Hot stuff

Google notifies users about dark web exposure

Android, dark web, Don't miss, Gmail, Google, Hot stuff, News, Privacy /

Google notifies users about dark web exposure 11/05/2023 at 15:46 By Helga Labus Google has announced new tools, features and updates to improve users’ online safety, help them evaluate content found online, and alert them if their Gmail identity appears on the dark web. New tools and options for users A new tool called About […]

React to this headline:

Loading spinner

Google notifies users about dark web exposure Read More »

Dragos blocks ransomware attack, brushes aside extortion attempt

data theft, Don't miss, Dragos, Hot stuff, News, Ransomware /

Dragos blocks ransomware attack, brushes aside extortion attempt 11/05/2023 at 15:46 By Zeljka Zorz A ransomware group has tried and failed to extort money from Dragos, the industrial cybersecurity firm has confirmed on Wednesday, and reassured that none of its systems or its Dragos Platform had been breached. What happened? “The criminal group gained access

React to this headline:

Loading spinner

Dragos blocks ransomware attack, brushes aside extortion attempt Read More »

CISOs confront mounting obstacles in tracking cyber assets

asset discovery, CISO, Don't miss, Hot stuff, IT assets, Paladin Cloud, strategy, tips, Video /

CISOs confront mounting obstacles in tracking cyber assets 11/05/2023 at 07:10 By Help Net Security Monitoring assets in ever-changing settings operating in both development and production stages presents challenges. In this Help Net Security video, Daniel Deeney, CEO at Paladin Cloud, discusses how companies face difficulties identifying security threats within cloud environments. As businesses transition

React to this headline:

Loading spinner

CISOs confront mounting obstacles in tracking cyber assets Read More »

Never leak secrets to your GitHub repositories again

code, Data leak, Don't miss, GitHub, Hot stuff, News, open source, scanning, software development /

Never leak secrets to your GitHub repositories again 10/05/2023 at 14:47 By Helga Labus GitHub is making push protection – a security feature designed to automatically prevent the leaking of secrets to repositories – free for owners of all public repositories. Previously, the feature was available only for private repositories with a GitHub Advanced Security

React to this headline:

Loading spinner

Never leak secrets to your GitHub repositories again Read More »

Turla’s Snake malware network disrupted by Five Eyes’ agencies

APT, CISA, cyber espionage, cybercrime, Don't miss, FBI, government-backed attacks, Hot stuff, Malware, malware analysis, malware detection, News, NSA /

Turla’s Snake malware network disrupted by Five Eyes’ agencies 10/05/2023 at 14:47 By Help Net Security The US Justice Department announced the completion of court-authorized operation MEDUSA, to disrupt a global peer-to-peer network of computers compromised by sophisticated malware, called “Snake” (aka “Uroburous”), that the US Government attributes to a unit within Center 16 of

React to this headline:

Loading spinner

Turla’s Snake malware network disrupted by Five Eyes’ agencies Read More »

Prevent attackers from using legitimate tools against you

Artificial Intelligence, attacks, Don't miss, Expert analysis, Expert corner, exploit, Hot stuff, Malware, opinion, Ransomware, vulnerability, WithSecure /

Prevent attackers from using legitimate tools against you 10/05/2023 at 07:21 By Help Net Security Malicious actors are increasingly exploiting legitimate tools to accomplish their goals, which include disabling security measures, lateral movement, and transferring files. Using commonly available tools allows attackers to evade detection. While custom-built tools or malware can be flagged as malicious

React to this headline:

Loading spinner

Prevent attackers from using legitimate tools against you Read More »

The security and privacy risks of large language models

Don't miss, Hot stuff, Video /

The security and privacy risks of large language models 10/05/2023 at 07:00 By Help Net Security A large language model (LLM) is an artificial intelligence (AI) algorithm that employs deep learning methodologies, and extensive data sets to comprehend, condense, create, and predict new content. An example of an LLM is ChatGPT, a model developed by

React to this headline:

Loading spinner

The security and privacy risks of large language models Read More »

Microsoft fixes two actively exploited bugs, one used by BlackLotus bootkit (CVE-2023-29336, CVE-2023-24932)

Automox, Don't miss, Hot stuff, Microsoft, News, Patch Tuesday, security update, SharePoint, Tenable, Trend Micro, Windows /

Microsoft fixes two actively exploited bugs, one used by BlackLotus bootkit (CVE-2023-29336, CVE-2023-24932) 09/05/2023 at 22:15 By Zeljka Zorz For May 2023 Patch Tuesday, Microsoft has delivered fixes for 38 CVE-numbered vulnerabilities, including a patch for a Windows bug (CVE-2023-29336) and a Secure Boot bypass flaw (CVE-2023-24932) exploited by attackers in the wild. The two

