new approach ...
- + Record-Breaking DDoS Attack Peaked at 3.8 Tbps, 2.14 Billion Pps—Cloudflare recently mitigated another record-breaking DDoS attack, pea...
- + After Code Execution, Researchers Show How CUPS Can Be Abused for DDoS Attacks—Over 58,000 internet-exposed CUPS hosts can be abused for significant ...
- + Critical Zimbra Vulnerability Exploited One Day After PoC Release—A critical-severity vulnerability in Zimbra has been exploited in the ...
- + T-Mobile to Pay Millions to Settle With FCC Over Data Breaches—T-Mobile has agreed to invest $15.75 million in cybersecurity and pay ...
- + More LockBit Hackers Arrested, Unmasked as Law Enforcement Seizes Servers—Previously seized LockBit websites have been used to announce more arr...
- + North Korea Hackers Linked to Breach of German Missile Manufacturer—The targeting of Diehl Defence is significant because the company spec...
- show more ...
As of 10/5/24 11:31pm. Last new 10/2/24 2:31pm. Score: 398
- + 45% of cybersecurity leaders are stressed about budget restraints—The stress of cybersecurity professionals was analyzed in a report fin...
- + CISA releases threat response guide for K-12 schools—The CISA has released a new resource to assist K-12 schools establish ...
- + 10% of IT professionals have zero visibility measures—A report found that 44% of IT security professionals rely on manual lo...
- + 90% of U.S. companies admit to using AI in some capacity—The use of artificial intelligence (AI) by information technology (IT)...
- + 58% of organizations have experienced document-based identity fraud —Survey data shows a significant rise in the prevalence of video deepfa...
- + Recognizing National Cybersecurity Awareness Month in 2024—During National Cybersecurity Awareness Month, cybersecurity experts a...
- + Facebook retains consumer data for 180 days post account deletion—A study found that Meta (Facebook, Instagram and Facebook Messenger), ...
- + 60% of vulnerabilities were leveraged against Microsoft Exchange—A recent threat report reveals that a minimum of 14 million patients i...
- + 75% of organizations say phishing poses the greatest AI risk—Chief Information Security Officer (CISO) concerns over artificial int...
- + Ransomware affected 44% of U.S. companies—In 2024, ransomware attacks affected 44% of U.S. companies, with 43% o...
- show more ...
As of 10/5/24 11:34pm. Last new 10/4/24 9:24am. Score: 396
- + Crime Is Down, FBI Says, but Politicians Still Choose Statistics to Fit Their Narratives—10/5/24 ...
- + In 2019, Congress Finally Funded Gun Violence Research. Here’s How It’s Changed the Field—10/5/24 ...
- + Taiwan Mobilizes Civil society to Bolster Civil Defense—10/5/24 ...
- + Research Sheds Light on Impact and Bias of Voter Purging in Michigan—10/5/24 ...
- + Fact-Checking the Viral Conspiracies in the Wake of Hurricane Helene—10/5/24 ...
- + Some Online Conspiracy-Spreaders Don’t Even Believe the Lies They’re Spewing—10/5/24 ...
- + Hurricanes Linked to Higher Death Rates Long After Storms Pass—10/5/24 ...
- + Counties Call for Rural Groundwater Management Despite Some Voters Rejecting It—10/5/24 ...
- + Why Trump Is Lying About Disaster Relief | U.S. Migration Is More Complex Than Politics Show | Florida Communities Hit by 3 Hurricanes Grapple with Whether to Rebuild, and more—10/5/24 ...
- + The Mother of All Security Crises | The Lessons and Legacy of October 7 | Austria’s Far Right Did Not Win, and more—10/5/24 ...
- show more ...
As of 10/5/24 11:32pm. Last new 10/5/24 11:32pm. Score: 394
- + 100+ domains seized to stymie Russian Star Blizzard hackers—Microsoft and the US Justice Department have seized over 100 domains u...
- + October 2024 Patch Tuesday forecast: Recall can be recalled—October arrived, and Microsoft started the month by announcing the rel...
- + Best practices for implementing threat exposure management, reducing cyber risk exposure—In this Help Net Security interview, Sanaz Yashar, CEO at Zafran, disc...
