Google hat den Chrome-Webbrowser aktualisiert. Angreifer können Sicherheitslücken zum Ausführen von Schadcode missbrauchen. Dieser Artikel wurde indexiert von heise Security Lesen Sie den originalen Artikel: Google Chrome: Sandbox-Ausbruch durch bestimmte Gesten möglich
heise-Angebot: iX-Workshop IT-Sicherheit: Angriffstechniken verstehen und erfolgreich abwehren
Analysieren Sie aktuelle Angriffstechniken, um die Wirksamkeit Ihrer Schutzmaßnahmen und die Verletzlichkeit Ihrer IT einzuschätzen. (Last Call) Dieser Artikel wurde indexiert von heise Security Lesen Sie den originalen Artikel: heise-Angebot: iX-Workshop IT-Sicherheit: Angriffstechniken verstehen und erfolgreich abwehren
DHL und Yun Express: Paket-Tracking verriet Empfängeradressen
Ein Design-Problem in der Paketverfolgung der Zustelldienste DHL und des chinesischen Versenders Yun Express hat dazu geführt, dass Dritte die Empfängeradressen deutscher DHL-Kunden ansehen konnten. (Sicherheitslücke, Security) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel:…
[UPDATE] [mittel] Mattermost: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff
Ein Angreifer kann mehrere Schwachstellen in Mattermost ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [UPDATE] [mittel] Mattermost: Mehrere Schwachstellen ermöglichen nicht…
Apple Updates Spyware Alert System to Warn Victims of Mercenary Attacks
Apple on Wednesday revised its documentation pertaining to its mercenary spyware threat notification system to mention that it alerts users when they may have been individually targeted by such attacks. It also specifically called out companies like NSO Group for developing commercial…
Check Point entdeckt Typosquatting-Angriffe bei PyPI
PyPI, das offizielle Repository für Python-Softwarepakete, zählt mit einer Nutzerbasis von über 800.000 Personen zu den größten seiner Art. Eine kürzliche Entdeckung durch Check Point CloudGuard enthüllte eine umfangreiche Typosquatting Kampagne auf PyPI, die mehr als 500 bösartige Pakete umfasste.…
Apple alerts users in 92 nations to mercenary spyware attacks
Apple sent threat notifications to iPhone users in 92 countries on Wednesday, warning them that may have been targeted by mercenary spyware attacks. The company sent the alerts to individuals in 92 nations at 12pm Pacific Time Wednesday. It did…
OpenSSL 3.3 Final Release Live
The final release of OpenSSL 3.3 is now live. This is the first release in accordance with our adoption of biannual time-based releases. We would like to thank all those who contributed to the OpenSSL 3.3 release, without whom, OpenSSL…
Fehlercode 0x80070643: Windows-10-Update KB5034441 macht noch immer Probleme
Drei Monate nach Veröffentlichung von KB5034441 bietet Microsoft noch immer nur einen Workaround an, um den Installationsfehler 0x80070643 zu beseitigen. (Windows 10, Microsoft) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Fehlercode 0x80070643: Windows-10-Update KB5034441…
Evolution of Artificial Intelligence Systems and Ensuring Trustworthiness, (Thu, Apr 11th)
We live in a dynamic age, especially with the increasing awareness and popularity of Artificial Intelligence (AI) systems being explored by users and organizations alike. I was recently quizzed by a junior researcher on how AI systems came about and…
NIST CSF: A “Fellowship” for Your Cybersecurity Journey to 2.0
By Samuel Lewis, Senior Security Consultant The National Institute of Standards and Technology (NIST) released version 2.0 of the Cybersecurity Framework (CSF) on February 26, 2024. The original version was released in 2014, one year after Executive Order 13636 was…
Apple Expands Spyware Alert System to Warn Users of Mercenary Attacks
Apple on Wednesday revised its documentation pertaining to its mercenary spyware threat notification system to mention that it alerts users when they may have been individually targeted by such attacks. It also specifically called out companies like NSO Group for developing commercial…
