Trending Now
LATEST
SN 883: The Maker's Schedule – VirusTotal, Daniel Bernstein sues the NSA, Win 11 might damage encrypted data
Picture of the Week.
Crypto is Hard.
VirusTotal: Deception at a scale.
Windows 11 might damage encrypted data.
Microsoft Defender External Attack Surface Management.
Closing The Loop.
Daniel Bernstein sues the NSA.
The Maker's Schedule.
We invite you...
ISC StormCast for Wednesday, August 10th, 2022
Microsoft August 2022 Patch Tuesday https://isc.sans.edu/diary/Microsoft+August+2022+Patch+Tuesday/28924 AEPIC Leak https://aepicleak.com Adobe
Phishers who breached Twilio and fooled Cloudflare could easily get you, too
Enlarge (credit: Getty Images)
At least two security-sensitive companies—Twilio and Cloudflare—were targeted in a phishing attack by an advanced threat actor who had possession of home phone numbers of not...
SWN #230 – TA428, Microsoft, Lazarus, GwisinLocker, Burger King, & Gaming Fraud
This week Dr. Doug talks: Body Blows, TA428, Microsoft, Lazarus, GwisinLocker, Burger King, Fraud in China, Nomad and Solana, and is joined by Jason Wood on the Security Weekly News! Visit https://www.securityweekly.com/swn for all the latest episodes! Follow...
BSW #272 – Saša Zdjelar
In the leadership and communications section, The Number 1 Growth Killer is Leadership Debt, How to Talk to Your Board & C-Suite About Cybersecurity, 5 ways to unite security and compliance, and more! Zero Trust is the security...
Microsoft Patch Tuesday, August 2022 Edition
Microsoft today released updates to fix a record 141 security vulnerabilities in its Windows operating systems and related software. Once again, Microsoft is patching a zero-day vulnerability in the Microsoft Support Diagnostics Tool (MSDT), a service built into Windows....
ASW #207 – Chen Gour Arie
In today's high-tech industries, security is struggling to keep up with rapidly changing production systems and the chaos that agile development introduces into workflows. Application security (AppSec) teams are fighting an uphill battle to gain visibility and control over...
Patch Tuesday: Yet another Microsoft RCE bug under active exploit
Oh, and that critical VMware auth bypass vuln? Miscreants found it, too August Patch Tuesday clicks off the week of hacker summer camp in Las Vegas this year, so it's basically a code cracker's holiday too. …
Microsoft Patch Tuesday for August 2022 fixed actively exploited zero-day
Microsoft Patch Tuesday security updates for August 2022 addressed a zero-day attack remote code execution vulnerability in Windows.
Microsoft Patch Tuesday security updates for August 2022 addressed 118 CVEs in multiple products, including .NET Core, Active Directory Domain Services, Azure...
Software Development Pipelines Offer Cybercriminals 'Free-Range' Access to Cloud, On-Prem
A Q&A with NCC Group's Viktor Gazdag ahead of a Black Hat USA session on CI/CD pipeline risks reveals a scary, and expanding, campaign vector for software supply chain attacks and RCE.
How to reset your Windows 10 password when you forget it
Learn how to reset your Windows 10 password whether you use a Microsoft Account or a local account.
The post How to reset your Windows 10 password when you forget it appeared first on TechRepublic.
Microsoft Patches Zero-Day Actively Exploited in the Wild
The computing giant issued a massive Patch Tuesday update, including a pair of remote execution flaws in the Microsoft Support Diagnostic Tool (MSDT) after attackers used one of the vulnerabilities in a zero-day exploit.
Halo Security Emerges From Stealth With Full Attack Surface Management Platform
The latest startup to enter the attack surface management space also has a free scanning service to audit the contents of any website.
Exploit Code Published for Critical VMware Security Flaw
The race to mitigate a gaping authentication bypass vulnerability in VMware Workspace ONE Access, Identity Manager and vRealize Automation products just got a lot more urgent.
read more
Cyberespionage against belligerents' industry. Tornado Cash sanctions. Data breaches at Twilio and Klayvio. Intercept tools and policies in Canada.
Tracking apparent Chinese industrial cyberespionage. Tornado Cash sanctions. Twilio discloses a breach. Social engineering exposes data at Klaviyo. Microsoft’s Ann Johnson previews the latest season of Afternoon Cyber Tea. Joe Carrigan...
BrandPost: Is MFA the Vegetable of Cybersecurity?
Like it or not, vegetables are good for us. Chowing down on some broccoli or kale can help us build strong bones, reduce our risk of chronic diseases, and deliver the vitamins our bodies need. And yet, the CDC...
Already Exploited Zero-Day Headlines Microsoft Patch Tuesday
Microsoft on Tuesday released a critical-severity bulletin to warn of a newly discovered zero-day attack exploiting a remote code execution vulnerability in its flagship Windows operating system.
read more
10 malicious Python packages exposed in latest repository attack
Enlarge / Supply-chain attacks, like the latest PyPi discovery, insert malicious code into seemingly functional software packages used by developers. They're becoming increasingly common. (credit: Getty Images)
Researchers have discovered...
ÆPIC Leak: Architectural Bug in Intel CPUs Exposes Protected Data
A group of researchers from several universities and companies has disclosed a new Intel CPU attack method that could allow an attacker to obtain potentially sensitive information.
read more
Security Update Guide Notification System News: Create your profile now
Sharing information through the Security Update Guide (SUG) is an important part of our ongoing effort to help customers manage security risks and keep systems protected. In January 2022 we introduced Phase One of a new way for customers...
LEADERS
Microsoft Patch Tuesday, August 2022 Edition
Microsoft today released updates to fix a record 141 security vulnerabilities in its Windows operating systems and related software. Once again, Microsoft is patching a zero-day vulnerability in the Microsoft Support Diagnostics Tool (MSDT), a service built into Windows....
NIST’s Post-Quantum Cryptography Standards
Quantum computing is a completely new paradigm for computers. A quantum computer uses quantum properties such as superposition, which allows a qubit (a quantum bit) to be neither 0 nor 1, but something much more complicated. In theory, such...
Weekly Update 307
Presently sponsored by: Cloudflare. Speed up and protect your apps, APIs and websites with the world's fastest DNS. Add CDN, SSL, WAF, bot management and much more.A very early weekly update this time after an especially hectic week. The...
Class Action Targets Experian Over Account Security
A class action lawsuit has been filed against big-three consumer credit bureau Experian over reports that the company did little to prevent identity thieves from hijacking consumer accounts. The legal filing cites liberally from an investigation KrebsOnSecurity published in...
Friday Squid Blogging: New Squid Species
Seems like they are being discovered all the time:
In the past, the DEEPEND crew has discovered three new species of Bathyteuthids, a type of squid that lives in depths between 700 and 2,000 meters. The findings were validated and...
