Lohrman on Security
JUNE 16, 2024
It’s been six months since I released the Top 24 Security Predictions for 2024, so which predictions are on track and which seem off base — so far? And what’s new as we hit the halfway point in the year?
Troy Hunt
JUNE 16, 2024
What a week! The NDC opening keynote and 3D printing talk both went off beautifully, the latter being the first time for 11-year old Elle on stage: And the pro shots are really cool 😎 pic.twitter.com/ud7ad0pF1x — Troy Hunt (@troyhunt) June 15, 2024 Videos of both will be available in the coming weeks so stay tuned for them. For now, we're at the end of a mostly cold and rainy Norwegian summer trip, heading to the sunny Greek isles for next week's update 😎 Referen
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Penetration Testing
JUNE 16, 2024
Taiwan’s CERT (Computer Emergency Response Team) has issued a critical security advisory regarding a high-severity vulnerability (CVE-2024-6045) affecting numerous models of D-Link wireless routers. The vulnerability, stemming from an undisclosed factory testing backdoor, could... The post D-Link Routers Exposed: Critical Backdoor Vulnerability Discovered (CVE-2024-6045) appeared first on Cybersecurity News.
Security Boulevard
JUNE 16, 2024
Authors/Presenters:Sven Hebrok, Simon Nachtigall, Marcel Maehren, Nurullah Erinola, Robert Merget, Juraj Somorovsky, Jörg Schwenk Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott ; and via the organizations YouTube channel.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Penetration Testing
JUNE 16, 2024
Taiwan’s CERT has issued a critical security alert regarding a severe vulnerability (CVE-2024-3912) found in multiple ASUS router models. The flaw, discovered by security researcher Carlos Köpke, allows remote attackers to execute commands on... The post Critical Security Vulnerability CVE-2024-3912 (CVSS 9.8) Hits ASUS Routers appeared first on Cybersecurity News.
Bleeping Computer
JUNE 16, 2024
A new speculative execution attack named "TIKTAG" targets ARM's Memory Tagging Extension (MTE) to leak data with over a 95% chance of success, allowing hackers to bypass the security feature. [.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Security Boulevard
JUNE 16, 2024
Cyber insurance and cybersecurity, when combined, can provide a powerful combination of protection and risk management. The post The Seven Things You Need to Know About Cyber Insurance appeared first on Security Boulevard.
Tech Republic Security
JUNE 16, 2024
The concept of zero trust implies organizations must work under a constant worst-case scenario. This means assuming breaches are inevitable and that no entity or users — coming from within or from outside the organization — should ever be trusted. This “never trust, always verify” approach significantly reduces the attack surface and minimizes the potential.
WIRED Threat Level
JUNE 16, 2024
In this common email scam, a criminal pretending to be your boss or coworker emails you asking for a favor involving money. Here's what do to when a bad actor lands in your inbox.
The Hacker News
JUNE 16, 2024
Legitimate-but-compromised websites are being used as a conduit to deliver a Windows backdoor dubbed BadSpace under the guise of fake browser updates.
Advertisement
Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.
Security Affairs
JUNE 16, 2024
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. London hospitals canceled over 800 operations in the week after Synnovis ransomware attack DORA Compliance Strategy for Business Leaders City of Cleveland still working to fully restore systems impacted by a cyber attack Two Ukrainians accused of
The Hacker News
JUNE 16, 2024
Threat actors have been observed deploying a malware called NiceRAT to co-opt infected devices into a botnet. The attacks, which target South Korean users, are designed to propagate the malware under the guise of cracked software, such as Microsoft Windows, or tools that purport to offer license verification for Microsoft Office.
Penetration Testing
JUNE 16, 2024
ASUS has released an urgent firmware update to address a critical security vulnerability affecting seven of its router models. The flaw, tracked as CVE-2024-3080 with a CVSS v3.1 score of 9.8, allows unauthenticated remote... The post ASUS Issues Critical Security Update for Router Vulnerability CVE-2024-3080 (CVSS 9.8) appeared first on Cybersecurity News.
