Tag: switch
-
CISA publishes a post-quantum shopping list for agencies. Security professionals aren’t sold
A guide aims to help tech buyers navigate their switch to post-quantum encryption, but experts cautioned that most products and backend internet protocols have yet to be updated. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisa-post-quantum-cryptography-procurement-guide-expert-criticism/
-
Risky Chinese Electric Buses Spark Aussie Gov’t Review
Deployed across Australia and Europe, China’s electric buses are vulnerable to cybercriminals and sport a virtual kill switch the Chinese state could activate. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/chinese-electric-buses-aussie-govt
-
This Intune update isn’t optional, it’s a kill switch for outdated apps
Tags: access, android, authentication, business, control, corporate, cybersecurity, data, infrastructure, malware, microsoft, mitigation, password, phone, risk, service, switch, threat, tool, updateiOS line-of-business (LOB) and custom iOS apps using the Intune App SDK must update to SDK version 20.8.0 or later for apps compiled with Xcode 16, and to 21.1.0 or later for apps compiled with Xcode 26.Apps using the wrapper must update to the new version of the Intune App Wrapping Tool for iOS: version…
-
AWS flips switch on Euro cloud as customers fret about digital sovereignty
EU-only ops, German subsidiaries, and a pinky promise your data won’t end up in Uncle Sam’s hands First seen on theregister.com Jump to article: www.theregister.com/2026/01/15/aws_european_sovereign_cloud/
-
1980s Hacker Manifesto
Forty years ago, The Mentor”, Loyd Blankenship”, published “The Conscience of a Hacker” in Phrack. You bet your ass we’re all alike”¦ we’ve been spoon-fed baby food at school when we hungered for steak”¦ the bits of meat that you did let slip through were pre-chewed and tasteless. We’ve been dominated by sadists, or ignored…
-
Cisco switches hit by reboot loops due to DNS client bug
Multiple Cisco switch models are suddenly experiencing reboot loops after logging fatal DNS client errors, according to reports seen by BleepingComputer. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-switches-hit-by-reboot-loops-due-to-dns-client-bug/
-
Tipps für CISOs, die die Branche wechseln wollen
Tipps für CISOs mit “Vertical-Switch-Ambitionen”.In der Außenperspektive sollte es für Menschen, die es zum Chief Information Security Officer gebracht haben, eigentlich kein Problem sein, die Branche zu wechseln. In der Realität stellen viele Sicherheitsentscheider allerdings regelmäßig fest, dass das Gegenteil der Fall ist: Wenn man einmal in einer bestimmten Branche tätig ist, gestaltet es sich…
-
Agentic AI already hinting at cybersecurity’s pending identity crisis
Agentic AI’s identity crisis: Authentication and agentic experts interviewed, three of whom estimate that less than 5% of enterprises experimenting with autonomous agents have deployed agentic identity systems, say the reasons for this lack of security hardening are varied.First, many of these efforts are effectively shadow IT, where a line of business (LOB) executive has…
-
Waterfox browser goes AI-free, targets the Firefox faithful
Even if Mozilla is going to add an AI kill switch, that may not be enough to reassure many. First seen on theregister.com Jump to article: www.theregister.com/2025/12/18/firefox_no_ai_alternative_waterfox/
-
Der Raspberry-Pi-Weckruf für CISOs
Tags: access, authentication, ceo, ciso, control, cyberattack, dns, firewall, group, hacker, Hardware, infrastructure, linux, monitoring, office, risk, switch, tool, voip, vpnKleines Device, große Wirkung.Mitte Dezember wurde eine Fähre in Besitz der Mediterranean Shipping Company über Stunden in einem französischen Hafen festgesetzt, wie Bloomberg berichtete. Der Grund: Es bestand der Verdacht, dass russische Cyberkriminelle versucht haben, das Netzwerk des Schiffs zu hacken mit einem Raspberry Pi. Dieser war demnach mit einem Mobilfunkmodem gekoppelt, das den Fernzugriff…
-
“Dead Man’s Switch” Triggers Massive npm Supply Chain Malware Attack
GitLab’s security team has discovered a severe, ongoing attack spreading dangerous malware through npm, the world’s most extensive code library. The malware uses an alarming >>dead man’s switch,
-
