Troy Hunt

JUNE 21, 2025

Moving on, it's been a ridiculously hectic week of bacb-to-back events then to top it off, we've bee dealing with crazy traffic volumes on HIBP: Well, that explains the traffic: 2.46M visitors to Have I Been Pwned in 24 hours, mostly from Google searches. obviously this story got huge traction, let's see what the data says)

Media 190

Media Passwords Accountability 190

Joseph Steinberg

MARCH 24, 2025

In addition, Steinberg will discuss recent events, and explore how various government attempts to protect consumers have proven counterproductive worsening our collective cybersecurity posture instead of improving it and how governments can better keep us safe from cybercriminals.

Artificial Intelligence 130

Artificial Intelligence Cybersecurity Data breaches Government 130

Troy Hunt

MARCH 30, 2025

I've no doubt whatsoever this is a net-positive event that will do way more good than harm. I saw a lot of "if it can happen to Troy, it can happen to anyone" sort of commentary and whilst it feels a bit of obnoxious for me to be saying it that way, I appreciate the sentiment and the awareness it drives.

Phishing 243

Phishing Data breaches Scams 243

Troy Hunt

FEBRUARY 25, 2025

Plus, I spent from then until now in Sydney at various meetings and events which was great, but didn't do a lot for my productivity. Yeah, so that didn't stop, and the stealer log processing and new feature building just absolutely swamped me.

190

190

The Last Watchdog

NOVEMBER 12, 2024

Scott Kannry , CEO, Axio Kannry The SEC is serious about companies disclosing the details of an event if it is relevant to investors. Jim Routh, Chief Trust Officer, Saviynt Routh These events represent a clear shift in the regulatory landscape. Want to stay out of trouble?

CISO 263

CISO CSO Risk Cyber threats 263

Schneier on Security

SEPTEMBER 14, 2024

The event runs from September 24 through 26, 2024, and my keynote is at 8:45 AM ET on the 24th. The event will be held on October 22 and 23, 2024, and my talk is at 9:15 AM ET on October 22, 2024. This is a current list of where and when I am scheduled to speak: I’m speaking at eCrime 2024 in Boston, Massachusetts, USA.

286

286

Security Affairs

NOVEMBER 11, 2024

Amazon and AWS systems remain secure, and we have not experienced a security event. We were notified about a security event at one of our property management vendors that impacted several of its customers including Amazon. Exposed data did not include Social Security numbers or financial information.

Data breaches 128

Data breaches Hacking Technology Ransomware 128

The Hacker News

MAY 15, 2025

This campaign employs clever Unicode-based steganography to hide its initial malicious code and utilizes a Google Calendar event short link as a dynamic dropper for its final

Cybersecurity 121

Cybersecurity 121

Adam Shostack

JANUARY 2, 2025

[A] large number of commenters expressed concern about the aggregation requirement, saying, for example, that companies experience too many events to realistically communicate internally upward to senior management, and that retaining and analyzing data on past events would be too costly.

Cybersecurity 130

Cybersecurity Marketing Information Security 130

Schneier on Security

JANUARY 8, 2024

The event is like that; the format results in a firehose of interesting. It’s a two-day event. This is important for an interdisciplinary event. The final piece of the workshop is the social events. And even though a shorter event would be easier to deal with, the numbers all fit together in a way that’s hard to change.

Technology 305

Technology 305

Schneier on Security

JUNE 14, 2024

The event will also be available via Zoom. I’m speaking at the TEDxBillings Democracy Event in Billings, Montana, USA, on July 19, 2024. I’m speaking on “Reimagining Democracy in the Age of AI” at the Bozeman Library in Bozeman, Montana, USA, July 18, 2024. The list is maintained on this page.

305

305

Security Affairs

OCTOBER 10, 2024

The Mongolian Skimmer captures final data entries using the beforeunload event, ensures cross-browser compatibility with various event-handling techniques, and employs anti-debugging tactics by monitoring formatting changes to detect and evade debugging attempts.

