-
Will your incident response team fight or freeze when a cyberattack hits?
PRIVACY PRIVACY If there’s an intrusion or a ransomware attack on your company, will your security team come out swinging, ready for a real fight? CISOs may feel their staff is always primed with the technical expertise and training they need, but there’s still a chance they might freeze up when the pressure is on,…
-
Scam Alert for Dingo Token That Charges 99% Fee
PRIVACY PRIVACY Crypto has a market cap of close to $11m Read More
-
Finland’s Most-Wanted Hacker Nabbed in France
PRIVACY PRIVACY Julius “Zeekill” Kivimäki, a 25-year-old Finnish man charged with extorting a local online psychotherapy practice and leaking therapy notes for more than 22,000 patients online, was arrested this week in France. A notorious hacker convicted of perpetrating tens of thousands of cybercrimes, Kivimäki had been in hiding since October 2022, when he failed…
-
Friday Squid Blogging: Studying the Colossal Squid
PRIVACY PRIVACY A survey of giant squid science. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Read More
-
Critical vulnerability patched in Jira Service Management Server and Data Center
PRIVACY PRIVACY A critical vulnerability was fixed this week in Jira Service Management Server, a popular IT services management platform for enterprises, that could allow attackers to impersonate users and gain access to access tokens. If the system is configured to allow public sign-up, external customers can be affected as well. The bug was introduced…
-
A Hacker’s Mind News
PRIVACY PRIVACY A Hacker’s Mind will be published on Tuesday. I have done a written interview and a podcast interview about the book. It’s been chosen as a “February 2023 Must-Read Book” by the Next Big Idea Club. And an “Editor’s Pick”—whatever that means—on Amazon. There have been three reviews so far. I am hoping…
-
MalVirt Loaders Exploit .NET Virtualization to Deliver Malvertising Attacks
PRIVACY PRIVACY The new loaders also leverage obfuscated virtualization techniques to avoid detection Read More
-
Atlassian Patches Critical Authentication Flaw in Jira Software
PRIVACY PRIVACY The Jira versions affected by the vulnerability are 5.3.0, 5.3.1, 5.3.2, 5.4.0, 5.4.1 and 5.5.0 Read More
-
New Credential-Stealing Campaign By APT34 Targets Middle East Firms
PRIVACY PRIVACY The malware had additional exfiltration techniques compared to previously studied variants Read More
-
Manipulating Weights in Face-Recognition AI Systems
PRIVACY PRIVACY Interesting research: “Facial Misrecognition Systems: Simple Weight Manipulations Force DNNs to Err Only on Specific Persons“: Abstract: In this paper we describe how to plant novel types of backdoors in any facial recognition model based on the popular architecture of deep Siamese neural networks, by mathematically changing a small fraction of its weights…