Category: SecurityNews
-
ARTEMIS: Adaptive Bitrate Ladder Optimization for Live Video Streaming
Authors/Presenters:Farzad Tashtarian, Abdelhak Bentaleb, Hadi Amirpour, Sergey Gorinsky, Junchen Jiang, Hermann Hellwagner, Christian Timmerer Our sincere thanks to USENIX, and the Presenters & Authors for publishing their superb 21st USENIX Symposium on Networked Systems Design and Implementation (NSDI ’24) content, placing the organizations enduring commitment to Open Access front and center. Originating from the conference’s…
-
How modern IAM can mitigate risk
First seen on scworld.com Jump to article: www.scworld.com/resource/how-modern-iam-can-mitigate-risk
-
Phishing attacks armed with AI capabilities are on the rise
First seen on scworld.com Jump to article: www.scworld.com/news/phishing-attacks-armed-with-ai-capabilities-are-on-the-rise
-
Security Update: IBM X-Force Shows Hackers Using BEC to Steal Cloud Creds
First seen on scworld.com Jump to article: www.scworld.com/news/security-update-ibm-x-force-shows-hackers-using-bec-to-steal-cloud-creds
-
MedusaLocker ransomware variant paired with ‘paid_memes’ toolkit
Tags: ransomwareFirst seen on scworld.com Jump to article: www.scworld.com/news/medusalocker-ransomware-variant-paired-with-paid_memes-toolkit
-
Less haste more speed will win Labour the race to fix 21st-century Britain
Rebuilding existing infrastructure is key for the government rather than rushed policymaking for new projects There is an air of panic about how to fix Britain. We need to move quickly, shift the dial and jump up the rankings of rich countries. Investment is needed in new stuff to make the UK modern and its…
-
Linux-Malware Perfctl befällt offenbar schon seit Jahren Linux-Server
Eine ausgeklügelte Malware befällt massenweise Linux-Server mit falschen Konfigurationen. Das blieb lange unentdeckt, auch wegen der guten Tarnung. First seen on heise.de Jump to article: www.heise.de/news/Perfectl-Linux-Malware-laesst-Server-heimlich-Kryptomining-und-mehr-ausfuehren-9963118.html
-
Linux-Malware Perfectl befällt offenbar schon seit Jahren Linux-Server
Eine ausgeklügelte Malware befällt massenweise Linux-Server mit falschen Konfigurationen. Das blieb lange unentdeckt, auch wegen der guten Tarnung. First seen on heise.de Jump to article: www.heise.de/news/Perfectl-Linux-Malware-laesst-Server-heimlich-Kryptomining-und-mehr-ausfuehren-9963118.html
-
WordPress LiteSpeed Cache plugin flaw could allow site takeover
A high-severity flaw in the WordPress LiteSpeed Cache plugin could allow attackers to execute arbitrary JavaScript code under certain conditions. A high-severity security flaw, tracked as CVE-2024-47374 (CVSS score 7.2), in the LiteSpeed Cache plugin for WordPress could allow attackers to execute arbitrary JavaScript. The vulnerability is a stored cross-site scripting (XSS) issue impacting versions…
-
Stealthy Malware Has Infected Thousands of Linux Systems for Years
Perfctl malware is hard to detect, persists after reboots, and can perform a breadth of malicious activities. First seen on wired.com Jump to article: www.wired.com/story/perfctl-stealthy-malware-infected-linux-systems/
-
Perfectl: Linux-Malware lässt Server heimlich Kryptomining und mehr ausführen
Eine ausgeklügelte Malware befällt massenweise Linux-Server mit falschen Konfigurationen. Das blieb lange unentdeckt, auch wegen der guten Tarnung. First seen on heise.de Jump to article: www.heise.de/news/Perfectl-Linux-Malware-laesst-Server-heimlich-Kryptomining-und-mehr-ausfuehren-9963118.html
-
Dutch Police Hacked, 63,000 Officers’ Details Exposed
A foreign government is believed to have hacked into the Dutch police force’s systems, exposing the contact details… First seen on hackread.com Jump to article: hackread.com/dutch-police-hacked-officers-details-exposed/
-
China-Hacker angeblich in TKÜ-Systeme der USA eingedrungen
Es wäre ein schwerer Schlag für die US-Sicherheitsbehörden. Die Abhörsysteme mehrerer Telekomprovider sollen gehackt worden sein. First seen on golem.de Jump to article: www.golem.de/news/security-china-hacker-angeblich-in-tkue-systeme-der-usa-eingedrungen-2410-189539.html
-
The FBI Still Hasn’t Cracked NYC Mayor Eric Adams’ Phone
Plus: Harvard students pack Meta’s smart glasses with privacy-invading face-recognition tech, Microsoft and the DOJ seize Russian hackers’ domains, and more. First seen on wired.com Jump to article: www.wired.com/story/fbi-eric-adams-phone-not-cracked/
-
Ryanair faces GDPR turbulence over customer ID checks
Irish data watchdog opens probe after ‘numerous complaints’ First seen on theregister.com Jump to article: www.theregister.com/2024/10/05/irish_dpc_ryanair_probe/
-
Escape vs Invicti
Tags: apiDiscover why Escape is a better API security solution. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/escape-vs-invicti/
-
UK’s Sellafield nuke waste processing plant fined £333K for infosec blunders
Radioactive hazards and cyber failings … what could possibly go wrong? First seen on theregister.com Jump to article: www.theregister.com/2024/10/05/sellafield_nuclear_site_fined/
-
Apple iOS 18.0.1 and iPadOS 18.0.1 fix media session and passwords bugs
