Don’t miss

Prevent attackers from using legitimate tools against you

Artificial Intelligence, attacks, Don't miss, Expert analysis, Expert corner, exploit, Hot stuff, Malware, opinion, Ransomware, vulnerability, WithSecure /

Prevent attackers from using legitimate tools against you 10/05/2023 at 07:21 By Help Net Security Malicious actors are increasingly exploiting legitimate tools to accomplish their goals, which include disabling security measures, lateral movement, and transferring files. Using commonly available tools allows attackers to evade detection. While custom-built tools or malware can be flagged as malicious […]

React to this headline:

Loading spinner

Prevent attackers from using legitimate tools against you Read More »

The security and privacy risks of large language models

Don't miss, Hot stuff, Video /

The security and privacy risks of large language models 10/05/2023 at 07:00 By Help Net Security A large language model (LLM) is an artificial intelligence (AI) algorithm that employs deep learning methodologies, and extensive data sets to comprehend, condense, create, and predict new content. An example of an LLM is ChatGPT, a model developed by

React to this headline:

Loading spinner

The security and privacy risks of large language models Read More »

Microsoft fixes two actively exploited bugs, one used by BlackLotus bootkit (CVE-2023-29336, CVE-2023-24932)

Automox, Don't miss, Hot stuff, Microsoft, News, Patch Tuesday, security update, SharePoint, Tenable, Trend Micro, Windows /

Microsoft fixes two actively exploited bugs, one used by BlackLotus bootkit (CVE-2023-29336, CVE-2023-24932) 09/05/2023 at 22:15 By Zeljka Zorz For May 2023 Patch Tuesday, Microsoft has delivered fixes for 38 CVE-numbered vulnerabilities, including a patch for a Windows bug (CVE-2023-29336) and a Secure Boot bypass flaw (CVE-2023-24932) exploited by attackers in the wild. The two

React to this headline:

Loading spinner

Microsoft fixes two actively exploited bugs, one used by BlackLotus bootkit (CVE-2023-29336, CVE-2023-24932) Read More »

Microsoft Authenticator push notifications get number matching

authentication, Don't miss, Hot stuff, MFA, Microsoft, News /

Microsoft Authenticator push notifications get number matching 09/05/2023 at 15:31 By Helga Labus Microsoft has enabled number matching for Microsoft Authenticator push notifications to improve user sign-in security. Authenticator MFA number matching in action (Source: Microsoft) “If the user has a different default authentication method, there’s no change to their default sign-in. If the default

React to this headline:

Loading spinner

Microsoft Authenticator push notifications get number matching Read More »

Finding bugs in AI models at DEF CON 31

Artificial Intelligence, DEF CON, Don't miss, Hot stuff, News, red team /

Finding bugs in AI models at DEF CON 31 09/05/2023 at 12:12 By Helga Labus DEF CON’s AI Village will host the first public assessment of large language models (LLMs) at the 31st edition of the hacker convention this August, aimed at finding bugs in and uncovering the potential for misuse of AI models. The

React to this headline:

Loading spinner

Finding bugs in AI models at DEF CON 31 Read More »

To enable ethical hackers, a law reform is needed

cybercriminals, cybersecurity, Don't miss, Expert analysis, Expert corner, hacker, HackerOne, Hot stuff, law, opinion, UK, vulnerability /

To enable ethical hackers, a law reform is needed 09/05/2023 at 08:13 By Help Net Security Organizations need to be able to match the ingenuity and resources of cybercriminals to better defend themselves against the increasing number of threats and attacks that could paralyze their business. Unfortunately, some laws restrict genuine security research. As we

React to this headline:

Loading spinner

To enable ethical hackers, a law reform is needed Read More »

Unattended API challenge: How we’re losing track and can we get full visibility

API security, BLST Security, CISO, Cloud, data breach, Don't miss, News, opinion, vulnerability /

Unattended API challenge: How we’re losing track and can we get full visibility 09/05/2023 at 08:13 By Help Net Security API sprawl is a prevalent issue in modern enterprises, as APIs are being developed and deployed at an unprecedented rate. As highlighted by Postman’s 2022 State of the API Report, “89% of respondents said organizations’

React to this headline:

Loading spinner

Unattended API challenge: How we’re losing track and can we get full visibility Read More »

How 2022’s threats will impact the global landscape in 2023

cybersecurity, Don't miss, Elastic, Hot stuff, threats, Video /

How 2022’s threats will impact the global landscape in 2023 09/05/2023 at 08:13 By Help Net Security In this Help Net Security video, Devon Kerr, Team Lead, Elastic Security Labs, talks about the 2023 Global Threat Report Spring edition. Key takeaways In this report, the Elastic Security team highlights how they’ve noticed a slight increase

React to this headline:

Loading spinner

How 2022’s threats will impact the global landscape in 2023 Read More »

MSI’s firmware, Intel Boot Guard private keys leaked

Binarly, code signing, data breach, Data leak, Don't miss, firmware, Hot stuff, Intel, MSI, News, public-key cryptography, Ransomware /

MSI’s firmware, Intel Boot Guard private keys leaked 08/05/2023 at 15:07 By Zeljka Zorz The cybercriminals who breached Taiwanese multinational MSI last month have apparently leaked the company’s private code signing keys on their dark web site. The breach MSI (Micro-Star International) is a corporation that develops and sells computers (laptops, desktops, all-in-one PCs, servers,

React to this headline:

Loading spinner

MSI’s firmware, Intel Boot Guard private keys leaked Read More »

Western Digital store offline due to March breach

data breach, data theft, Don't miss, Hot stuff, News, Western Digital /

Western Digital store offline due to March breach 08/05/2023 at 13:02 By Helga Labus The Western Digital online store is offline as a result of the “network security incident” it suffered in March 2023. Users have been notified On May 5, 2023, the company emailed its customers to say that an unauthorized party obtained a

React to this headline:

Loading spinner

Western Digital store offline due to March breach Read More »

Your voice could be your biggest vulnerability

Artificial Intelligence, cybercriminals, cybersecurity, Don't miss, McAfee, News, scams /

Your voice could be your biggest vulnerability 08/05/2023 at 08:09 By Help Net Security AI technology is fueling a rise in online voice scams, with just three seconds of audio required to clone a person’s voice, according to McAfee. McAfee surveyed 7,054 people from seven countries and found that a quarter of adults had previously

React to this headline:

Loading spinner

Your voice could be your biggest vulnerability Read More »

The true numbers behind deepfake fraud

Don't miss, Hot stuff, Regula, Video /

The true numbers behind deepfake fraud 08/05/2023 at 08:09 By Help Net Security The rise of AI-generated identity fraud like deepfakes is alarming, with 37% of organizations experiencing voice fraud and 29% falling victim to deepfake videos, according to a survey by Regula. In this Help Net Security video, Henry Patishman, Executive VP of Identity

React to this headline:

Loading spinner

The true numbers behind deepfake fraud Read More »

The WhatsApp of secure computation

cybersecurity, data, Don't miss, Encryption, Expert analysis, Expert corner, Hot stuff, opinion, WhatsApp, Zama /

The WhatsApp of secure computation 08/05/2023 at 08:09 By Help Net Security A key term when discussing encryption these days is end-to-end (E2E) encryption. The idea with E2E encryption is that data is kept confidential between the encryptor and the intended receiver. This might seem an obvious requirement, but not all so-called secure systems offer

React to this headline:

Loading spinner

The WhatsApp of secure computation Read More »

Scroll to Top