Daniel Miessler
MAY 15, 2023
Introduction Purpose Components Attacks Discussion Summary Introduction This resource is a first thrust at a framework for thinking about how to attack AI systems. At the time of writing, GPT-4 has only been out for a couple of months, and ChatGPT for only 6 months. So things are very early. There has been, of course, much content on attacking pre-ChatGPT AI systems, namely how to attack machine learning implementations.
Bleeping Computer
MAY 31, 2023
Amazon will pay $30 million in fines to settle allegations of privacy violations related to the operation of its Ring video doorbell and Alexa virtual assistant services. [.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Tech Republic Security
MAY 23, 2023
Generative AI is of particular interest to leaders for the benefits of cost savings, efficiency and effectiveness. The post EY survey: Tech leaders to invest in AI, 5G, cybersecurity, big data, metaverse appeared first on TechRepublic.
Security Boulevard
MAY 2, 2023
PATCH NOW! Oh, wait, you can’t: “You are no longer connected to the internet,” it sneers. The post New Apple ‘Rapid’ Update is Slow, Messy FAIL appeared first on Security Boulevard.
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Duo's Security Blog
MAY 9, 2023
Principal Product Designer Jake Ingman feels lucky that he’s been able to find a role that combines his passion for cybersecurity, design and engineering. Bringing Minnesota nice to a kinder than necessary culture that values design has allowed Ingman to infuse Duo products with empathy while defining his product design career path. If that’s the way you want to innovate, check out our open roles.
CSO Magazine
MAY 5, 2023
Google has announced a new entry-level cybersecurity certificate to teach learners how to identify common risks, threats, and vulnerabilities, as well as the techniques to mitigate them. Designed and taught by Google’s cybersecurity experts, the Google Cybersecurity Certificate aims to prepare learners for entry-level jobs in cybersecurity in less than six months with no prior experience required, create greater opportunities for people around the world, and help fill the growing number of open
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Bleeping Computer
MAY 31, 2023
Kali Linux 2023.2, the second version of 2023, is now available with a pre-built Hyper-V image and thirteen new tools, including the Evilginx framework for stealing credentials and session cookies. [.
Tech Republic Security
MAY 11, 2023
Google adds a Cybersecurity Certificate to its Career Certificates program, which offers paths to such enterprise tech fields as data analytics, IT support and business intelligence. The post Google offers certificate in cybersecurity, no dorm room required appeared first on TechRepublic.
Security Boulevard
MAY 8, 2023
Clock Ticking for U.S. Ban: FT’s Cristina Criddle claims ByteDance spied on her—because she wrote damaging stories about TikTok. The post Knives Out for TikTok as Journo Reveals her Spy Story appeared first on Security Boulevard.
WIRED Threat Level
MAY 22, 2023
In response to an EU proposal to scan private messages for illegal material, the country's officials said it is “imperative that we have access to the data.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
CSO Magazine
MAY 9, 2023
In today’s increasingly hostile environment, every enterprise, be they big or small, should be concerned about cybersecurity and have access to protection from hackers, scammers, phishers, and all the rest of the host of bad actors who seem to be sprouting up around the world. Yet time and again, we see small- and medium-sized businesses (SMBs) left out in the cold, an unaddressed market segment that finds real protection either too expensive or far too complex to adopt.
CyberSecurity Insiders
MAY 1, 2023
Companies that fail to protect their customers’ information are likely to face lawsuits in the year 2023, as impacted customers are no longer willing to tolerate such acts at the expense of their privacy and financial losses. This legal turn is supported by a study conducted by BakerHostetler, which confirms that lawsuits against companies that suffer data breaches are becoming more common and may increase by the end of this year.
Bleeping Computer
MAY 28, 2023
A new 'File Archivers in the Browser' phishing kit abuses ZIP domains by displaying fake WinRAR or Windows File Explorer windows in the browser to convince users to launch malicious files. [.
Tech Republic Security
MAY 12, 2023
Someone who gains physical access to an iPhone or Android phone could use the Phone Link app to spy on the user’s text messages, phone calls and notifications, says Certo. The post How cyberstalkers could access your iPhone using the Windows Phone Link app appeared first on TechRepublic.
Advertisement
The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.
Security Boulevard
MAY 19, 2023
Om Nom Nom Nom Nom: Privacy Sandbox inching towards reality. But concerns remain. The post Google Chrome 3rd Party Cookies Crumbling — Finally! appeared first on Security Boulevard.
Dark Reading
MAY 10, 2023
While Intel is still investigating the incident, the security industry is bracing itself for years of potential firmware insecurity if the keys indeed were exposed.
