Security Boulevard

JULY 22, 2023

Last week I spoke for Jersey Cyber Security Centre ( CERT.JE ) about the changing threats facing us — from the very active offensive cyber campaign forming part of the war in Ukraine, to the emerging threat from AI tools that can be used for harm as well as for good. But the important part of my comments was to show that whilst these cyber threats are real, there are sensible steps we can take to respond — we do not have to bury our heads in the sand and hope for the best.

Cyber threats 98

Cyber threats Authentication Passwords Software 98

Security Affairs

JULY 22, 2023

Researchers warn of several DDoS botnets exploiting a critical flaw tracked as CVE-2023-28771 in Zyxel devices. Fortinet FortiGuard Labs researchers warned of multiple DDoS botnets exploiting a vulnerability impacting multiple Zyxel firewalls. The flaw, tracked as CVE-2023-28771 (CVSS score: 9.8), is a command injection issue that could potentially allow an unauthorized attacker to execute arbitrary code on vulnerable devices.

DDOS 97

DDOS Firmware VPN Firewall 97

Security Boulevard

JULY 22, 2023

In early June 2023, OWASP released the final version of the OWASP API Security Top-10 list update. At that time we published a “hot take” on this final version and followed that up with an in-depth look at the new risk ratings for 2023. Today we’re kicking off a multi-post series in which we take [.] The post 2023 OWASP Top-10 Series: Introduction appeared first on Wallarm.

Risk 98

Risk 98

Bleeping Computer

JULY 22, 2023

Microsoft is making it easier to see how much energy your apps use in Windows 11 over a given period by introducing a detailed power consumption page in the latest 23H2 update. [.

Software 92

Software 92

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

WIRED Threat Level

JULY 22, 2023

Plus: Microsoft expands access to premium security features, AI child sexual abuse material is on the rise, and Netflix’s password crackdown has its intended effect.

Passwords 85

Passwords Hacking 85

Bleeping Computer

JULY 22, 2023

Thousands of Citrix Netscaler ADC and Gateway servers exposed online are likely vulnerable against a critical remote code execution (RCE) bug exploited by unauthenticated attackers in the wild as a zero-day. [.

87

87

Bleeping Computer

JULY 22, 2023

Microsoft will retire the Windows Mail and Calendar applications on Windows 10 and Windows 11 at the end of the year, first auto-migrating users to the new Outlook for Windows app in August. [.

82

82

Security Boulevard

JULY 22, 2023

Waterfox came into the browser scene in 2011, coming right out the box with official x64 support (a rarity among browsers at the time) and promoted itself as an "ethical browser." However, many things have changed in the browser landscape, and even the Waterfox project as whole since 2011. With these changes, can Waterfox be a viable privacy-focused browser?

Data collection 52

Data collection Engineering Encryption DNS 52

Bleeping Computer

JULY 22, 2023

Microsoft is making it easier to see how much energy your apps use in Windows 11 over a given period by introducing a detailed power consumption page in the latest 23H2 update. [.

Software 69

Software 69

Security Boulevard

JULY 22, 2023

Our thanks to BSides Sofia for publishing their presenter’s tremendous BSides Sofia 2023 content on the organizations’ YouTube channel. Permalink The post BSides Sofia 2023 – Victor Bonev – Secure Distroless OCI Images Via YAML appeared first on Security Boulevard.

Architecture 52

Architecture CISO Education Risk 52

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Bleeping Computer

JULY 22, 2023

Thousands of Citrix Netscaler ADC and Gateway servers exposed online are vulnerable to attacks exploiting a critical remote code execution (RCE) bug that was previously abused in the wild as a zero-day. [.

67

67