Apple released iOS 18.0.1 update that addressed two vulnerabilities that exposed passwords and audio snippets to attackers. Apple released iOS 18.0.1 and iPadOS 18.0.1 updates to fix two vulnerabilities, respectively tracked as CVE-2024-44207 and CVE-2024-44204. The company addressed the vulnerability by improving checks. The flaw was reported by Michael Jimenez and an anonymous researcher. The…
-
The best resources for CSAM: Resources to send your team this month
As Cyber Security Awareness Month (CSAM) kicks off, providing your team with accessible, engaging resources for CSAM is a great way to reinforce cybersecurity best practices. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/10/the-best-resources-for-csam-resources-to-send-your-team-this-month/
-
Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability
Apple has released iOS and iPadOS updates to address two security issues, one of which could have allowed a user’s passwords to be read out aloud by its VoiceOver assistive technology.The vulnerability, tracked as CVE-2024-44204, has been described as a logic problem in the new Passwords app impacting a slew of iPhones and iPads. Security…
-
CeranaKeeper: A New China-Aligned Threat Targeting Thailand’s Government
ESET researchers have exposed a newly identified advanced persistent threat (APT) group, dubbed CeranaKeeper, targeting governmental institutions in Thailand since 2023. Originally, some of this activity was attributed to the... First seen on securityonline.info Jump to article: securityonline.info/ceranakeeper-a-new-china-aligned-threat-targeting-thailands-government/
-
Why is asset deduplication a hard problem?
“If you cannot count it, you cannot manage it.” Every CISO and CIO ever Asset deduplication is a crucial challenge in exposure management (and CAASM). In today’s complex IT environments, effective management of vulnerabilities and other findings relies on accurate asset inventories to understand and mitigate potential risks. Assets from different data sources must… Read…
-
Defeating Ransomware: Lessons from the Frontlines with Logically’s Roger Newton
At Seceon’s 2024 Innovation and Certification Days, one of the standout sessions was a conversation between Tom Ertel, our SVP of Technical Sales at Seceon, Roger Newton Jr., the brain behind the SOC at Logically. Roger shared some real-world insights into how Logically, one of Seceon’s largest partners, battles ransomware and other cyber threats using…
-
Global Coalition Strengthens Fight Against Ransomware, White House Announces
The White House recently hosted the fourth gathering of the International Counter Ransomware Initiative (CRI), a coalition now boasting 68 members dedicated to combating the growing threat of ransomware. This... First seen on securityonline.info Jump to article: securityonline.info/global-coalition-strengthens-fight-against-ransomware-white-house-announces/
-
Google Play Protect Takes Aim at Financial Fraud in India with New Pilot Program
Google is stepping up its fight against cybercrime in India with a new pilot program for Google Play Protect. This enhanced fraud protection feature aims to shield Android users from... First seen on securityonline.info Jump to article: securityonline.info/google-play-protect-takes-aim-at-financial-fraud-in-india-with-new-pilot-program/
-
Illumio, ColorTokens, Cisco Lead Microsegmentation Rankings
Illumio, Akamai Stay Atop Forrester Wave, While ColorTokens, Cisco Join Leaderboard. Illumio and Akamai remained atop Forrester’s microsegmentation rankings, while ColorTokens and Cisco climbed into the leader space.The microsegmentation market has expanded beyond traditional on-premises networks to address modern public cloud workloads. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/illumio-colortokens-cisco-lead-microsegmentation-rankings-a-26459
-
Setting Up Your Network Security? Avoid These 4 Mistakes
Learn how to execute the fundamentals, harden your defenses, and protect your business’s network security with no high-tech software. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/network-security/
-
Russia Arrests 100 in Cryptex Crypto Exchange Crackdown
US-Sanctioned Crypto Exchange Founder Sergey Ivanov Included in Sweeping Arrests. Russia’s primary federal investigative agency announced a rare and sweeping investigation into the United States-sanctioned cryptocurrency exchange Cryptex and other platforms used to carry out illegal transactions and launder millions from ransomware groups. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/russia-arrests-100-in-cryptex-crypto-exchange-crackdown-a-26460
-
Saying goodbye to the tech dreams Microsoft abandoned with Windows 11 24H2
Is that a Mixed Reality headset, or just a complicated paperweight? Oh and farewell WordPad First seen on theregister.com Jump to article: www.theregister.com/2024/10/03/whats_gone_from_windows_11/
-
Irish DPC Probes Ryanair Over Facial Recognition
Company Has Long Running Fight Against Fare Scrappers. The Irish data regulator launched an investigation into Dublin-based ultra low-cost carrier Ryanair to identify potential privacy violations related to the company’s use of third-party facial recognition technology, stepping into a running fight Ryainair has fought against online ticket sellers. First seen on govinfosecurity.com Jump to article:…