Uncategorized

Say hello to Downfall, another data-leaking security hole in several years of Intel chips

Say hello to Downfall, another data-leaking security hole in several years of Intel chips 09/08/2023 at 22:47 By Thomas Claburn It is with a heavy heart that we must announce that the boffins are at it again Black Hat  Googlers have lately found not one but two more security vulnerabilities in Intel and AMD processors […]

React to this headline:

Loading spinner

Say hello to Downfall, another data-leaking security hole in several years of Intel chips Read More »

Researchers discover algorithm to create shapes that roll down pre-determined paths

Researchers discover algorithm to create shapes that roll down pre-determined paths 09/08/2023 at 22:35 By Lindsay Clark Lopsided solids promise applications in quantum mechanics and medicine Researchers have developed a method to construct solid objects that roll down pre-determined paths, which they reckon could have applications in quantum mechanics and medicine.… This article is an

React to this headline:

Loading spinner

Researchers discover algorithm to create shapes that roll down pre-determined paths Read More »

Rapid7 prepares to toss 18% of workforce to cut costs

Rapid7 prepares to toss 18% of workforce to cut costs 09/08/2023 at 21:03 By Paul Kunert Operating expenses almost as high as actual turnover in latest quarterly numbers Rapid7 is initiating a restructuring process that will involve shedding 18 percent of its workforce after net losses widened over the most recent quarter.… This article is

React to this headline:

Loading spinner

Rapid7 prepares to toss 18% of workforce to cut costs Read More »

Large-user applications vulnerable to dependency confusion attacks

Large-user applications vulnerable to dependency confusion attacks 09/08/2023 at 19:48 By A OX Security report found applications with more than 1 billion users are using dependencies which are vulnerable to dependency confusion attacks. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

Large-user applications vulnerable to dependency confusion attacks Read More »

Collide+Power, Downfall, and Inception: New Side-Channel Attacks Affecting Modern CPUs

Collide+Power, Downfall, and Inception: New Side-Channel Attacks Affecting Modern CPUs 09/08/2023 at 19:31 By Cybersecurity researchers have disclosed details of a trio of side-channel attacks that could be exploited to leak sensitive data from modern CPUs. Called Collide+Power (CVE-2023-20583), Downfall (CVE-2022-40982), and Inception (CVE-2023-20569), the novel methods follow the disclosure of another newly discovered security vulnerability affecting AMD’s Zen 2 architecture-based

React to this headline:

Loading spinner

Collide+Power, Downfall, and Inception: New Side-Channel Attacks Affecting Modern CPUs Read More »

Social media for research and threat intelligence

Social media for research and threat intelligence 09/08/2023 at 19:18 By Learn about threat intelligence on this episode of The Security Podcasts with Igal Lytzki, Incident Response team leader at Perception Point. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

Social media for research and threat intelligence Read More »

Can ‘Mad Libs for incident response’ prevent the next MOVEit?

Can ‘Mad Libs for incident response’ prevent the next MOVEit? 09/08/2023 at 18:17 By Jessica Lyons Hardcastle IBM X-Force lead says yes Black Hat  While MOVEit is just the latest example of a managed file transfer (MFT) tool being exploited by criminals to maximize the amount of data – and money –— they can grab,

React to this headline:

Loading spinner

Can ‘Mad Libs for incident response’ prevent the next MOVEit? Read More »

China-Linked Hackers Strike Worldwide: 17 Nations Hit in 3-Year Cyber Campaign

China-Linked Hackers Strike Worldwide: 17 Nations Hit in 3-Year Cyber Campaign 09/08/2023 at 17:47 By Hackers associated with China’s Ministry of State Security (MSS) have been linked to attacks in 17 different countries in Asia, Europe, and North America from 2021 to 2023. Cybersecurity firm Recorded Future attributed the intrusion set to a nation-state group

React to this headline:

Loading spinner

China-Linked Hackers Strike Worldwide: 17 Nations Hit in 3-Year Cyber Campaign Read More »

The Impact of Patient Care on Healthcare Cybersecurity Practices

The Impact of Patient Care on Healthcare Cybersecurity Practices 09/08/2023 at 17:03 By The role humans play in cybersecurity generally focuses on how people can be the weakest link in an organization’s defense structure. However, when it comes to securing the healthcare industry, people are still paramount, but for quite different reasons. This article is

React to this headline:

Loading spinner

The Impact of Patient Care on Healthcare Cybersecurity Practices Read More »