- + MaLDAPtive: Open-source framework for LDAP SearchFilter parsing, obfuscation, and more!—MaLDAPtive is an open-source framework for LDAP SearchFilter parsing, ...
- + Cybercriminals capitalize on poorly configured cloud environments—Off-the-shelf offensive security tools and poorly configured cloud env...
- + New infosec products of the week: October 4, 2024—Here’s a look at the most interesting products from the past week, fea...
- + Critical Ivanti Endpoint Manager flaw exploited (CVE-2024-29824)—CVE-2024-29824, an unauthenticated SQL Injection vulnerability in Ivan...
- + Malwarebytes Browser Guard updates block unwanted and unsafe content—Malwarebytes released new features for Browser Guard, its free browser...
- + Darktrace brings real-time cloud detection and response to Microsoft Azure customers—Darktrace announced the expansion of Darktrace / CLOUD to support Micr...
- + CUPS vulnerabilities could be abused for DDoS attacks—While the Common UNIX Printing System (CUPS) vulnerabilities recently ...
- show more ...
As of 10/5/24 11:35pm. Last new 10/5/24 9:17am. Score: 393
- + Popular NFT Marketplace Phished for $540M—In March, a North Korean APT siphoned blockchain gaming platform Axie ...
- + ‘CryptoRom’ Crypto-Scam is Back via Side-Loaded Apps—Scammers are bypassing Apple's App Store security, stealing thousands ...
- + Free HermeticRansom Ransomware Decryptor Released—Cruddy cryptography means victims whose files have been encrypted by t...
- + Cybercriminals Target Alibaba Cloud for Cryptomining, Malware—Malicious groups disable features in Alibaba Cloud ECS instances for M...
- + Google Ads for Faux Cryptowallets Net Scammers At Least $500K—Malicious Phantom, MetaMask cryptowallets are on the prowl to drain vi...
- + Squid Game Crypto Scammers Rip Off Investors for Millions—Anti-dumping code kept investors from selling SQUID while fraudsters c...
- + OpenSea ‘Free Gift’ NFTs Drain Cryptowallet Balances—Cybercriminals exploited bugs in the world's largest digital-goods mar...
- + Oops! Compound DeFi Platform Gives Out $90M, Would Like it Back, Please—The Compound cryptocurrency exchange accidentally botched a platform u...
- + Financial Cybercrime: Following Cryptocurrency via Public Ledgers—John Hammond, security researcher with Huntress, discusses a wallet-hi...
- + WhatsApp’s End-to-End Encryption Isn’t Actually Broken—WhatsApp’s moderators sent messages flagged by intended recipients. Re...
As of 10/5/24 11:39pm. Last new 10/1/24 12:15am. Score: 369
- + Technical Language Processing Community of Interest 2024 Meeting—Join Us for the 2024 TLP COI Meeting and Workshop The Technical Langua...
- + Additive Construction – The Path to Standardization II—The National Institute of Standards and Technology (NIST) Engineering ...
- + 2024 NIST-NSF Disaster Resilience Research Symposium—In cooperation with the National Science Foundation, the Engineering L...
- + Upcoming ANSI Brainstorming Session for Critical and Emerging Technologies: Enabling Automated and Connected Infrastructure Through Public-Private Partnerships—American National Standards Institute (ANSI) is hosting two separate b...
- + NIST Participates in White House Summit on Standards for Critical and Emerging Technology—A new Implementation Roadmap provides recommendations and actions for ...
- + Upcoming ANSI Brainstorming Session for Critical and Emerging Technologies: Enabling Artificial Intelligence and Machine Learning Through Public-Private Partnerships—American National Standards Institute (ANSI) is hosting two separate b...
- + An RM for Measuring Cannabinoids and Toxic Elements in Hemp—The Hemp Plant reference material (RM 8210) provides values for cannab...
- + SIM Approval of the NIST Office of Reference Materials Quality Management System—The NIST Office of Reference Materials implements a quality management...
- + IEEE 1451.0 - 2024 Standard Published Under Leadership of NIST Researchers—NIST researchers Eugene Song and Kang Lee chaired and led the developm...
- + Hawaii MEP Tours the CTL Operational Technology Cybersecurity Laboratory—NIST researchers from the Communications Technology Laboratory's Smart...
- show more ...