Confidential Computing ermöglicht sichere Gremienarbeit
Bei seiner Suche nach einer sicheren Lösung für die digitale Gremienkommunikation entschied sich der VdW Bayern für einen Datenraum-Dienst, der auf einen Confidential-Computing-Ansatz setzt. Dabei war neben einer intuitiven und mobilen Anwendung vor allem ein hohes Sicherheitsniveau ausschlaggebend. Dieser Artikel…
Fortinet Rolls Out Critical Security Patches for FortiClientLinux Vulnerability
Fortinet has released patches to address a critical security flaw impacting FortiClientLinux that could be exploited to achieve arbitrary code execution. Tracked as CVE-2023-45590, the vulnerability carries a CVSS score of 9.4 out of a maximum of 10. “An Improper…
TenSec 2019
Tencent Security Conference (TenSec) is an international cybersecurity summit launched by Tencent Security, hosted by Tencent Keen Security Lab and Tencent Security Platform Department, and co-organized by Tencent Security Academy. This article has been indexed from Keen Security Lab Blog…
Exploiting Wi-Fi Stack on Tesla Model S
In the past two years, Keen Security Lab did in-depth research on the security of Tesla Cars and presented our research results on Black Hat 2017 and Black Hat 2018. Our research involves many in-vehicle components. We demonstrated how to…
Tencent Keen Security Lab joins GENIVI Alliance
Tencent Keen Security Lab (Keen Lab) has joined the GENIVI Alliance, a non-profit alliance focused on delivering open source, in-vehicle infotainment (IVI) and connected vehicle software. This article has been indexed from Keen Security Lab Blog Read the original article:…
Tencent Keen Security Lab: Experimental Security Assessment on Lexus Cars
Since 2017, Lexus has equipped several models (including Lexus NX, LS and ES series) with a new generation infotainment, which is also known as AVN (Audio, Visual and Navigation) unit. Compared to some Intelligent connected infotainment units, like Tesla IVI…
Tencent Security Keen Lab: Experimental Security Assessment of Mercedes-Benz Cars
MBUX, Mercedes-Benz User Experience is the infotainment system in Mercedes-Benz cockpits. Mercedes-Benz first introduced MBUX in the new A-Class back in 2018, and is adopting MBUX in their entire vehicle line-up, including Mercedes-Benz E-Class, GLE, GLS, EQC, etc. In this…
History of RSA Conference. Bruce Schneier. The First ‘Exhibitor’ in 1994.
Listen to the Audio on SoundCloud.com Bruce Schneier was at the first ever RSA Conference in 1991, and he was the first ‘exhibitor’ in 1994 when he asked Jim Bidzos, Creator of the RSA Conference, if he could sell copies…
Apple issues warning against Mercenary Spyware
Apple Inc has recently updated its threat notification system to include alerts for Mercenary Spyware targeting individuals and companies. Previously, starting from March 2021, Apple had been issuing alerts to users whose devices were targeted by state-sponsored attacks, a response…
How Google’s 90-day TLS certificate validity proposal will affect enterprises
Announced last year, Google’s proposal to reduce the lifespan of TLS (transport layer security) certificates from 13 months to 90 days could be implemented in the near future. It will certainly improve security and shrink the window of opportunity for…
Cyber Espionage: Turla APT Hackers Attack European Organization With Backdoor
Cybersecurity experts have uncovered a failed attempt by the notorious Russia-based Turla Advanced Persistent Threat (APT) group to infiltrate an Albanian organization. This incident is part of a broader cyber espionage campaign targeting European countries, with Poland also falling victim…
Apple alerts users in 92 nations to mercenary attacks in new warning
Apple sent threat notifications to iPhone users in 92 countries on Wednesday, warning them that may have been targeted by mercenary spyware attacks. The company sent the alerts to individuals in 92 nations at 12pm Pacific Time on Wednesday. The iPhone-maker…