-
BlackLotus bootkit can bypass Windows 11 Secure Boot: ESET
PRIVACY PRIVACY A Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus is found to be capable of bypassing an essential platform security feature, UEFI Secure Boot, according to researchers from Slovakia-based cybersecurity firm ESET. BlackLotus uses an old vulnerability and can run even on fully up-to-date Windows 11 systems with UEFI Secure Boot enabled, the researchers…
-
Top 10 open source software risks for 2023
PRIVACY PRIVACY Known vulnerabilities, compromise of legitimate package, and name confusion attacks are expected to be among the top ten open source software risks in 2023, according to a report by Endor Labs. The other major open source software risks, according to the report, include unmaintained software, outdated software, untracked dependencies, license risk, immature software,…
-
Record Number of Mobile Phishing Attacks in 2022
PRIVACY PRIVACY Endpoint security provider Lookout released its Global State of Mobile Phishing Report, which shows an unprecedented rate of mobile phishing attacks Read More
-
Fooling a Voice Authentication System with an AI-Generated Voice
PRIVACY PRIVACY A reporter used an AI synthesis of his own voice to fool the voice authentication system for Lloyd’s Bank. Read More
-
Third party Cybersecurity risks in securing the supply chain
PRIVACY PRIVACY Some of the biggest prevailing challenges in the cybersecurity world over the last year have been those revolving around securing the software supply chain across the enterprise. The software that enterprises build for internal use and external consumption by their customers is increasingly made up of third-party components and code that can put…
-
Attacker Breakout Time Drops to Just 84 Minutes
PRIVACY PRIVACY Every second counts as threat actors accelerate lateral movement Read More
-
Dish Network Confirms Ransomware Outage
PRIVACY PRIVACY Satellite TV provider comes clean in SEC filing Read More
-
How security leaders can effectively manage Gen Z staff
PRIVACY PRIVACY In 2022, I started a podcast aimed at converting more Gen Z to seek careers in cybersecurity. In doing so, I had to educate myself on what they value and realized the many differences between Gen Z and previous generations. Gen Z refers to those born between mid-to-late 1990s and 2010, making them…
-
Researchers Release MortalKombat Ransomware Decryptor
PRIVACY PRIVACY Bitdefender moves in record time to help victims Read More
-
Hacked home computer of engineer led to second LastPass data breach
PRIVACY PRIVACY Password management company LastPass, which was hit by two data breaches last year, has revealed that data exfiltrated during the first intrusion, discovered in August, was used to target the personal home computer of one of its devops engineers and launch a second successful cyberatttack, detected in November. The threat actor infected the…