-
Friday Squid Blogging: The Reproductive Habits of Giant Squid
PRIVACY PRIVACY Interesting: A recent study on giant squid that have washed ashore along the Sea of Japan coast has raised the possibility that the animal has a different reproductive method than many other types of squid. Almost all squid and octopus species are polygamous, with multiple males passing sperm to a single female. Giant…
-
New Phishing Campaign Targets Saudi Government Service Portal
PRIVACY PRIVACY The campaigns are set up to provide fake services to the citizens and steal their credentials Read More
-
Google Unveils Open Source Project to Improve Software Supply Chain Security
PRIVACY PRIVACY GUAC aims to bring together many different sources of software security metadata Read More
-
Thousands of Publicly Exposed API Tokens Could Threaten Software Integrity
PRIVACY PRIVACY JFrog scanned over eight million artifacts in the most common open-source software registries Read More
-
NCSC CEO Calls for International Standards on IoT Security
PRIVACY PRIVACY Lindy Cameron argues that smart cities are becoming an attractive target for threat actors, including nation states Read More
-
Adversarial ML Attack that Secretly Gives a Language Model a Point of View
PRIVACY PRIVACY Machine learning security is extraordinarily difficult because the attacks are so varied—and it seems that each new one is weirder than the next. Here’s the latest: a training-time attack that forces the model to exhibit a point of view: Spinning Language Models: Risks of Propaganda-As-A-Service and Countermeasures.” Abstract: We investigate a new threat…
-
Lesson Learned: How SolarWinds Strengthened its Security Post-Incident
PRIVACY PRIVACY Tim Brown, CISO and VP of security at SolarWinds shared his experiences remediating a major cyber-attack during Mandiant’s mWISE event on October 18, 2022 Read More
-
Do the recent DDoS attacks signal future web application risks?
PRIVACY PRIVACY Multiple reports in the media, including in Bloomberg US Edition, allege that Russian-associated cybercrime group Killnet is responsible for a series of distributed-denial-of-service (DDoS) attacks during the week of October 6 that took several state government and other websites offline. While most of the websites were restored within 48 hours, these volumetric attacks…
-
It’s time to prioritize SaaS security
PRIVACY PRIVACY Did our focus on IaaS security come at the expense of SaaS security? Know what to guard against, especially excessive user permissions and misconfigured UIs, APIs, and integrations. Read More
-
IoT security strategy from those who use connected devices
PRIVACY PRIVACY IoT devices pose significant threats to enterprises because of lack of visibility into what devices are on enterprise networks and inadequate use of monitoring tools to watch for malicious behaviors. Read More