Data collection 129

Data collection Engineering Malware Hacking 129

Security Affairs

OCTOBER 24, 2024

On day two of Pwn2Own Ireland 2024 , hackers demonstrated attacks against 51 zero-day vulnerabilities, earning a total of $358,625, prizes that we have sum to the $516,250 earned by participants on the first day of the event. ” reads the announcement published by ZDI.

Hacking 130

Hacking Information Security 130

Schneier on Security

JULY 14, 2024

The event will also be available via Zoom. I’m speaking at the TEDxBillings Democracy Event in Billings, Montana, USA, on July 19, 2024. The list is maintained on this page.

260

260

Adam Shostack

JANUARY 28, 2025

Building on our recent paper about pandemic-scale cyber events , we submitted 14 recommendations to further improve the plan. Our comments on the National Cyber Incident Plan Josiah Dykstra and I have some comments on the National Cyber Incident Response Plan updates.

Government 147

Government 147

Schneier on Security

AUGUST 14, 2024

The event runs from September 24 through 26, 2024, and my keynote is on the 24th. This is a current list of where and when I am scheduled to speak: I’m speaking at eCrime 2024 in Boston, Massachusetts, USA. The list is maintained on this page.

294

294

The Hacker News

JUNE 20, 2025

When retail giant Marks & Spencer experienced a security event over Easter weekend, they were forced to shut down their online operations, which account for Threat actors prefer to target businesses during off-hours. That’s when they can count on fewer security personnel monitoring systems, delaying response and remediation.

Retail 109

Retail Accountability 109

Adam Shostack

JANUARY 2, 2025

Enjoy the events. The lack of authentication of base stations is apparently a.feature. thats never going to be fixed. Now, theres another way to interpret this, which is to put your devices in airplane mode or a Faraday cage, and thats not awful advice. Disconnect. Be present. Talk to the people around you.

Media 246

Media Authentication Malware 246

Adam Shostack

JANUARY 2, 2025

How should we think about the risk of a unique event? Note that this isnt a coin flip, where we can measure across many events, and use those flips to test our theories. In fact, as the book Against the Gods discusses, folks like Pascal and Fermat had an extended conversation about the interrupted game problem. Consider the Sky Crane.

Risk 130

Risk Insurance Engineering Marketing 130

SecureList

JANUARY 31, 2025

Such changes can be tracked using event 5136 , which is generated whenever an AD object is modified. This is necessary so that when checking for GPO updates, the client can detect that there is a newer version than the one in the cache and download the modified policy.

System Administration 115

System Administration Ransomware Malware Technology 115

Security Boulevard

DECEMBER 17, 2024

CrowdStrike and Salt Security have extended their alliance to make it simpler to feed application programming interface (API) security data directly into a security information event management (SIEM) platform. The post CrowdStrike Allies With Salt Security to Improve API Security appeared first on Security Boulevard.

Security Awareness 114

Security Awareness Cybersecurity 114

Security Affairs

OCTOBER 30, 2024

” FakeCall relies on the Monitoring Dialer Activity service to monitor events from the com.skt.prod.dialer package (the stock dialer app), potentially allowing it to detect when the user is attempting to make calls using apps other than the malware itself. Upon detecting specific events (e.g.,

Banking 134

Banking Malware Accountability Phishing 134

Security Affairs

JUNE 23, 2025

Resecurity (USA) identified the threat actors associated with the “ Cyber Fattah ” movement leaked thousands of records containing information about visitors and athletes from past Saudi Games, one of the major sports events in the Kingdom.

Hacking 87

Hacking Banking Media Government 87

Penetration Testing

APRIL 6, 2025

A security researcher has recently disclosed technical details and proof-of-concept (PoC) exploit code for a vulnerability in the Linux kernel’s Performance Events system component. This flaw, identified as CVE-2023-6931, carries a CVSS score of 7.8, indicating a high severity risk.

Risk 105

Risk Cybersecurity 105

Joseph Steinberg

APRIL 7, 2025

And, of course, all versions of Cybersecurity For Dummies also help guide people to recovering in the event that their computers, phones, or information has already been compromised.

