-
New Multi-Stage Malware Targets Windows Users in Ukraine
Discovered by FortiGuard Labs, the attack leverages an Excel file embedded with a VBA macro Read More
-
#Infosec24: Enterprise Browser Touted as Solution to GenAI Privacy Risks
Island Technologies discusses the security and user experience benefits of the enterprise browser Read More
-
#Infosec24: Deepfake Expert Warns of “AI Tax Havens”
Keynote speaker Henry Ajder warns that regulatory measures may be undermined if some countries ignore global rules Read More
-
Breaking a Password Manager
Interesting story of breaking the security of the RoboForm password manager in order to recover a cryptocurrency wallet password. Grand and Bruno spent months reverse engineering the version of the RoboForm program that they thought Michael had used in 2013 and found that the pseudo-random number generator used to generate passwords in that versionand subsequent…
-
Penetration Testing of A.I. Models
Penetration testing is a cornerstone of any mature security program and is a mature and well understood practice supported by robust methodologies, tools, and frameworks. The tactical goals of these engagements typically revolve around identification and exploitation of vulnerabilities in technology, processes, and people to gain initial, elevated, and administrative access to the target environment.…
-
#Infosec2024: UK Businesses Faced with Month-Long Recoveries from Supply Chain Attacks
A new BlackBerry survey reveals frequent software supply chain attacks in the UK, highlighting the need for improved security measures and robust guidance for software vendors Read More
-
#Infosec2024: Conflicts Drive DDoS Attack Surge in EMEA
Akamai research found DDoS attacks in EMEA surpassed North America in Q1 2024, with ongoing conflicts helping driving a surge of incidents in the region Read More
-
CIS Controls Community Volunteer Spotlight: Kevin Klingbile
Volunteers from around the world contribute their expertise to developing the CIS Controls. Here’s how Kevin Klingbile contributes as a Controls editor. Read More
-
CIS Benchmarks June 2024 Update
Here is an overview of the CIS Benchmarks that the Center for Internet Security updated or released for June 2024. Read More
-
Ransomware Rises Amid Law Enforcement Takedowns
Ransomware activity rose in 2023, partly fueled by new groups and partnerships between groups, Mandiant has observed Read More