Teamgroup P35S: USB-Stick zerstört sich mit Kill-Switch selbst
Tags: switchDrücken User den roten Knopf auf dem Teamgroup P35S, werden Daten darauf unbrauchbar gemacht. Auch der USB-Stick selbst ist dann zerstört. First seen on golem.de Jump to article: www.golem.de/news/temgroup-p35s-usb-stick-zerstoert-sich-mit-kill-switch-selbst-2511-202522.html
-
The CISO’s greatest risk? Department leaders quitting
What CISOs can and should be doing: The situation isn’t hopeless; there are steps CISOs can and should take to help avoid defections. It’s a matter of making staff a priority. PayNearMe’s Hobson says CISOs need to ask themselves whether functional security leaders are wearing too many hats with too few opportunities to advance, and…
-
Cybersecurity Snapshot: Global Agencies Target Criminal “Bulletproof” Hosts, as CSA Unveils Agentic AI Risk Framework
Tags: access, advisory, ai, android, apple, attack, banking, breach, browser, chrome, cisa, ciso, cloud, compliance, control, credentials, credit-card, crypto, cve, cyber, cybercrime, cybersecurity, data, defense, detection, endpoint, extortion, finance, firewall, firmware, flaw, framework, google, governance, government, group, guide, Hardware, ibm, identity, infection, infrastructure, international, Internet, law, linux, malicious, malware, microsoft, mobile, monitoring, network, open-source, oracle, password, phishing, radius, ransomware, rat, resilience, risk, risk-assessment, risk-management, russia, scam, service, software, switch, technology, threat, tool, update, vulnerability, windowsCyber agencies call on ISPs to help combat “bulletproof” internet hosts that shield cybercriminals. Meanwhile, the CSA introduced a new methodology to assess the risks of autonomous AI. Plus, get the latest on the CIS Benchmarks, drone-detection systems, and malware infections. Key takeaways Crackdown on “bulletproof” hosting: International cyber agencies are urging ISPs and network…
-
Cybersecurity Snapshot: Global Agencies Target Criminal “Bulletproof” Hosts, as CSA Unveils Agentic AI Risk Framework
Tags: access, advisory, ai, android, apple, attack, banking, breach, browser, chrome, cisa, ciso, cloud, compliance, control, credentials, credit-card, crypto, cve, cyber, cybercrime, cybersecurity, data, defense, detection, endpoint, extortion, finance, firewall, firmware, flaw, framework, google, governance, government, group, guide, Hardware, ibm, identity, infection, infrastructure, international, Internet, law, linux, malicious, malware, microsoft, mobile, monitoring, network, open-source, oracle, password, phishing, radius, ransomware, rat, resilience, risk, risk-assessment, risk-management, russia, scam, service, software, switch, technology, threat, tool, update, vulnerability, windowsCyber agencies call on ISPs to help combat “bulletproof” internet hosts that shield cybercriminals. Meanwhile, the CSA introduced a new methodology to assess the risks of autonomous AI. Plus, get the latest on the CIS Benchmarks, drone-detection systems, and malware infections. Key takeaways Crackdown on “bulletproof” hosting: International cyber agencies are urging ISPs and network…
-
How to turn threat intel into real security wins
Tags: access, api, attack, automation, awareness, business, ciso, cloud, communications, control, credentials, csf, data, data-breach, detection, dns, edr, email, endpoint, exploit, finance, framework, governance, guide, identity, intelligence, lessons-learned, mail, malware, mitre, nist, phishing, ransomware, resilience, risk, saas, siem, soar, soc, switch, tactics, theft, threat, tool, update, vulnerabilityThe CISO mandate: Risk, efficiency, investment, response: Reduce operational risk and financial loss Intelligence-led detection and response aim to prevent or minimise data loss and business disruption. The downstream effects, smaller blast radii, fewer regulatory headaches and lower recovery bills, are what boards recognise. Maximise staff efficiency Manual validation and correlation drive alert fatigue. Automating…
-
How to turn threat intel into real security wins
