Sat.Jan 21, 2023

article thumbnail

Publisher’s Weekly Review of A Hacker’s Mind

Schneier on Security

Publisher’s Weekly reviewed A Hacker’s Mind —and it’s a starred review! “Hacking is something that the rich and powerful do, something that reinforces existing power structures,” contends security technologist Schneier ( Click Here to Kill Everybody ) in this excellent survey of exploitation. Taking a broad understanding of hacking as an “activity allowed by the system that subverts the… system,” Schneier draws on his background analyzing wea

Hacking 186
article thumbnail

Hackers now use Microsoft OneNote attachments to spread malware

Bleeping Computer

Threat actors now use OneNote attachments in phishing emails that infect victims with remote access malware which can be used to install further malware, steal passwords, or even cryptocurrency wallets. [.

Malware 135
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Leaking company secrets via generative AIs like ChatGPT

Security Boulevard

For a third party, knowing what people from company X are asking of ChatGPT (or any other generative AI) could be quite interesting and profitable. The post Leaking company secrets via generative AIs like ChatGPT appeared first on Security Boulevard.

article thumbnail

Riot Games hacked, delays game patches after security breach

Bleeping Computer

Riot Games, the video game developer and publisher behind League of Legends and Valorant, says it will delay game patches after its development environment was compromised. [.

Hacking 104
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Around 19,500 end-of-life Cisco routers are exposed to hack

Security Affairs

Researchers warn of about 19,500 end-of-life Cisco VPN routers on the Internet that are exposed to the recently disclosed RCE exploit chain. Cisco recently warned of a critical vulnerability , tracked as CVE-2023-20025 (CVSS score of 9.0), that impacts small business RV016, RV042, RV042G, and RV082 routers. The IT giant announced that these devices will receive no security updates to address the bug because they have reached end of life (EoL).

Hacking 97
article thumbnail

Preparing for FedRAMP Certification and Authorization

Security Boulevard

FedRAMP is a government-wide program that promotes the adoption of secure cloud services across the federal government by providing a standardized approach to security and risk assessment for cloud technologies and federal agencies. Commercial cloud service providers wanting to sell their services to US Federal Agencies, their contractors or suppliers that are part of the […] The post Preparing for FedRAMP Certification and Authorization appeared first on Security Boulevard.

More Trending

article thumbnail

Massive ad-fraud op dismantled after hitting millions of iOS devices

Bleeping Computer

A massive ad fraud operation dubbed 'Vastflux' that spoofed more than 1,700 applications from 120 publishers, mostly for iOS, has been disrupted by security researchers at cybersecurity company HUMAN. [.

article thumbnail

The Biggest US Surveillance Program You Didn’t Know About

WIRED Threat Level

Plus: A leaked US “no fly” list, the SCOTUS leaker slips investigators, and PayPal gets stuffed.

article thumbnail

USENIX Security ’22 – Anunay Kulshrestha, Jonathan Mayer – ‘Estimating Incidental Collection In Foreign Intelligence Surveillance: Large-Scale Multiparty Private Set Intersection with Union And Sum’

Security Boulevard

Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Security ’22 Conference content on the organization’s’ YouTube channel. Permalink The post USENIX Security ’22 – Anunay Kulshrestha, Jonathan Mayer – ‘Estimating Incidental Collection In Foreign Intelligence Surveillance: Large-Scale Multiparty Private Set Intersection with Union And Sum’ appeared first on Security Boulevard.

article thumbnail

Publisher’s Weekly Review of A Hacker’s Mind

Security Boulevard

Publisher’s Weekly reviewed A Hacker’s Mind —and it’s a starred review! “Hacking is something that the rich and powerful do, something that reinforces existing power structures,” contends security technologist Schneier ( Click Here to Kill Everybody ) in this excellent survey of exploitation. Taking a broad understanding of hacking as an “activity allowed by the system that subverts the… system,” Schneier draws on his background analyzing weaknesses in cybersecurity to examine how those with pow

Hacking 52
article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.