Tag

security

Oldest Newest URL A-Z URL Z-A Title A-Z Title Z-A Random
Google Claims World First As AI Finds 0-Day Security Vulnerability
https://www.forbes.com/sites/daveywinder/2024/11/04/google-claims-world-first-as-ai-finds-0-day-security-vulnerability/
Google’s Project Zero hackers and DeepMind boffins have collaborated to uncover a zero-day security vulnerability in real-world code for the first time using AI.
 
ai cyber detection import-20250527224135 security vulnerability
Added 1 month ago
Why Wiz really turned down Google’s $23B offer | TechCrunch
https://techcrunch.com/2024/11/02/why-wiz-really-turned-down-googles-23b-offer/
Welcome back to Week in Review. This week, we're coming at you right off the heels of TechCrunch Disrupt! If you missed it, we’re highlighting
 
cloud import-20250527224135 security technology
Added 1 month ago
OpenSSF Adds Minder as a Sandbox Project to Simplify the Integration and Use of Open Source Security
https://openssf.org/blog/2024/10/28/openssf-adds-minder-as-a-sandbox-project-to-simplify-the-integration-and-use-of-open-source-security-tools/
 
cyber import-20250527224135 management open source security vulnerability
Added 1 month ago
dns recon & research -find & lookup dns records
https://dnsdumpster.com/
Free domain research tool to discover hosts related to a domain. Find visible hosts from the attackers perspective for Red and Blue Teams.
 
cyber dns import-20250527224135 security
Added 1 month ago
'Shift Left' Triggers Security Soul Searching
https://www.darkreading.com/application-security/shift-left-pushback-triggers-security-soul-searching
 
cyber development devsecops import-20250527224135 security tools
Added 1 month ago
Internet Archive hacked data breach impacts 31 million users
https://www.bleepingcomputer.com/news/security/internet-archive-hacked-data-breach-impacts-31-million-users/
Internet Archive's "The Wayback Machine" has suffered a data breach after a threat actor compromised the website and stole a user authentication database containing 31 million unique records.
 
cyber data breach ddos import-20250527224135 internet security
Added 1 month ago
The Australian government has introduced new cyber security laws. Here’s what you need to know
https://theconversation.com/the-australian-government-has-introduced-new-cyber-security-laws-heres-what-you-need-to-know-240889
The long-awaited law, if passed, will be Australia’s first standalone cyber security act.
 
cyber import-20250527224135 security
Added 1 month ago
Palo Alto Networks warns of firewall hijack bugs with public exploit
https://www.bleepingcomputer.com/news/security/palo-alto-networks-warns-of-firewall-hijack-bugs-with-public-exploit/
Palo Alto Networks warned customers today to patch security vulnerabilities (with public exploit code) that can be chained to let attackers hijack PAN-OS firewalls.
 
cyber import-20250527224135 networking security
Added 1 month ago
How open source SIEM and XDR tackle evolving threats
https://www.bleepingcomputer.com/news/security/how-open-source-siem-and-xdr-tackle-evolving-threats/
Evolving threats require security solutions that match the sophistication of modern threats. Learn more about how Wazuh, the open-source XDR and SIEM, tackles these threats.
 
cyber import-20250527224135 malware security siem xdr
Added 1 month ago
NIST Drops Password Complexity Mandatory Reset Rules
https://www.darkreading.com/identity-access-management-security/nist-drops-password-complexity-mandatory-reset-rules
 
cyber import-20250527224135 passwords security standard
Added 1 month ago
Critical doomsday Linux bug is CUPS-based vulnerability • The Register
https://www.theregister.com/2024/09/26/unauthenticated_rce_bug_linux/
No patches yet, can be mitigated, requires user interaction
 
cyber import-20250527224135 linux security vulnerability
Added 1 month ago
Critical Unauthenticated RCE Flaw Impacts all GNU/Linux systems
https://cybersecuritynews.com/critical-unauthenticated-rce-flaw/
Critical Unauthenticated RCE Flaw, no Common CVE identifiers have been assigned yet, although experts suggest there should be at least three to six.
 
