Category: AI in news
Upcoming Speaking Engagements This is a current list of where and when I am scheduled to speak: I’m speaking at eCrime 2024 in Boston, Massachusetts, USA. The event runs from September 24 through 26, 2024, and my keynote is on the 24th. The list is maintained on this page. Tags: Schneier news Posted on August…
Read More
‘What’s important about the channel is it’s a community. …This is where you have an opportunity to learn from your peers. All that knowledge is just sitting right here that can help you with some challenge you’re having,’ says Corey Kirkendoll, president and CEO of 5K Technical Services. When it’s time for an MSP to…
Read More
A coalition of law enforcement agencies coordinated by the U.K. National Crime Agency (NCA) has led to the arrest and extradition of a Belarussian and Ukrainian dual-national believed to be associated with Russian-speaking cybercrime groups. Maksim Silnikau (aka Maksym Silnikov), 38, went by the online monikers J.P. Morgan, xxx, and lansky. He was extradited to…
Read More
Two critical vulnerabilities Of the two critical vulnerabilities addressed in the patch day, the more severe is an authentication bypass flaw (CVE-2024-41730) with a CVSS score of 9.8/10 affecting SAP’s BusinessObjects business intelligence platform, while the other is a server-side request forgery (SSRF) vulnerability in applications built with SAP Build Apps. CVE-2024-41730, as described by…
Read More
Scammers are once again using deepfake technology to dupe unwary internet Facebook and Instagram users into making unwise cryptocurrency investments. AI-generated videos promoting fraudulent cryptocurrency trading platform Immediate Edge have used deepfake footage of British Prime Minister Sir Keir Starmer and His Royal Highness Prince William to reach an estimated 890,000 people via Meta’s social…
Read More
Ivanti released a patch for a critical severity authentication bypass vulnerability and a warning that exploit code is publicly available Background On August 13, Ivanti released a security advisory to address a critical severity authentication bypass vulnerability in its Virtual Traffic Manager (vTM) product, a software-based application delivery controller (ADC). CVE Description CVSSv3 CVE-2024-7593 Ivanti…
Read More
Simultaneously, organizations must adopt a more discerning approach to cybersecurity investment, recognizing that true security is not a commodity that can be purchased off the shelf. Leaders should prioritize allocating resources toward building robust internal capabilities, including skilled security teams, comprehensive security policies, and the implementation of continuous monitoring and improvement practices. By doing so,…
Read More
Aug 14, 2024Ravie LakshmananWindows Security / Vulnerability Microsoft on Tuesday shipped fixes to address a total of 90 security flaws, including 10 zero-days, of which six have come under active exploitation in the wild. Of the 90 bugs, seven are rated Critical, 79 are rated Important, and one is rated Moderate in severity. This is…
Read More
The proximity to Black Hat and DEF CON may have played a part in that, however, as some of the publicly disclosed vulnerabilities came from talks given by security researchers last week at the two conferences. Those vulnerabilities might have been reported responsibly to Microsoft in advance, but weren’t considered severe enough to warrant out-of-band…
Read More
NIST says that this algorithm is intended to serve as a backup in case ML-DSA proves vulnerable. More than algorithms In addition to the mathematical encryption algorithms, NIST also released the relevant implementation details. “These finalized standards include instructions for incorporating them into products and encryption systems,” says Moody. “We encourage system administrators to start…
Read More