Sat.Jan 14, 2023

article thumbnail

Upcoming Speaking Engagements

Schneier on Security

This is a current list of where and when I am scheduled to speak: I’m speaking at Capricon , a four-day science fiction convention in Chicago. My talk is on “The Coming AI Hackers” and will be held Friday, February 3 at 1:00 PM. The list is maintained on this page.

237
237
article thumbnail

Brave browser’s new Snowflake feature help bypass Tor blocks

Bleeping Computer

Brave Browser version 1.47 was released yesterday, adding the Snowflake extension in the software's settings, enabling users to turn their devices into proxies that help users in censored countries connect to Tor. [.].

Software 145
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Booklist Review of A Hacker’s Mind

Schneier on Security

Booklist reviews A Hacker’s Mind : Author and public-interest security technologist Schneier ( Data and Goliath , 2015) defines a “hack” as an activity allowed by a system “that subverts the rules or norms of the system […] at the expense of someone else affected by the system.” In accessing the security of a particular system, technologists such as Schneier look at how it might fail.

Hacking 195
article thumbnail

Cacti Servers Under Attack as Majority Fail to Patch Critical Vulnerability

The Hacker News

A majority of internet-exposed Cacti servers have not been patched against a recently patched critical security vulnerability that has come under active exploitation in the wild. That's according to attack surface management platform Censys, which found only 26 out of a total of 6,427 servers to be running a patched version of Cacti (1.2.23 and 1.3.0).

Internet 111
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

CircleCI's hack caused by malware stealing engineer's 2FA-backed session

Bleeping Computer

Hackers breached CircleCi in December after an engineer became infected with information-stealing malware that stole the employee's 2FA-backed SSO session, allowing access to the company's internal systems. [.].

article thumbnail

Most internet-exposed Cacti servers exposed to hacking

Security Affairs

Most internet-exposed Cacti servers are vulnerable to the critical vulnerability CVE-2022-46169 which is actively exploited in the wild. Cacti is an open-source platform that provides a robust and extensible operational monitoring and fault management framework for users. Researchers from Censys discovered that the majority of internet-exposed Cacti servers are vulnerable to the critical flaw CVE-2022-46169 which is under active exploitation in the wild.

More Trending

article thumbnail

French CNIL fined Tiktok $5.4 Million for violating cookie laws

Security Affairs

French data protection watchdog fined short-form video hosting service TikTok €5 million for breaking cookie consent rules. The Commission nationale de l’informatique et des libertés (CNIL) has fined short-form video hosting service TikTok €5 million (about $5.4 million) for violating cookie consent rules. French data protection watchdog claims that users are not able to refuse cookies, as easily as they accept them, the ByteDance-owned company also failed to sufficiently inform of the

article thumbnail

Canada's largest alcohol retailer's site hacked to steal credit cards

Bleeping Computer

The Liquor Control Board of Ontario (LCBO), a Canadian government enterprise and the country's largest beverage alcohol retailer, revealed that unknown attackers had breached its website to inject malicious code designed to steal customer and credit card information at check-out. [.].

Retail 113
article thumbnail

Russian Ransomware Gang Attack Destabilizes UK Royal Mail

WIRED Threat Level

Plus: Joe Biden’s classified-documents scandal, the end of security support for Windows 7, and more.

article thumbnail

Google Chrome to let you disable or enable extensions per site

Bleeping Computer

Google is working on a new feature that allows you to disable or enable Chrome extensions based on site-by-site basis. [.].

Software 102
article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

USENIX Security ’22 – Xiaojie Guo, Ye Han, Zheli Liu, Ding Wang, Yan Jia, Jin Li – ‘Birds of a Feather Flock Together: How Set Bias Helps to Deanonymize You via Revealed Intersection Sizes’

Security Boulevard

Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Security ’22 Conference content on the organization’s’ YouTube channel. Permalink. The post USENIX Security ’22 – Xiaojie Guo, Ye Han, Zheli Liu, Ding Wang, Yan Jia, Jin Li – ‘Birds of a Feather Flock Together: How Set Bias Helps to Deanonymize You via Revealed Intersection Sizes’ appeared first on Security Boulevard.