August 2023

22% of BlackHat USA attendants believe AI takeover is already here 15/08/2023 at 23:16 By BlackHat USA attendants were surveyed by Delinea, finding that of 100 attendees polled, 54% said that “passwordless” is a viable concept. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source

AVX10: The benefits of AVX-512 without all the baggage 15/08/2023 at 23:04 By Tobias Mann Turns out bigger isn’t always better Since its introduction, AVX-512 has gotten a bit of bad rap for being hot, power hungry, and inconsistent in its implementation and feature set.… This article is an excerpt from The Register View Original

US shovels cash into supercomputers hoping to stoke fusion future 15/08/2023 at 22:21 By Brandon Vigliarolo $112M for 12 projects announced on heels of LLNL’s second successful fusion ignition Fusion is hot right now – so hot that the US Department of Energy is dumping another $112 million into a dozen supercomputing projects to advance

80% of execs regret calling employees back to the office 15/08/2023 at 21:46 By Jude Karabus Or so says a worrying survey We’re all dumbasses walking around in adult clothes, but you’d hope that the managers in charge of ensuring the company does well and functions properly are relying on something a bit stronger than

Cybercriminals Abusing Cloudflare R2 for Hosting Phishing Pages, Experts Warn 15/08/2023 at 21:30 By Threat actors’ use of Cloudflare R2 to host phishing pages has witnessed a 61-fold increase over the past six months. “The majority of the phishing campaigns target Microsoft login credentials, although there are some pages targeting Adobe, Dropbox, and other cloud

Arizona highlights security measures for the new school year 15/08/2023 at 21:01 By In time with the new school year, the University of Arizona is highlighting some of their security measures, including additional access control. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source

Multiple Flaws Found in ScrutisWeb Software Exposes ATMs to Remote Hacking 15/08/2023 at 20:33 By Four security vulnerabilities in the ScrutisWeb ATM fleet monitoring software made by Iagona could be exploited to remotely break into ATMs, upload arbitrary files, and even reboot the terminals. The shortcomings were discovered by the Synack Red Team (SRT) following a client

Gelsinger: Intel should get more CHIPS Act funding than rivals 15/08/2023 at 20:07 By Dan Robinson And cool it on the export bans, pleads CEO – we want to sell fish, not fishing rods, to China Intel should benefit more from the US government’s $52 billion CHIPS Act largesse than some other companies building local

New Carbanak / Anunak Attack Methodology 15/08/2023 at 19:32 By SpiderLabs Researcher In the last month Trustwave was engaged by multiple hospitality businesses for investigations by an unknown attacker or attackers. The modus operandi for all three investigations were very similar and appear to be a new Carbanak gang attack methodology, focused on the hospitality

Network Encryption in Modern Relational Database Management Systems 15/08/2023 at 19:19 By Martin Rakhmanov In this post I’ll continue on the topic of data encryption (see my previous post on Encrypting Data At Rest). This article is an excerpt from SpiderLabs Blog View Original Source

ModSecurity Advanced Topic of the Week: Detecting Malware with Fuzzy Hashing 15/08/2023 at 19:05 By Ryan Barnett We witnessed a sophisticated phishing campaign on 16th August 2017, targeting victims by sending spoofed phishing email messages appearing to come from Xero. Xero is a New Zealand-based software company that develops cloud-based accounting software for small and medium-sized

Malware Xeroing in on Cloud Accounting Customers 15/08/2023 at 18:51 By Dr. Fahim Abbasi We witnessed a sophisticated phishing campaign on 16th August 2017, targeting victims by sending spoofed phishing email messages appearing to come from Xero. Xero is a New Zealand-based software company that develops cloud-based accounting software for small and medium-sized businesses. The scammers

Look What I Found: Moar Pony! 15/08/2023 at 18:51 By Daniel Chechik In our last episode of “Look What I Found” we talked about a fairly large instance of the Pony Botnet Controller. With the source code of Pony leaked and in the wild, we continue to see new instances and forks of Pony 1.9. One of the latest

Charging your iPhone literally costs Apple millions as Batterygate saga slams shut 15/08/2023 at 18:34 By Brandon Vigliarolo Estimated payments of $65 can now be distributed to those who filed a claim in 2018 lawsuit Apple’s “Batterygate” legal saga is finally swinging shut – in the US, at least – with a final appeal being

67% of government agencies claim confidence in adopting zero trust 15/08/2023 at 18:10 By A recent Swimlane report analyzed federal agencies’ confidence level and adoption of zero trust requirements following a 2022 executive order. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source

Foxconn to spend billions bulking its Indian operations – just for starters 15/08/2023 at 17:49 By Laura Dobberstein Indonesia, Vietnam, Thailand on mega-manufacturer’s list of not-China expansion targets Foxconn CEO Young Liu said on Monday that the massive conglomerate also known as Hon Hai Technology Group plans to invest billions expanding into India – a

Monti Ransomware Returns with New Linux Variant and Enhanced Evasion Tactics 15/08/2023 at 17:33 By The threat actors behind the Monti ransomware have resurfaced after a two-month break with a new Linux version of the encryptor in its attacks targeting government and legal sectors. Monti emerged in June 2022, weeks after the Conti ransomware group shut down

‘Cyber’ Security – must become a board level issue in the UK …really? 15/08/2023 at 17:17 By SpiderLabs Researcher The UK Government is “committed to helpingreduce vulnerability to attacks and ensure that the UK is the safest place todo business” [1]. It’s all part of the much talked about UK Cyber SecurityStrategy [2]. This article