cyber import-20250527224135 linux security vulnerability
Added 1 month ago
Secure your software by design
https://www.iriusrisk.com/
 
cyber import-20250527224135 security threat
Added 1 month ago
OWASP Threat Dragon
https://owasp.org/www-project-threat-dragon/
OWASP Threat Dragon is a threat modeling tool; great for both developers and defenders alike. Use on your desktop or as a web application.
 
cyber import-20250527224135 security threat
Added 1 month ago
Threagile — Agile Threat Modeling Toolkit
https://threagile.io/
Threagile enables teams to execute Agile Threat Modeling as seamless as possible, even highly-integrated into DevSecOps environments.
 
cyber import-20250527224135 security threat
Added 1 month ago
This Windows PowerShell Phish Has Scary Potential
https://krebsonsecurity.com/2024/09/this-windows-powershell-phish-has-scary-potential/
Many GitHub users this week received a novel phishing email warning of critical security holes in their code. Those who clicked the link for details were asked to distinguish themselves from bots by pressing a combination of keyboard keys that…
 
cyber import-20250527224135 phishing security
Added 1 month ago
https://www.reuters.com/world/middle-east/dozens-hezbollah-members-wounded-lebanon-when-pagers-exploded-sources-witnesses-2024-09-17/
https://www.reuters.com/world/middle-east/dozens-hezbollah-members-wounded-lebanon-when-pagers-exploded-sources-witnesses-2024-09-17/
 
hardware import-20250527224135 security supply chain
Added 1 month ago
Platform Engineering Is Security Engineering
https://www.darkreading.com/application-security/platform-engineering-is-security-engineering
 
application security cyber engineering import-20250527224135 platform security
Added 1 month ago
Addon: Trivy - General Discussions / microk8s - Discuss Kubernetes
https://discuss.kubernetes.io/t/addon-trivy/23797
Compatibility: Source: See Trivy website for details. Trivy is an all-in-one open source security scanner that can help you identify vulnerabilities and IaC misconfigurations, discover SBOMs, perform cloud scanni…
 
import-20250527224135 k8s open source security
Added 1 month ago
We Spent $20 To Achieve RCE And Accidentally Became The Admins Of .MOBI
https://labs.watchtowr.com/we-spent-20-to-achieve-rce-and-accidentally-became-the-admins-of-mobi/
Welcome back to another watchTowr Labs blog. Brace yourselves, this is one of our most astounding discoveries. Summary What started out as a bit of fun between colleagues while avoiding the Vegas heat and $20 bottles of water in our Black Hat hotel rooms - has now seemingly become a
 
cyber domains import-20250527224135 security vulnerability
Added 1 month ago
https://www.helpnetsecurity.com/2024/09/10/open-source-cybersec-tools/
https://www.helpnetsecurity.com/2024/09/10/open-source-cybersec-tools/
Here, you'll find a list of free, open-source cybersec tools that are ready to be added to your organization's arsenal.
 
cyber import-20250527224135 open source security tools
Added 1 month ago
pushsecurity/saas-attacks
https://github.com/pushsecurity/saas-attacks?tab=readme-ov-file
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown - pushsecurity/saas-attacks
 
cyber import-20250527224135 security
Added 1 month ago
Exploiting CI / CD Pipelines for fun and profit – Razz Security Blog
https://blog.razzsecurity.com/2024/09/08/exploitation-research/exploiting-ci-cd-pipelines-for-fun-and-profit/
 
cicd import-20250527224135 security
Added 1 month ago
EUCLEAK - NinjaLab
https://ninjalab.io/eucleak/
Download the Writeup Illustration Romain Flamand – Flamingo Studio – [email protected] Abstract Secure elements are small microcontrollers whose main purpose is to generate/store secrets and then execute cryptographic operations. They undergo the highest level of security evaluations that exists (Common Criteria) and are often considered inviolable, even in the worst-case attack scenarios. Hence, complex secure […]
 
hardware import-20250527224135 mfa security vulnerability
Added 1 month ago