Cybersecurity 187

Cybersecurity Artificial Intelligence Backups Encryption 187

Security Affairs

JANUARY 2, 2025

” DoubleClickjacking exploits timing differences between mousedown and onclick events to hijack user actions. “By exploiting the event timing between clicks, attackers can seamlessly swap out benign UI elements for sensitive ones in the blink of an eye. ” concludes the post.

Accountability 120

Accountability Authentication Hacking Information Security 120

Google Security

MARCH 7, 2025

Between these two events, our bug hunters were rewarded $370,000 (and plenty of swag). Follow the Google VRP channel on X to stay tuned on future events. This year, we had a heightened focus on Android Automotive OS and WearOS, bringing actual automotive devices to multiple live hacking events and conferences. for $50,000 .

Mobile 103

Mobile Hacking Engineering Technology 103

Zero Day

MAY 23, 2025

Many new gadgets and products debuted at the world's biggest computing event, but these stood out to me the most.

104

104

Krebs on Security

SEPTEMBER 18, 2024

Recently, these scammers have branched out into offering fake streaming services for nearly any kind of event advertised on Facebook. Apkdownloadweb has a Facebook page , which shows a number of “live video” teasers for sports events that have already happened, and says its domain is apkdownloadweb[.]com. net for DNS.

Scams 64

Scams DNS Internet Internet 64

Schneier on Security

DECEMBER 27, 2023

No passcode fallback is available in the event that the user is unable to complete Face ID or Touch ID authentication. For especially sensitive actions, including changing the password of the Apple ID account associated with the iPhone, the feature adds a security delay on top of biometric authentication.

Authentication 342

Authentication Passwords Accountability 342

Security Boulevard

JUNE 7, 2025

Originating from the conference’s events located at the Hilton Berlin ; and via the organizations YouTube channel. Authors/Presenters: Daniel Klischies and David Hirsch Our sincere appreciation to OffensiveCon by Binary Gecko , and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content.

Penetration Testing 91

Penetration Testing Education Cybersecurity 91

Adam Shostack

JUNE 2, 2025

That led the keyboard to trigger a key send event via Bluetooth. (How exactly, the Empire knows that it was Lonni that read it is not clear, but I assume its surviellance cameras, etc.) Normally, it would be interferingly pedantic to trace through Dedra pressed a key, causing a connection on a keyboard.

Risk 230

Risk Accountability Cybersecurity 230

Security Affairs

JANUARY 5, 2025

The backdoor can drop additional payloads, block input, clear event logs, wipe clipboard, delete browser data, and erase profiles for apps like Skype and Telegram. Google researchers provided event rules within Google Security Operations to dete ctPLAYFULGHOST activity.

Malware 132

Malware Encryption Phishing Hacking 132

Troy Hunt

SEPTEMBER 17, 2024

That she was able to do that and teach a room full of hundreds of technology professionals things they almost certainly hadn't seen before makes it all the more remarkable, and I'm very happy to now share the full video from that event in June with you all: If you watch nothing else in this video, fast forward through to the 55-minute mark (..)

Technology 310

Technology 310

Joseph Steinberg

JULY 23, 2024

During this webinar, you will learn how this global outage happened, what other security risks may be on the horizon, what lessons we can all learn from recent events, and what individuals, businesses, and governments can do to avoid similar disasters in the future.

Artificial Intelligence 286

Artificial Intelligence Cybersecurity Government Technology 286

Schneier on Security

JULY 24, 2024

“NEO carries an onboard computer and antenna array that will allow officers the ability to create a ‘denial-of-service’ (DoS) event to disable ‘Internet of Things’ devices that could potentially cause harm while entry is made.” ” Slashdot thread.

Internet 332

Internet Internet Computers and Electronics Media 332

Troy Hunt

MARCH 8, 2025

That was a seriously weird week with lots of build-up to an event that last occurred before I was born. We survived the cyclone! It'd been 50 years since a cyclone came this far south, and the media was full of alarming predictions of destruction. In the end, we maxed out at 52kts just after I recorded this video: It’s here.

Phishing 177

Phishing Media 177