Category: AI in news
A Hacker’s Mind is Out in Paperback The paperback version of A Hacker’s Mind has just been published. It’s the same book, only a cheaper format. But—and this is the real reason I am posting this—Amazon has significantly discounted the hardcover to $15 to get rid of its stock. This is much cheaper than I…
Read MoreDays after Ivanti announced patches for a new vulnerability in its Connect Secure and Policy Secure products, proof-of-concept exploit code has already been published for the flaw and security companies are reporting exploitation attempts in the wild. This follows a difficult month for Ivanti customers who had to deploy emergency mitigations and patches for three…
Read More“Newer languages show up every few years and it definitely adds to the complexity,” Rajamani said. “For instance, Golang and Rust have become popular in the last two-three years. The tooling used for security reviews and finding application vulnerabilities isn’t always mature enough to support new languages and generally needs time to catch up.” Documentation is…
Read MoreFeb 13, 2024NewsroomCryptocurrency / Rootkit The Glupteba botnet has been found to incorporate a previously undocumented Unified Extensible Firmware Interface (UEFI) bootkit feature, adding another layer of sophistication and stealth to the malware. “This bootkit can intervene and control the [operating system] boot process, enabling Glupteba to hide itself and create a stealthy persistence that…
Read MoreMolly White Reviews Blockchain Book Molly White—of “Web3 is Going Just Great” fame—reviews Chris Dixon’s blockchain solutions book: Read Write Own: In fact, throughout the entire book, Dixon fails to identify a single blockchain project that has successfully provided a non-speculative service at any kind of scale. The closest he ever comes is when he…
Read MoreFeb 13, 2024The Hacker NewsSaaS Security / Data Breach The Midnight Blizzard and Cloudflare-Atlassian cybersecurity incidents raised alarms about the vulnerabilities inherent in major SaaS platforms. These incidents illustrate the stakes involved in SaaS breaches — safeguarding the integrity of SaaS apps and their sensitive data is critical but is not easy. Common threat vectors…
Read MoreWhile the application of AI has picked up in cybersecurity, large-scale adoption still suffers from a lack of expertise, budget, and trust, according to a MixMode report. The report, commissioned through the Ponemon Institute, surveyed 641 IT and security practitioners in the US to understand the state of AI in cybersecurity and found the adoption…
Read MoreThe runaway success of Kubernetes adoption by enterprise software developers has created motivation for attackers to target these installations with specifically designed exploits that leverage its popularity. Attackers have become better at hiding their malware, avoiding the almost trivial security controls, and using common techniques such as privilege escalation and lateral network movement to spread…
Read MoreFeb 13, 2024NewsroomVulnerability / Cyber Threat Threat actors are leveraging a recently disclosed security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy a backdoor codenamed DSLog on susceptible devices. That’s according to findings from Orange Cyberdefense, which said it observed the exploitation of CVE-2024-21893 within hours of the public release of…
Read MoreHistory often views the Preparedness Movement as an instance where prominent former politicians like Teddy Roosevelt attempted to persuade Woodrow Wilson’s administration – directly and via demonstrative efforts like the training of volunteers for a future military venture – that American involvement in war was a necessity. However, the movement was highly decentralized and was…
Read MoreRecent Posts
- Bob Sullivan Discovers a Scam That Strikes Twice
- A Vulnerability in Apache Struts2 Could Allow for Remote Code Execution
- CISA Adds One Known Exploited Vulnerability to Catalog | CISA
- Xerox To Buy Lexmark For $1.5B In Blockbuster Print Deal
- Vulnerability Summary for the Week of December 16, 2024 | CISA