-
Cloud Complexity Means Bugs Are Missed in Testing
PRIVACY PRIVACY Most CISOs think vulnerability management is getting harder Read More
-
American Bar Association Breach Hits 1.5 Million Members
PRIVACY PRIVACY Website usernames and passwords stolen in March raid Read More
-
North Dakota turns to AI to boost effectiveness and efficiency of its cybersecurity
PRIVACY PRIVACY The recent proliferation of tools that employ artificial intelligence (AI) or machine learning (ML) to perform human-like tasks has sparked a great deal of interest in the cybersecurity community. And they’ve prompted some very hard questions about the future, not the least of which is whether ChatGPT, BardAI, Bing AI, and the dozens…
-
3CX Hackers Also Compromised Critical Infrastructure Firms
PRIVACY PRIVACY Symantec warns North Korean actors may return for further exploitation Read More
-
Friday Squid Blogging: More on Squid Fishing
PRIVACY PRIVACY The squid you eat most likely comes from unregulated waters. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Read More
-
Cisco patches high and critical flaws across several products
PRIVACY PRIVACY Cisco fixed serious vulnerabilities across several of its products this week, including in its Industrial Network Director, Modeling Labs, ASR 5000 Series Routers, and BroadWorks Network Server. The flaws can lead to administrative command injection, authentication bypass, remote privilege escalation and denial of service. The Cisco Industrial Network Director (IND), a network monitoring…
-
Iran cyberespionage group taps SimpleHelp for persistence on victim devices
PRIVACY PRIVACY Iranian APT hacking group MuddyWater has been observed using SimpleHelp, a legitimate remote device control and management tool, to ensure persistence on victim devices. SimpleHelp itself, as used by the threat actors, has not been compromised — instead, the group has found a way to download the tool from the official website and…
-
Hacking Pickleball
PRIVACY PRIVACY My latest book, A Hacker’s Mind, has a lot of sports stories. Sports are filled with hacks, as players look for every possible advantage that doesn’t explicitly break the rules. Here’s an example from pickleball, which nicely explains the dilemma between hacking as a subversion and hacking as innovation: Some might consider these…
-
CFPB Employee Sends 256,000 Consumers’ Data to Personal Email
PRIVACY PRIVACY Congressman Bill Huizenga addressed the claims in a letter to CFPB director, Rohit Chopra Read More
-
Evil Extractor Targets Windows Devices to Steal Sensitive Data
PRIVACY PRIVACY New malware operates through several modules that rely on a File Transfer Protocol service Read More