Tags: access, api, attack, automation, awareness, business, ciso, cloud, communications, control, credentials, csf, data, data-breach, detection, dns, edr, email, endpoint, exploit, finance, framework, governance, guide, identity, intelligence, lessons-learned, mail, malware, mitre, nist, phishing, ransomware, resilience, risk, saas, siem, soar, soc, switch, tactics, theft, threat, tool, update, vulnerabilityThe CISO mandate: Risk, efficiency, investment, response: Reduce operational risk and financial loss Intelligence-led detection and response aim to prevent or minimise data loss and business disruption. The downstream effects, smaller blast radii, fewer regulatory headaches and lower recovery bills, are what boards recognise. Maximise staff efficiency Manual validation and correlation drive alert fatigue. Automating…
-
Behind the firewall: The hidden struggles of cyber professionals with a disability
Daisy Wong Daisy WongWhen Daisy Wong, head of security awareness at Medibank, first entered cybersecurity, she didn’t expect to become an advocate for inclusion, she just wanted to prove that being in a wheelchair was no barrier to what she could achieve. “I never wanted to be in cybersecurity. I did marketing at uni,” she…
-
Breach Roundup: UK Probes Chinese-Made Electric Buses
Also, North Korean Hackers Remotely Wipe Android Devices. This week, the U.K. government probed Chinese electric buses for a kill switch, APT37 abused Google’s Find Hub in South Korea, Conduent said its January hack will cost it more, Hyundai disclosed a breach and Patch Tuesday. OWASP added two new categories to its Top 10 web…
-
Fernzugriff aus China: Briten untersuchen ihre Elektrobusse auf Kill-Switch
Eine Untersuchung aus Norwegen ruft weitere Behörden auf den Plan. Der chinesische Hersteller Yutong soll aus der Ferne seine E-Busse lahmlegen können. First seen on golem.de Jump to article: www.golem.de/news/fernzugriff-aus-china-briten-untersuchen-ihre-elektrobusse-auf-kill-switch-2511-202048.html
-
Fernzugriff aus China: Briten untersuchen ihre Elektrobusse auf Kill-Switch
Eine Untersuchung aus Norwegen ruft weitere Behörden auf den Plan. Der chinesische Hersteller Yutong soll aus der Ferne seine E-Busse lahmlegen können. First seen on golem.de Jump to article: www.golem.de/news/fernzugriff-aus-china-briten-untersuchen-ihre-elektrobusse-auf-kill-switch-2511-202048.html
-
Oct Recap: New AWS Privileged Permissions and Services
As October 2025 closes, Sonrai’s latest analysis of new AWS permissions reveals a continued trend: incremental privilege changes with outsized impact. This month’s additions span OpenSearch Ingestion, Aurora DSQL, QuickSight, Parallel Computing Service, ARC Region Switch, and RTB Fabric, touching critical areas of data analytics, compute orchestration, and real-time traffic systems. These updates introduce capabilities……
-
Oct Recap: New AWS Privileged Permissions and Services
As October 2025 closes, Sonrai’s latest analysis of new AWS permissions reveals a continued trend: incremental privilege changes with outsized impact. This month’s additions span OpenSearch Ingestion, Aurora DSQL, QuickSight, Parallel Computing Service, ARC Region Switch, and RTB Fabric, touching critical areas of data analytics, compute orchestration, and real-time traffic systems. These updates introduce capabilities……
-
Oct Recap: New AWS Privileged Permissions and Services
As October 2025 closes, Sonrai’s latest analysis of new AWS permissions reveals a continued trend: incremental privilege changes with outsized impact. This month’s additions span OpenSearch Ingestion, Aurora DSQL, QuickSight, Parallel Computing Service, ARC Region Switch, and RTB Fabric, touching critical areas of data analytics, compute orchestration, and real-time traffic systems. These updates introduce capabilities……
-
Microsoft Security Change for Azure VMs Creates Pitfalls
Firms using Azure infrastructure gained a reprieve from a security-focused switch that could have broken apps that relied on public Internet access. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/microsoft-security-change-azure-vms-creates-pitfalls
-
X warns users to re-enroll passkeys and YubiKeys for 2FA by Nov 10
X urges users with passkeys or YubiKeys to re-enroll 2FA by Nov 10, 2025, or risk account lockout. Re-enroll, switch 2FA, or disable it. Social media platform X is urging users who use passkeys or hardware security keys like YubiKeys for two-factor authentication (2FA) to re-enroll their keys by November 10, 2025, to keep account…