Thousands of enterprise servers are running vulnerable BMCs, researchers find
Having the ability to remotely manage and monitor servers even when their main operating system becomes unresponsive is vital to enterprise IT administrators. All server...
Using EM Waves to Detect Malware
I don’t even know what I think about this. Researchers have developed a malware detection system that uses EM waves: “Obfuscation Revealed: Leveraging Electromagnetic Signals...
CIS Controls v8 Introductory Course Available on Salesforce’s Trailhead
Version 8 of the CIS Critical Security Controls (CIS Controls) helps organizations keep up with modern systems and software, and can ultimately help improve your...
Using Foreign Nationals to Bypass US Surveillance Restrictions
Remember when the US and Australian police surreptitiously owned and operated the encrypted cell phone app ANOM? They arrested 800 people in 2021 based on...
Hackers are posting out malicious USB drives to businesses
A notorious cybercrime gang, involved in a series of high profile ransomware attacks, has in recent months been sending out poisoned USB devices to US...
4 ways cybercriminals hide credential stuffing attacks
Credential stuffing is a cyberattack in which exposed usernames and passwords are used to gain fraudulent access to user accounts through large-scale, automated login requests....
FBI arrests social engineer who allegedly stole unpublished manuscripts from authors
On January 5, 2022, the Department of Justice (DoJ) announced the FBI’s arrest of Italian citizen Filippo Bernardini at JFK International Airport in New York...
Smashing Security podcast #257: Pokemon-hunting cops and the Spine Collector scammer
Who has been playing video games rather than hunting down criminals? How is a man alleged to have stolen manuscripts of unpublished books from celebrity...
[R1] Stand-alone Security Patch Available for Tenable.sc versions 5.16.0 to 5.19.1: Patch 202201.1
Tenable.sc leverages third-party software to help provide underlying functionality. One of the third-party components (Apache) was found to contain vulnerabilities, and updated versions have been...
Hackers raided Panasonic server for months, stealing personal data of job seekers
Technology giant Panasonic has confirmed that one of its servers suffered a data breach which saw the personal information of job applicants accessed by an...