-
+5 +1
Vulnerabilities for AI and ML Applications are Skyrocketing
In their haste to deploy LLM tools, organizations may overlook crucial security practices. The rise in threats like Remote Code Execution indicates an urgent need to improve security measures in AI development.
-
+33 +1
Number of data breaches falls globally, triples in the US
The Global data breach statistics report comes from Surfshark, which counts every leaked email address used to register for online services as a separate user account.
-
+13 +1
Microsoft update to revoke 9 "private" UEFI modules that could be loaded during SecureBoot
Microsoft is announcing the availability of an update for Windows 8 and Windows Server 2012 that revokes the digital signatures for nine private, third-party UEFI (Unified Extensible Firmware Interface) modules that could be loaded during UEFI Secure Boot. When the update is applied, the affected UEFI modules will no longer be trusted and will no longer load on systems where UEFI Secure Boot is enabled.
-
+7 +1
DirBuster-ng? Timing Attacks to Discover Remote Files
Time is one of the key parameters in a pentester’s work. It can either interfere with security analysis efforts by reminding you about the deadline and an eager client, or help you out when performing...
-
+11 +1
Evaluating SteamOS's security posture (a first look)
Security researchers love the new shiny and whilst some like playing games too, I am not one of those. That being said, I have researched UNIX like OS for a number of years and I’m constantly thrilled by the new uses people find for it. This security evaluation was performed against the beta tree of SteamOS, a new, “open” games platform from the developers at Valve.
-
+20 +2
gnupg vulnerability: RSA key material could be extracted by using the sound generated by the compute
We recommend that you upgrade your gnupg packages.
-
-1 0
Художница и коллекционер. Gladys Roldan De Moras
Блог о живописи, современных художниках и фотографах.
-
+21 +1
Sony Pictures Hacked, All Computers Reportedly Unusable
Reports that Sony Pictures has been hacked have been trickling in this morning, after a thread appeared on Reddit claiming all computers at the company were offline due to a hack.
-
+2 +1
Firefox-Debloat: Stop the Snitching
Firefox has been leaking your data to the likes of Google and other ad based platforms. Firefox-Debloat is a project aiming to take on and stop data leaks!
-
+1 +1
Dot-com da-bomb Verisign fires off a Cloudflare rival
Domain biz offers 'DNS Firewall'
-
Current Event+1 +1
FreeBSD-SA-15:13.tcp Resource exhaustion due to sessions stuck in LAST_ACK state
TCP connections transitioning to the LAST_ACK state can become permanently stuck due to mishandling of protocol state in certain situations, which in turn can lead to accumulated consumption and eventual exhaustion of system resources, such as mbufs and sockets.
-
+13 +2
Firefox Under Fire: Anatomy of latest 0-day attack
The recent Firefox attacks are an example of active in-the-wild exploitation of a serious software vulnerability. On the August 6th, the Mozilla Foundation released a security update for the Firefox web browser that fixes the CVE-2015-4495 vulnerability in Firefox’s embedded PDF viewer, PDF.js. This vulnerability allowed attackers to bypass the same-origin policy and execute JavaScript remotely that will be interpreted in the local file context.
-
+9 +1
Attackers are hijacking critical networking gear from Cisco, company warns
Cisco Systems officials are warning customers of a series of attacks that completely hijack critical networking gear by swapping out the valid ROMMON firmware image with one that's been maliciously altered. The attackers use valid administrator credentials, an indication the attacks are being carried out either by insiders or people who have otherwise managed to get hold of the highly sensitive passwords required to update and make changes to the Cisco hardware.
-
+17 +1
Cloud computing debate
Big companies have embraced the cloud more slowly than expected. Some are holding back because of the cost. Others are wary of entrusting sensitive data to another firm’s servers. Should companies be doing most of their computing in the cloud?
-
+19 +2
Hack Brief: Emergency-Number Hack Bypasses Android Lock Screens
A new lock screen bypass technique requires little more than typing a long string of characters and repeatedly pressing the camera shutter button.
-
-1 +1
Attackers Infect Cisco Routers with "SYNful Knock" Backdoor to Steal Data | Hacked
Security researchers at FireEye have discovered attackers siphoning data from networks by infecting Cisco routers through a backdoor malware.
-
+2 +1
DDoS Mitigation Skills Are In Demand | Incapsula.com
With the number of DDoS attacks on websites on the rise, companies are looking for network and security professionals who can lead in-house DDoS mitigation efforts.
-
+24 +2
Opinion: Why we all have a stake in encryption policy
Rapid advances in technology could soon turn science fiction notions of effortless encryption into a reality. But ensuring that we can trust that technology will take more public vigilance against government and corporate eavesdropping.
-
+20 +2
Your broadband router is not as secure as you think it is
New research has found the firmware that runs most broadband routers is years out of date and riddled with potential security holes.
-
+23 +3
The most common passwords of 2015 are a reminder to up your online security game
At a time when cyber attacks are ever more common, with personal data becoming a commodity, you might imagine that people would have learned their lessons at the expense of nude photo hackings and Ashley Madison data dumping. But as this list of 2015’s most popular passwords goes to show, most of us still like the convenience of something incredibly easy to remember – and even easier to guess.
Submit a link
Start a discussion