WIRED Threat Level
JUNE 16, 2024
The United States and China appear locked in a race to weaponize four-legged robots for military applications.
Advertisement
Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!
Penetration Testing
JUNE 16, 2024
Cybersecurity firm Volexity has revealed a new cyber-espionage campaign targeting Indian government entities, employing a custom-built malware dubbed DISGOMOJI. This Linux-based malware, a modified version of the open-source project discord-c2, leverages the Discord messaging... The post Linux Malware DISGOMOJI Targets Indian Officials appeared first on Cybersecurity News.
Security Boulevard
JUNE 16, 2024
In this blog post we will be discussing how we differentiate ARMO Platform from Open Source Kubescape. The post How we differentiate ARMO Platform from Open Source Kubescape appeared first on ARMO. The post How we differentiate ARMO Platform from Open Source Kubescape appeared first on Security Boulevard.
Penetration Testing
JUNE 16, 2024
Datadog Security Labs has published a comprehensive analysis of a new cryptojacking campaign that specifically targets publicly exposed Docker Engine hosts. This campaign, suspected to be an evolution of the previously identified Spinning YARN... The post New Cryptojacking Campaign Targets Exposed Docker APIs appeared first on Cybersecurity News.
Security Boulevard
JUNE 16, 2024
Identity Threat Detection and Response (ITDR) is a framework that focuses on protecting your organization from being compromised by threat actors exploiting your organization’s identities. Practically, ITDR solutions include system policies, best practices, and effective tools to monitor, detect, and respond to identity-based threats in real-time across an organization’s environments.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Penetration Testing
JUNE 16, 2024
Recently, eSentire’s Threat Response Unit (TRU) has uncovered a new campaign by the SolarMarker threat group, which involves the impersonation of the global employment website Indeed. This latest attack utilizes a team-building-themed lure to... The post SolarMarker Impersonates Indeed to Spread Malware appeared first on Cybersecurity News.
Zero Day
JUNE 16, 2024
Industry players and governments discuss guardrails for AI, but aren't deploying them. Here's what's missing.
Penetration Testing
JUNE 16, 2024
Mandiant, a renowned cybersecurity firm, has issued a warning about the evolving tactics of the financially motivated threat group UNC3944. This group, previously associated with ransomware attacks, has shifted its focus to data theft... The post New Cybercrime Wave: UNC3944 Exploits SaaS Vulnerabilities appeared first on Cybersecurity News.
Penetration Testing
JUNE 16, 2024
A newly identified vulnerability, dubbed “BlastRADIUS,” has been uncovered in the RADIUS protocol, posing a critical risk to network security. Researchers from the University of California, San Diego, have published a practical exploit for... The post BlastRADIUS Vulnerability: Critical Flaw in RADIUS Protocol Exposes Networks to Attack appeared first on Cybersecurity News.
Advertisement
IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.
Penetration Testing
JUNE 16, 2024
A critical security vulnerability has been discovered in the Woody Code Snippets plugin for WordPress, a popular tool used by over 70,000 websites to create and manage code snippets. The flaw, identified as CVE-2024-3105,... The post CVE-2024-3105 (CVSS 9.9) in Woody Code Snippets Plugin Threatens 70,000+ WordPress Sites appeared first on Cybersecurity News.
Penetration Testing
JUNE 16, 2024
A newly identified vulnerability (CVE-2024-3596), dubbed “BlastRADIUS,” has been uncovered in the RADIUS protocol, posing a critical risk to network security. Researchers from the University of California, San Diego, have published a practical exploit... The post BlastRADIUS Vulnerability (CVE-2024-3596): Flaw in RADIUS Protocol Exposes Networks to Attack appeared first on Cybersecurity News.
Expert insights. Personalized for you.
233 
Let's personalize your content