Putting AI models to the EU test Chinese researchers don’t break classical encryption… yet Chinese group calls for security reviews on all Intel products Thanks to today’s episode sponsor, Conveyor There’s so many reasons why infosec and presales teams choose…
53% would switch banks if their institution had a data breach: Cyber Security Today for Thursday, October 17, 2024
In this episode, host Jim Love delves into sophisticated phishing attacks, cybersecurity initiatives, and significant changes in data security protocols. Listeners will learn about a national survey revealing that 53% of Canadians would switch banks after a data breach and…
Die Öffentliche Verwaltung als Ziel von Cyberattacken
Die Bedrohungslage durch Cyberattacken auf die Wirtschaft und die öffentliche Verwaltung nimmt immer weiter zu. Die Auswirkungen spüren alle. Dieser Artikel wurde indexiert von Newsfeed Lesen Sie den originalen Artikel: Die Öffentliche Verwaltung als Ziel von Cyberattacken
Solarwinds: Lücken in Plattform und Serv-U ermöglichen Schadcode-Schmuggel
Solarwinds warnt vor Sicherheitslücken in der Plattform und in Serv-U. Angreifer können etwa Code einschleusen oder ihre Rechte ausweiten. Dieser Artikel wurde indexiert von heise Security Lesen Sie den originalen Artikel: Solarwinds: Lücken in Plattform und Serv-U ermöglichen Schadcode-Schmuggel
Microsoft blocked most ransomware attacks and about 600M Cyber attacks
In its recently published Annual Digital Defense Report, Microsoft provided a comprehensive overview of its ongoing efforts to safeguard users and businesses against the growing tide of cyber threats. The report highlights some significant achievements in the field of cybersecurity,…
MongoDB Queryable Encryption now supports range queries on encrypted data
MongoDB Queryable Encryption allows customers to securely encrypt sensitive application data and store it in an encrypted format within the MongoDB database. It also enables direct equality and range queries on the encrypted data without the need for cryptographic expertise.…
Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk
A critical security flaw has been disclosed in the Kubernetes Image Builder that, if successfully exploited, could be abused to gain root access under certain circumstances. The vulnerability, tracked as CVE-2024-9486 (CVSS score: 9.8), has been addressed in version 0.1.38.…
Pokémon game developer breached, TrickMo’s new variants, Ivanti zero-days exploited
Pokémon game developer breached TrickMo hits with 40 new trojan variants Nation-state actor exploits Ivanti zero-days Thanks to today’s episode sponsor, Conveyor It’s spooky season, and nothing’s scarier than all of your account execs asking if you’re done with their…
VW alleged data theft, Finland seizes Sipultie, Calgary library cyberattack
VW says IT infrastructure unaffected after alleged data theft Finland seizes servers of ‘Sipultie’ dark web market Calgary Public Library services limited after cyberattack Thanks to today’s episode sponsor, Conveyor Does the thought of a whopper 300 question security questionnaire…
VMware HCX: Codeschmuggel durch SQL-Injection-Lücke möglich
Broadcom hat mit einem Update eine Sicherheitslücke in VMware HCX geschlossen. Angreifer können durch sie Code einschleusen und ausführen. Dieser Artikel wurde indexiert von heise Security Lesen Sie den originalen Artikel: VMware HCX: Codeschmuggel durch SQL-Injection-Lücke möglich
Organization Hacked Following Accidental Hiring of North Korean Remote IT Worker
A company has fallen victim to a cyberattack after unknowingly hiring a North Korean cybercriminal as a remote IT worker. The unidentified firm, based in the UK, US, or Australia, discovered the breach after the hacker downloaded sensitive data and…
AlpineReplay – 898,681 breached accounts
In 2019, the snow sports tracking app AlpineReplay suffered a data breach that exposed 900k unique email addresses. Later rolled into the Trace service, the breach included names, usernames, genders, dates of birth, weights and passwords stored as either unsalted…
GhostStrike: Open-source tool for ethical hacking
GhostStrike is an open-source, advanced cybersecurity tool tailored for ethical hacking and Red Team operations. It incorporates cutting-edge techniques, including process hollowing, to stealthily evade detection on Windows systems, making it an asset for penetration testing and security assessments. “I…
US contractor pays $300K to settle accusation it didn’t properly look after Medicare users’ data
Resolves allegations it improperly stored screenshots containing PII that were later snaffled A US government contractor will settle claims it violated cyber security rules prior to a breach that compromised Medicare beneficiaries’ personal data.… This article has been indexed from…
How NIS2 will impact sectors from healthcare to energy
In this Help Net Security interview, Mick Baccio, Global Security Advisor at Splunk SURGe, discusses the far-reaching implications of the NIS2 Directive beyond traditional IT security. He explains how NIS2 will fundamentally change cybersecurity governance, making it a core aspect…
AI data collection under fire
A recent Cohesity report found that consumers are highly concerned about the information companies collect from them – especially when it`s used for artificial intelligence – with consumers prepared to punish companies by switching providers for any loss of trust.…
USENIX NSDI ’24 – Finding Adversarial Inputs for Heuristics using Multi-level Optimization
Authors/Presenters:Pooria Namyar, Microsoft and University of Southern California; Behnaz Arzani and Ryan Beckett, Microsoft; Santiago Segarra, Microsoft and Rice University; Himanshu Raj and Umesh Krishnaswamy, Microsoft; Ramesh Govindan, University of Southern California; Srikanth Kandula, Microsoft Our sincere thanks to USENIX,…
Why companies are struggling to keep up with SaaS data protection
While businesses increasingly rely on SaaS tools, many leaders are not fully confident in their ability to safeguard their data, according to Keepit. Growing concerns over SaaS data protection According to the survey, while 28% of respondents expressed high confidence…
Cyberangriff auf Internet Archive offenbar von russischen Hackern durchgeführt
Die freie Internet-Bibliothek mit ihrer “Wayback Machine” war tagelang nicht erreichbar. Es war der Cyberangriff einer russischen Hackergruppe, behauptet diese. Dieser Artikel wurde indexiert von heise Security Lesen Sie den originalen Artikel: Cyberangriff auf Internet Archive offenbar von russischen Hackern…
Navigating the NIS2 Directive: A comprehensive guide for UK businesses
The tech regulatory landscape is constantly evolving, with the imminent Network and Information Security 2 Directive, more widely known as NIS2, that aims to enhance cybersecurity and resilience across the EU. EU Member States have until 17th October 2024 to…
A Turning Point in Loyalty Fraud Prevention
See how a recent FTC settlement highlights the need for effective loyalty fraud prevention strategies to mitigate risk, secure customer data, and minimize financial loss. The post A Turning Point in Loyalty Fraud Prevention appeared first on Security Boulevard. This…
ISC Stormcast For Thursday, October 17th, 2024 https://isc.sans.edu/podcastdetail/9184, (Thu, Oct 17th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Thursday, October 17th, 2024…
Nvidia just dropped a new AI model that crushes OpenAI’s GPT-4—no big launch, just big results
Nvidia quietly launched a groundbreaking AI model that surpasses OpenAI’s GPT-4 and Anthropic’s Claude 3.5, signaling a major shift in the competitive landscape of artificial intelligence. This article has been indexed from Security News | VentureBeat Read the original article:…
Scanning Activity from Subnet 15.184.0.0/16, (Thu, Oct 17th)
I noticed in my logs 2 weeks ago regular probe from a subnet in the Amazone cloud only scanning for TCP/8080 capture by the iptables of my DShield sensor. The scanning started on the 15 Aug – 4 Oct 2024…