As of 10/5/24 11:39pm. Last new 9/30/24 9:24pm. Score: 327
- + Safeguarding Health Information: Building Assurance through HIPAA Security 2024—The Department of Health and Human Services (HHS) Office for Civil Rig...
- + Workshop on Whole Community Public Safety and Resilience in Smart Cities—The Smart Connected Systems Division of NIST is launching a research p...
- + Additive Construction – The Path to Standardization II—The National Institute of Standards and Technology (NIST) Engineering ...
- + Applicant’s Webinar: Inside the 2024 Presidential Cybersecurity Education Award Application—Speakers: Kristi Rice Teacher Spotsylvania High School 2021 Presidenti...
- + Hawaii MEP Tours the CTL Operational Technology Cybersecurity Laboratory—NIST researchers from the Communications Technology Laboratory's Smart...
- + NIST Workshop on the Requirements for an Accordion Cipher Mode 2024—FULL WORKSHOP DETAILS NIST will host a workshop on the development of ...
- + 2024 Iris Experts Group (IEG) Meeting—The Iris Experts Group (IEG) will hold their annual meeting on Thursda...
- + NICE Webinar: Empowering Refugee Communities in Cybersecurity Roles—The presentation slides are available here. Download the Continuing Ed...
- + NIST Launches Collaborative Research Effort on Digital Identity to Support Secure Delivery of Public Benefits—The collaboration aims to support secure, equitable access to vital pu...
- + NIST Publishes Automated Vehicles Workshop Report—NIST held a virtual workshop in September 2023 on Standards and Perfor...
- show more ...
As of 10/5/24 11:40pm. Last new 9/30/24 11:37pm. Score: 305
- + OISF 2023 Videos—OISF 2023 Videos These are the videos from the OISF Anniversary Ev...
- + OISF 2022—OISF 2022 These are the videos from the OISF Anniversary Event . ...
- + Brian Rea (DeviantOllam Deviant) and Lesley Carhart (Hacks4Pancakes) continue their harassment of me—Please notice I left these people alone for a long period of time and ...
- + OSInt, Doxing And Cyberstalking Page Updated—Link: http://www.irongeek.com/i.php?page=security/doxing-footprinting...
- + OISF 2021 Videos—OISF 2021 Videos These are the videos from the OISF Anniversary E...
- + BSides Cleveland 2021 Videos—BSides Cleveland 2021 Videos These are the videos from the Bsides ...
- + Who's Your Hacker —Who's Your Hacker Con Webinar Series Who's Your Hacker Con is putting...
- + BSides Tampa 2020 Videos —Link: http://www.irongeek.com/i.php?page=videos/bsidestampa2020/mainl...
- + Louisville Infosec 2019 Videos—Link: http://www.irongeek.com/i.php?page=videos/louisvilleinfosec2019...
- + BSidesCT 2019 Video —Link: http://www.irongeek.com/i.php?page=videos/bsidesct2019/mainlist...
- show more ...
As of 10/5/24 11:36pm. Last new 9/30/24 11:47pm. Score: 299
- + Windows Essentials - Microsoft Support—Windows Essentials reached end of support on January 10, 2017 and is n...
- + Windows XP support has ended - Microsoft Support—Get end of support information for Windows XP and find out what you ne...
- + Unlock your Windows 10 phone remotely - Microsoft Support—Unlock your Windows 10 phone remotely
- + Get the Windows 10 Mobile Fall Creators Update - Microsoft Support—Windows 10 Mobile automatically downloads and installs updates when th...
- + Copy music and videos to your phone - Microsoft Support—Copy music and videos to your phone
- + How Windows 10 is similar to Windows 7 - Microsoft Support—Find out how Windows 10 is similar to Windows 7 to make your move from...
- + Skylake systems supported on Windows 7 and Windows 8.1 - Microsoft Support—Find a list of computer manufacturers who have certified systems with ...
- + Defragment / optimize your data drives in Windows - Microsoft Support—Learn how to use Manage and Optimize Drives to keep your disk and data...
- + Update your security processor (TPM) firmware - Microsoft Support—Learn how to update your security processor or TPM firmware to protect...
- + Protecting your device against chip-related security vulnerabilities - Microsoft Support—Find out what steps you can take to protect your device against the re...
- show more ...
As of 10/5/24 11:49pm. Last new 10/5/24 3:17am. Score: 196