Troy Hunt
DECEMBER 11, 2021
Geez, I'm a bit orange today! I think mucking around with the (excepti0nally cool!) moon lamp towards the beginning of this video threw the colours off a bit. In the past, I'd turn on the auto white balance lock and things would stay steady, but since I put up the Elgato key lamps and the colour has been so steady, I've kind of just let it go.
Bleeping Computer
DECEMBER 11, 2021
Amazon has published a post-event summary to shed some light on the root cause behind this week's massive AWS outage that took down a long list of high-profile sites and online services, including Ring, Netflix, Amazon Prime Video, and Roku. [.].
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Security Boulevard
DECEMBER 11, 2021
It doesn’t get much worse than this, at least according to cybersecurity experts. The RCE bug currently being actively exploited in the widely used Apache Log4j promises to leave a trail of damage and destruction in its wake, even for those who quickly take action against it. “This is a worst-case scenario. The combination of. The post Apache Log4j Threatens, Well, Everything appeared first on Security Boulevard.
Bleeping Computer
DECEMBER 11, 2021
As QBot campaigns increase in size and frequency, researchers are looking into ways to break the trojan's distribution chain and tackle the threat. [.].
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Security Boulevard
DECEMBER 11, 2021
Log4Shell : JNDI Injection via Attackable Log4J. Apache log4j2 is one of the most widely utilized logging library in the Java ecosystem. Many applications depend on log4j that include and are not limited to VMware, Apple, Twitter, Minecraft to plethora of open-source projects like Apache Solr, Apache Druid, and many more. On November 30, 2021 , the Apache log4j2 team became aware of a bug that would allow injection of malicious input that could allow for remote code execution.
Security Affairs
DECEMBER 11, 2021
Vulnerabilities in the Western Digital SanDisk SecureAccess can be exploited to access user data through brute force and dictionary attacks. Western Digital has released updates for its SanDisk SecureAccess software to fix multiple vulnerabilities that can be exploited to access user data by carrying out brute force and dictionary attacks. The SanDisk SecureAccess software, now rebranded SanDisk PrivateAccess, allows storing and protecting critical and sensitive files on SanDisk USB flash drives
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Security Affairs
DECEMBER 11, 2021
Cybereason researchers released a “vaccine” that mitigates the critical ‘Log4Shell’ Apache Log4j code execution vulnerability. Chinese security researcher p0rz9 publicly disclosed a Proof-of-concept exploit for a critical remote code execution zero-day vulnerability, tracked a CVE-2021-44228 ( aka Log4Shell ), in the Apache Log4j Java-based logging library.
Security Boulevard
DECEMBER 11, 2021
Our thanks to BSidesKC for publishing their outstanding BSidesKC 2021 videos on the Conferences’ YouTube channel. Permalink. The post BSidesKC 2021 – Jacob Torrey’s ‘Playing Games With Chimaras’ appeared first on Security Boulevard.
Security Affairs
DECEMBER 11, 2021
Accenture researchers detailed the activity of a new sophisticated cybercrime group, called Karakurt, behind recent cyberattacks. Accenture researchers detailed the activity of a sophisticated financially motivated threat actor called Karakurt. The activity of the group was first spotted in June 2021, but the group has been more active in Q3 2021. In June 2021 the gang registered the domains hosting its leak sites, karakurt[.]group and karakurt[.]tech, while in August the group registered a Twit
Security Boulevard
DECEMBER 11, 2021
If you are reading this than I assume you have already heard about CVE-2021-44228, the Remote Code Execution (RCE) vulnerability affecting Apache Log4j, the Java logging library much of the internet uses on their web servers. While many blogs and comments have posted methods to determine if your web servers / websites are vulnerabe, there…. The post Log4j Exploit Detection (CVE-2021-44228) appeared first on Infocyte.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
WIRED Threat Level
DECEMBER 11, 2021
Plus: Bluetooth security, a Brazil hack, and more of the week's top security news.
Security Boulevard
DECEMBER 11, 2021
via the comic artistry and dry wit of Randall Munroe , resident at XKCD ! Permalink. The post XKCD ‘The Last Molecule’ appeared first on Security Boulevard.
CyberSecurity Insiders
DECEMBER 11, 2021
SAN FRANCISCO–( BUSINESS WIRE )– Cloudflare, Inc. (NYSE: NET), the security, performance, and reliability company helping to build a better Internet, today announced it is partnering with leading cyber insurance companies to help businesses manage their risks online. Eligible Cloudflare customers can qualify for discounts or other added benefits from insurance providers like At-Bay, Coalition, and Cowbell Cyber for using Cloudflare to protect any of their websites, applications, empl
Security Boulevard
DECEMBER 11, 2021
Our thanks to BSidesKC for publishing their outstanding BSidesKC 2021 videos on the Conferences’ YouTube channel. Permalink. The post BSidesKC 2021 – Jered Bare’s ‘Building A CULTure Of Security: How To Utilize Guilds To Scale Security When Your Resources Are Nil’ appeared first on Security Boulevard.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
CyberSecurity Insiders
DECEMBER 11, 2021
PALO ALTO, Calif.–( BUSINESS WIRE )– CyCognito , today announced that its external attack surface management and attack surface protection solutions are now available in AWS Marketplace , a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on Amazon Web Services, Inc.
CyberSecurity Insiders
DECEMBER 11, 2021
A surge of organizations are moving their operations to the cloud for the benefits of improved efficiency, better scalability and faster deployment. But with the wave of migration to the cloud come more threats than ever before. The cloud is giving bad actors a more expansive set of targets, as well as new tools to conduct attacks, says Or Azarzar, Co-founder and CTO of Lightspin, in an article in Dark Reading.
CyberSecurity Insiders
DECEMBER 11, 2021
When it comes time to decommission data storage systems, there is much that must be planned and thoroughly carried out. It’s not just about the activity, it is also about due diligence, oversight, and proof. Data that appears to have been deleted is often still recoverable, and in many cases, people make mistakes, such as forgetting a second backup exists somewhere else, or forgetting to verify that a destruction has been successfully and completely deployed.
Expert insights. Personalized for you.
220 
Let's personalize your content