CSO Magazine
MAY 17, 2023
As digital transactions with customers, employees, suppliers, and other stakeholders grow, digital trustworthiness is set to become one of the most important enterprise-wide initiatives with the biggest potential impact (both negative and positive), even though it often has the smallest budget allocation. “Organizations are focusing on security and privacy, but if your customers don’t trust you, they will go elsewhere,” says Mark Thomas president of Escoute Consulting, which specializes in compl
CyberSecurity Insiders
MAY 17, 2023
by John Spiegel, Director of Strategy, Axis Security Gartner just released the 2023 version of their “Magic Quadrant” for Secure Service Edge or SSE. Cheers are being heard from the companies who scored upper righthand and jeers being shouted for those companies who did not enjoy where they landed on Gartner’s matrix. Over the next few months, there will be a lot of noise coming from all the vendors.
Speaker: Blackberry, OSS Consultants, & Revenera
Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?
Bleeping Computer
MAY 24, 2023
Ongoing attacks are targeting an Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability in a WordPress cookie consent plugin named Beautiful Cookie Consent Banner with more than 40,000 active installs. [.
Tech Republic Security
MAY 22, 2023
A new Linux Foundation report finds that the global focus is on cloud/containers, cybersecurity and AI/ML skills, and that upskilling is key. The post Report: More organizations still plan to increase their tech staff appeared first on TechRepublic.
Security Boulevard
MAY 16, 2023
Insecure applications come with a cost that can be measured in billions of dollars of losses. I recently spoke with Brook Schoenfield, a distinguished engineer who quietly describes himself as an “Elder AppSec Diplomat,” on the eve of the RSA Conference. Schoenfield is the quintessential walking, talking go-to resource on anything involved with application security.
We Live Security
MAY 31, 2023
A roundup of some of the handiest tools for the collection and analysis of publicly available data from Twitter, Facebook and other social media platforms The post 5 free OSINT tools for social media appeared first on WeLiveSecurity
Speaker: Erika R. Bales, Esq.
When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.
InfoWorld on Security
MAY 30, 2023
It’s late on a Friday. You get a call from your CIO that data has been removed from XYZ public cloud server, and they need it back ASAP. It gets worse. First, there is no current backup copy of the data. The backups you expected your cloud provider to perform on your behalf only include the provider’s core system backups. That means it’s functionally unusable.
CyberSecurity Insiders
MAY 30, 2023
By Motti Elloul, VP Customer Success and Incident Response, Perception Point Email phishing scams are nothing new. But they are growing increasingly prevalent and sophisticated – over 3 billion phishing emails are sent every day, and the tactics used to disguise them are only growing more devious. One case in point: the Incident Response team from our company, Perception Point, recently discovered a new phishing campaign that uses HTML files to conceal malicious scripts, duping unsuspecting user
Bleeping Computer
MAY 21, 2023
Researchers at Tencent Labs and Zhejiang University have presented a new attack called 'BrutePrint,' which brute-forces fingerprints on modern smartphones to bypass user authentication and take control of the device. [.
Tech Republic Security
MAY 17, 2023
Get technical details about how the cybercriminals are targeting this vulnerability, who is impacted, and how to detect and protect against this security threat. The post PaperCut vulnerability abused by several threat actors could impact 70,000 organizations appeared first on TechRepublic.
Speaker: William Hord, Vice President of ERM Services
A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.
Duo's Security Blog
MAY 16, 2023
What do Duo and the Guardians of the Galaxy have in common? They’re superheroes who save their galaxies from unexpected threats. Tech smarts and teamwork are critical to superhero-level protection, no matter what threats you’re facing. How do you protect your galaxy against cyber attacks? In Marvel Studios’ Guardians of the Galaxy Vol. 3, Groot is locked and loaded with bigger and more advanced skills, Mantis has opened up and embraced her powers to help protect her family, and Nebula has brand-
Google Security
MAY 26, 2023
Vincent Winstead, Technical Program Manager It’s Google CTF time! Get your hacking toolbox ready and prepare your caffeine for rapid intake. The competition kicks off on June 23 2023 6:00 PM UTC and runs through June 25 2023 6:00 PM UTC. Registration is now open at g.co/ctf. Google CTF gives you a chance to challenge your skillz, show off your hacktastic abilities, and learn some new tricks along the way.
Dark Reading
MAY 18, 2023
Cybercrime group that often uses smishing for initial access bypassed traditional OS targeting and evasion techniques to directly gain access to the cloud.
CyberSecurity Insiders
MAY 3, 2023
By: Craig Debban , Chief Information Security Officer, QuSecure, Inc. As you may have noticed, daily headlines around quantum computing and its impact on technologies are becoming commonplace. This is driven by the fact that quantum computers will be able to perform certain types of calculations much faster than the classical computers we all use today.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Expert insights. Personalized for you.
364 
Let's personalize your content