React to this headline:

Loading spinner

Microsoft fixes two actively exploited bugs, one used by BlackLotus bootkit (CVE-2023-29336, CVE-2023-24932) Read More »

Microsoft Authenticator push notifications get number matching

authentication, Don't miss, Hot stuff, MFA, Microsoft, News /

Microsoft Authenticator push notifications get number matching 09/05/2023 at 15:31 By Helga Labus Microsoft has enabled number matching for Microsoft Authenticator push notifications to improve user sign-in security. Authenticator MFA number matching in action (Source: Microsoft) “If the user has a different default authentication method, there’s no change to their default sign-in. If the default

React to this headline:

Loading spinner

Microsoft Authenticator push notifications get number matching Read More »

Finding bugs in AI models at DEF CON 31

Artificial Intelligence, DEF CON, Don't miss, Hot stuff, News, red team /

Finding bugs in AI models at DEF CON 31 09/05/2023 at 12:12 By Helga Labus DEF CON’s AI Village will host the first public assessment of large language models (LLMs) at the 31st edition of the hacker convention this August, aimed at finding bugs in and uncovering the potential for misuse of AI models. The

React to this headline:

Loading spinner

Finding bugs in AI models at DEF CON 31 Read More »

To enable ethical hackers, a law reform is needed

cybercriminals, cybersecurity, Don't miss, Expert analysis, Expert corner, hacker, HackerOne, Hot stuff, law, opinion, UK, vulnerability /

To enable ethical hackers, a law reform is needed 09/05/2023 at 08:13 By Help Net Security Organizations need to be able to match the ingenuity and resources of cybercriminals to better defend themselves against the increasing number of threats and attacks that could paralyze their business. Unfortunately, some laws restrict genuine security research. As we

React to this headline:

Loading spinner

To enable ethical hackers, a law reform is needed Read More »

How 2022’s threats will impact the global landscape in 2023

cybersecurity, Don't miss, Elastic, Hot stuff, threats, Video /

How 2022’s threats will impact the global landscape in 2023 09/05/2023 at 08:13 By Help Net Security In this Help Net Security video, Devon Kerr, Team Lead, Elastic Security Labs, talks about the 2023 Global Threat Report Spring edition. Key takeaways In this report, the Elastic Security team highlights how they’ve noticed a slight increase

React to this headline:

Loading spinner

How 2022’s threats will impact the global landscape in 2023 Read More »

MSI’s firmware, Intel Boot Guard private keys leaked

Binarly, code signing, data breach, Data leak, Don't miss, firmware, Hot stuff, Intel, MSI, News, public-key cryptography, Ransomware /

MSI’s firmware, Intel Boot Guard private keys leaked 08/05/2023 at 15:07 By Zeljka Zorz The cybercriminals who breached Taiwanese multinational MSI last month have apparently leaked the company’s private code signing keys on their dark web site. The breach MSI (Micro-Star International) is a corporation that develops and sells computers (laptops, desktops, all-in-one PCs, servers,

React to this headline:

Loading spinner

MSI’s firmware, Intel Boot Guard private keys leaked Read More »

Western Digital store offline due to March breach

data breach, data theft, Don't miss, Hot stuff, News, Western Digital /

Western Digital store offline due to March breach 08/05/2023 at 13:02 By Helga Labus The Western Digital online store is offline as a result of the “network security incident” it suffered in March 2023. Users have been notified On May 5, 2023, the company emailed its customers to say that an unauthorized party obtained a

React to this headline:

Loading spinner

Western Digital store offline due to March breach Read More »

The true numbers behind deepfake fraud

Don't miss, Hot stuff, Regula, Video /

The true numbers behind deepfake fraud 08/05/2023 at 08:09 By Help Net Security The rise of AI-generated identity fraud like deepfakes is alarming, with 37% of organizations experiencing voice fraud and 29% falling victim to deepfake videos, according to a survey by Regula. In this Help Net Security video, Henry Patishman, Executive VP of Identity

React to this headline:

Loading spinner

The true numbers behind deepfake fraud Read More »

The WhatsApp of secure computation

cybersecurity, data, Don't miss, Encryption, Expert analysis, Expert corner, Hot stuff, opinion, WhatsApp, Zama /

The WhatsApp of secure computation 08/05/2023 at 08:09 By Help Net Security A key term when discussing encryption these days is end-to-end (E2E) encryption. The idea with E2E encryption is that data is kept confidential between the encryptor and the intended receiver. This might seem an obvious requirement, but not all so-called secure systems offer

React to this headline:

Loading spinner

The WhatsApp of secure computation Read More »

Scroll to Top