A new threat actor group known as Gitloker has launched an alarming campaign that wipes victims’ GitHub repositories and attempts to extort them. Victims are finding their repositories erased, replaced only by a solitary README file bearing the message: “I…
USENIX Security ’23 – Precise and Generalized Robustness Certification for Neural Networks
Authors/Presenters:Yuanyuan Yuan, Shuai Wang, Zhendong Su Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott; and via the…
Neue Regeln bei Disney Plus – der Streamingdienst will nicht nur gegen Account-Sharing vorgehen
Disney Plus macht Ernst im Kampf gegen Account-Sharing. Wie Netflix ermöglicht der Streamingdienst jetzt eine kostenpflichtige Zusatzmitgliedschaft. Das steht außerdem in den neuen Nutzungsbedingungen. Dieser Artikel wurde indexiert von t3n.de – Software & Entwicklung Lesen Sie den originalen Artikel: Neue…
Ukraine Arrests Cryptor Specialist Aiding Conti and LockBit Ransomware
Ukrainian Police have arrested a ransomware cryptor developer in connection with the notorious Conti and LockBit groups. This arrest was the result of Operation Endgame, a major operation that aims to dismantle key elements of these cybercriminal organizations. This article…
Mandiant Report: Snowflake Users Targeted for Data Theft and Extortion
A threat actor exploited the Snowflake platform to target organizations for data theft and extortion using compromised credentials. Learn how to protect your business from this threat. This article has been indexed from Security | TechRepublic Read the original article:…
AWS touts security culture, AI protections at re:Inforce 2024
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Security Resources and Information from TechTarget Read the original article: AWS touts security culture, AI protections at…
Tech Groups Call On US DoJ To Investigate YouTube Monopoly
Open letter urges US Department of Justice to investigate Alphabet’s YouTube for alleged domination of home entertainment sector This article has been indexed from Silicon UK Read the original article: Tech Groups Call On US DoJ To Investigate YouTube Monopoly
Know Your Digital Rights at the Airport | Avast
Everyone knows the drill—shoes off, laptops out, and no water bottles past security. But what about your phone? Are TSA agents allowed to dig through it? Well, like a lot of security-related things, the short answer is… it depends. This…
Tern AI wants to reduce reliance on GPS with low-cost navigation alternative
The most critical systems of our modern world rely on GPS, from aviation and road networks to emergency and disaster response, from precision farming and power grids to weather forecasting and military defense. That dependence is becoming a problem. “We’ve…
Google Warns of Pixel Firmware Zero-Day Under Limited, Targeted Exploitation
The zero-day is tagged as CVE-2024-32896 and described as an elevation of privilege issue in Pixel Firmware. The post Google Warns of Pixel Firmware Zero-Day Under Limited, Targeted Exploitation appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Israeli Researchers Expose Security Flaws in Visual Studio Code Marketplace
A team of Israeli researchers investigated the security of the Visual Studio Code (VSCode) marketplace and managed to “infect” over 100 organizations by embedding risky code into a popular theme, revealing significant vulnerabilities in the system. VSCode, a source code…
Check Point: Security-Lücke wurde nicht nur bei CDU genutzt
1800 Systeme waren laut BSI verwundbar, auch Kritis-Betreiber wurden erfolgreich angegriffen. Dieser Artikel wurde indexiert von heise Security Lesen Sie den originalen Artikel: Check Point: Security-Lücke wurde nicht nur bei CDU genutzt
Port 1801 Traffic: Microsoft Message Queue, (Wed, Jun 12th)
I planned a bit a more conclusive story here, but after running into issues decoding the packets and running out of time between looking at student papers, I figured I would leave it up to the audience ;-) Maybe someone…
Black Basta Ransomware Suspected of Exploiting Windows 0-day Before Patch
The cybersecurity researchers at Symantec have found “strong evidence” suggesting that the Black Basta ransomware gang exploited a critical Windows vulnerability (CVE-2024-26169) before it was patched by Microsoft on March 12, 2024, through its regular Patch Tuesday updates. This article…
National Internet Safety Month: This June, Take 4 Easy Steps to Stay Safe Online
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from CISA Blog Read the original article: National Internet Safety Month: This June, Take 4 Easy Steps to…
Streamlining CLI Authentication: Implementing OAuth Login in Python
When building an application that requires user authentication, implementing a secure login flow is critical. In this article, we’ll walk through how we created a robust OAuth login flow for ggshield, our Python-based command line tool, to streamline the onboarding…
Daniel Stori’s ‘Just Touch It’
<a class=” sqs-block-image-link ” href=”https://turnoff.us/geek/just-touch-it/” rel=”noopener” target=”_blank”> <img alt=”” height=”645″ src=”https://images.squarespace-cdn.com/content/v1/5355d604e4b03c3e9896e131/d970d98e-7000-412e-b306-ff06126a8f7d/just-touch-it.png?format=1000w” width=”640″ /> </a><figcaption class=”image-caption-wrapper”> via the inimitable Daniel Stori at Turnoff.US! Permalink The post Daniel Stori’s ‘Just Touch It’ appeared first on Security Boulevard. This article has been indexed…
Microsoft macht Ernst: Cybersicherheit für Krankenhäuser
Nachdem Microsoft IT-Security zur Priorität erklärt hat, kündigt das Unternehmen ein Cybersicherheitsprogramm für US-Kliniken im ländlichen Raum an. Dieser Artikel wurde indexiert von heise Security Lesen Sie den originalen Artikel: Microsoft macht Ernst: Cybersicherheit für Krankenhäuser
Self-replicating Morris II worm targets AI email assistants
The proliferation of generative artificial intelligence (GenAI) email assistants such as OpenAI’s GPT-3 and Google’s Smart Compose has revolutionized communication workflows. Unfortunately, it has also introduced novel attack vectors for cyber criminals. Leveraging recent advancements in AI and natural language…
Cleveland Cyberattack Turns Public Services Offline for Days
Cleveland cyberattack shut down the City Hall and the Erieview offices for the last two days. Authorities revealed the incident on Monday June 10th and said public services were put offline until further notice. Emergency services and public utilities, like…
MSMQ Vulnerability Allows Hackers to Takeover Microsoft Servers
On June 11th, Microsoft announced fixing a critical RCE vulnerability in their Message Queuing (MSMQ) technology. The flaw is tracked CVE-2024-30080 and has a CVSS score of 9.8 out of 10. Security researchers say threat hackers can exploit it remotely…
Data Security Firm Cyberhaven Raises $88 Million at $488 Million Valuation
Data security company Cyberhaven has raised $88 million in a Series C funding round that brings the total to $136 million. The post Data Security Firm Cyberhaven Raises $88 Million at $488 Million Valuation appeared first on SecurityWeek. This article…
Fortinet Patches Code Execution Vulnerability in FortiOS
Fortinet has patched multiple vulnerabilities in FortiOS, including a high-severity code execution security flaw. The post Fortinet Patches Code Execution Vulnerability in FortiOS appeared first on SecurityWeek. This article has been indexed from SecurityWeek RSS Feed Read the original article:…
Ransomware Group May Have Exploited Windows Vulnerability as Zero-Day
The Black Basta ransomware gang may have exploited the Windows privilege escalation flaw CVE-2024-26169 before it was patched. The post Ransomware Group May Have Exploited Windows Vulnerability as Zero-Day appeared first on SecurityWeek. This article has been indexed from SecurityWeek…