Northern Ireland police may have endangered its own officers by posting details online in error

Northern Ireland police may have endangered its own officers by posting details online in error 09/08/2023 at 16:02 By Dan Robinson At least it was a blunder and not a hostile attack, unlike what happened to another UK public body this week A spreadsheet containing details of serving Northern Ireland police officers was mistakenly posted

React to this headline:

Loading spinner

Northern Ireland police may have endangered its own officers by posting details online in error Read More »

Organizations concerned about enterprise security from unsafe VPNs

Organizations concerned about enterprise security from unsafe VPNs 09/08/2023 at 15:31 By A recent report reveals that organizations have concerns about their network security due to the risks from VPNs. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

Organizations concerned about enterprise security from unsafe VPNs Read More »

New Android 14 Security Feature: IT Admins Can Now Disable 2G Networks

New Android 14 Security Feature: IT Admins Can Now Disable 2G Networks 09/08/2023 at 15:01 By Google has introduced a new security feature in Android 14 that allows IT administrators to disable support for 2G cellular networks in their managed device fleet. The search giant said it’s introducing a second user setting to turn off

React to this headline:

Loading spinner

New Android 14 Security Feature: IT Admins Can Now Disable 2G Networks Read More »

Continuous Security Validation with Penetration Testing as a Service (PTaaS)

Continuous Security Validation with Penetration Testing as a Service (PTaaS) 09/08/2023 at 15:01 By Validate security continuously across your full stack with Pen Testing as a Service. In today’s modern security operations center (SOC), it’s a battle between the defenders and the cybercriminals. Both are using tools and expertise – however, the cybercriminals have the

React to this headline:

Loading spinner

Continuous Security Validation with Penetration Testing as a Service (PTaaS) Read More »

It’s that time of the year again: the trinity of infosec conferences

It’s that time of the year again: the trinity of infosec conferences 09/08/2023 at 13:50 By Iain Thomson A quick guide to Hacker Summer Camp Black Hat  Another year, another Hacker Summer Camp – the collective phrase for BSidesLV, Black Hat, and DEF CON, the infosec conference trinity that traditionally takes place around about this

React to this headline:

Loading spinner

It’s that time of the year again: the trinity of infosec conferences Read More »

Microsoft Releases Patches for 74 New Vulnerabilities in August Update

Microsoft Releases Patches for 74 New Vulnerabilities in August Update 09/08/2023 at 13:49 By Microsoft has patched a total of 74 flaws in its software as part of the company’s Patch Tuesday updates for August 2023, down from the voluminous 132 vulnerabilities the company fixed last month. This comprises six Critical and 67 Important security vulnerabilities. Also

React to this headline:

Loading spinner

Microsoft Releases Patches for 74 New Vulnerabilities in August Update Read More »

New Android 14 Security Feature: IT Admins Can Now Disable 2G Networks

New Android 14 Security Feature: IT Admins Can Now Disable 2G Networks 09/08/2023 at 13:49 By Google has introduced a new security feature in Android 14 that allows IT administrators to disable support for 2G cellular networks in their managed device fleet. The search giant said it’s introducing a second user setting to turn off

React to this headline:

Loading spinner

New Android 14 Security Feature: IT Admins Can Now Disable 2G Networks Read More »

U.K. Electoral Commission Breach Exposes Voter Data of 40 Million Britons

U.K. Electoral Commission Breach Exposes Voter Data of 40 Million Britons 09/08/2023 at 13:49 By The U.K. Electoral Commission on Tuesday disclosed a “complex” cyber attack on its systems that went undetected for over a year, allowing the threat actors to access years worth of voter data belonging to 40 million people. “The incident was

React to this headline:

Loading spinner

U.K. Electoral Commission Breach Exposes Voter Data of 40 Million Britons Read More »

Malicious Campaigns Exploit Weak Kubernetes Clusters for Crypto Mining

Malicious Campaigns Exploit Weak Kubernetes Clusters for Crypto Mining 09/08/2023 at 13:01 By Exposed Kubernetes (K8s) clusters are being exploited by malicious actors to deploy cryptocurrency miners and other backdoors. Cloud security firm Aqua, in a report shared with The Hacker News, said a majority of the clusters belonged to small to medium-sized organizations, with a smaller

React to this headline:

Loading spinner

Malicious Campaigns Exploit Weak Kubernetes Clusters for Crypto Mining Read More »

Scroll to Top