A high-severity flaw impacting select Four-Faith routers has come under active exploitation in the wild, according to new findings from VulnCheck. The vulnerability, tracked as CVE-2024-12856 (CVSS score: 7.2), has been described as an operating system (OS) command injection bug…
Erstmals Quanten-Teleportation über normales Glasfaserkabel gelungen
Erstmals ist eine Quanten-Teleportation über ein Glasfaserkabel gelungen, das zeitgleich für normalen Internetverkehr genutzt wurde – ein entscheidender Schritt in Richtung sichere Quantenkommunikation. Bisher galt das als unmöglich. Dieser Artikel wurde indexiert von t3n.de – Software & Entwicklung Lesen Sie den…
IT Security News Hourly Summary 2024-12-28 03h : 1 posts
1 posts were published in the last hour 1:9 : Cyber firm’s Chrome extension hijacked to steal user passwords
Cyber firm’s Chrome extension hijacked to steal user passwords
The data-loss startup says it was targeted as part of a “wider campaign to target Chrome extension developers.” © 2024 TechCrunch. All rights reserved. For personal use only. This article has been indexed from Security News | TechCrunch Read the…
Week in Review: Microsoft deactivation flaw, BeyondTrust on KEV, LLM generated malware
Link to episode page This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Steve Zalewski, CISO in Residence Thanks to our show sponsor, ThreatLocker Do zero-day exploits and supply chain attacks keep you…
IT Security News Hourly Summary 2024-12-28 00h : 1 posts
1 posts were published in the last hour 22:55 : IT Security News Daily Summary 2024-12-27
IT Security News Daily Summary 2024-12-27
123 posts were published in the last hour 21:9 : Best of 2024: AT&T Says 110M Customers’ Data Leaked — Yep, it’s Snowflake Again 20:9 : Wendepunkt: OpenAI will sich in For-Profit- und Non-Profit-Sparten aufteilen 20:5 : IT Security News…
Best of 2024: AT&T Says 110M Customers’ Data Leaked — Yep, it’s Snowflake Again
Should’ve used MFA: $T loses yet more customer data—this time, from almost all of them. The post Best of 2024: AT&T Says 110M Customers’ Data Leaked — Yep, it’s Snowflake Again appeared first on Security Boulevard. This article has been…
Wendepunkt: OpenAI will sich in For-Profit- und Non-Profit-Sparten aufteilen
OpenAI hat angekündigt, einen Teil des Unternehmens in einen gewinnorientierten umzuwandeln. Was das für die Gemeinnützigkeit bedeutet – und warum zwei sehr bekannte Persönlichkeiten erbost sind. Dieser Artikel wurde indexiert von t3n.de – Software & Entwicklung Lesen Sie den originalen…
IT Security News Hourly Summary 2024-12-27 21h : 1 posts
1 posts were published in the last hour 19:34 : Detection Engineering: A Case Study
Detection Engineering: A Case Study
In this blog post, we will explore the intricate world of detection engineering. We’ll start by examining the inputs and outputs of detection engineering, and then we’ll illustrate the detection engineering lifecycle. The post Detection Engineering: A Case Study appeared…
Cyberhaven says it was hacked to publish a malicious update to its Chrome extension
The data-loss startup says it was targeted as part of a “wider campaign to target Chrome extension developers.” © 2024 TechCrunch. All rights reserved. For personal use only. This article has been indexed from Security News | TechCrunch Read the…
North Korean Hackers Deploy OtterCookie Malware in Contagious Interview Campaign
North Korean threat actors behind the ongoing Contagious Interview campaign have been observed dropping a new JavaScript malware called OtterCookie. Contagious Interview (aka DeceptiveDevelopment) refers to a persistent attack campaign that employs social engineering lures, with the hacking crew often…
You Can Be a Part of this Grassroots Movement 🧑💻
< div class=”field field–name-body field–type-text-with-summary field–label-hidden”> < div class=”field__items”> < div class=”field__item even”> You ever hear the saying, “it takes a village”? I never really understood the saying until I started going to conferences, attending protests, and working on EFF’s…
The Growing Intersection of Reproductive Rights and Digital Rights: 2024 in Review
< div class=”field field–name-body field–type-text-with-summary field–label-hidden”> < div class=”field__items”> < div class=”field__item even”> Dear reader of our blog, surely by now you know the format: as we approach the end of the year, we look back on our work, count…
Electronic Frontier Alliance Fought and Taught Locally: 2024 in Review
< div class=”field field–name-body field–type-text-with-summary field–label-hidden”> < div class=”field__items”> < div class=”field__item even”> The EFF-chaired Electronic Frontier Alliance (EFA) has had a big year! EFA is a loose network of local groups fighting for digital rights in the United States.…
While the Court Fights Over AI and Copyright Continue, Congress and States Focus On Digital Replicas: 2024 in Review
< div class=”field field–name-body field–type-text-with-summary field–label-hidden”> < div class=”field__items”> < div class=”field__item even”> The phrase “move fast and break things” carries pretty negative connotations in these days of (Big) techlash. So it’s surprising that state and federal policymakers are doing…
Global Age Verification Measures: 2024 in Review
< div class=”field field–name-body field–type-text-with-summary field–label-hidden”> < div class=”field__items”> < div class=”field__item even”> EFF has spent this year urging governments around the world, from Canada to Australia, to abandon their reckless plans to introduce age verification for a variety of…
You Can Be a Part of this Grassroots Movement 🧑💻
< div class=”field field–name-body field–type-text-with-summary field–label-hidden”> < div class=”field__items”> < div class=”field__item even”> You ever hear the saying, “it takes a village”? I never really understood the saying until I started going to conferences, attending protests, and working on EFF’s…
Trio of SQL Injection Vulnerabilities Found in Amazon Redshift Drivers: Update Now
Three severe SQL injection vulnerabilities have been identified in specific Amazon Redshift drivers, posing a significant risk of privilege escalation and data compromise. The vulnerabilities, labeled as CVE-2024-12744, CVE-2024-12745, and CVE-2024-12746, each hold a CVSS severity score of 8.0, emphasizing…
Elektronische Patientenakte: So lässt sich auf die ePAs aller Versicherten zugreifen
Die angeblich sicherste ePA Europas lässt sich von vielen Seiten aus angreifen. Potenziell sind die Daten aller Versicherten gefährdet. (38C3, Datenschutz) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Elektronische Patientenakte: So lässt sich auf…
Microsoft adds another problem to the Windows 11 24H2 naughty list
Santa Satya pops one more issue into his sack just in time for Christmas The trickle of known issues with Windows 11 24H2 has continued with a new one just in time for festive season: installed the operating system using…
You Can Be a Part of this Grassroots Movement 🧑💻
< div class=”field field–name-body field–type-text-with-summary field–label-hidden”> < div class=”field__items”> < div class=”field__item even”> You ever hear the saying, “it takes a village”? I never really understood the saying until I started going to conferences, attending protests, and working on EFF’s…
38C3: Große Sicherheitsmängel in elektronischer Patientenakte 3.0 aufgedeckt
Gravierende Sicherheitslücken müssten bis zum Start der ePA 3.0 noch geschlossen werden. Das demonstrieren Martin Tschirsich und Bianca Kastl auf dem 38C3. Dieser Artikel wurde indexiert von heise Security Lesen Sie den originalen Artikel: 38C3: Große Sicherheitsmängel in elektronischer Patientenakte…