News
-
"SEI and OpenAI Recommend Ways To Evaluate Large Language Models for Cybersecurity Applications"Carnegie Mellon University's (CMU) Software Engineering Institute (SEI) and OpenAI published a white paper titled "Considerations for Evaluating Large Language Models for Cybersecurity Tasks." The paper finds that Large Language Models (LLMs) could be
-
"New HTTP/2 DoS Attack Potentially More Severe Than Record-Breaking Rapid Reset"A researcher named Bartek Nowotarski has disclosed a new Denial-of-Service (DoS) attack method called "HTTP/2 Continuation Flood," which could pose a more serious threat than Rapid Reset, the vulnerability exploited in 2023 to launch the largest Distri
-
"Google Chrome Beta Tests New DBSC Protection Against Cookie-Stealing Attacks"Google is testing a new Chrome feature called Device Bound Session Credentials (DBSC) to help protect users from session cookie theft by malware.
-
"Attackers Abuse Google Ad Feature to Target Slack, Notion Users"Attackers are using Google Ads to spread information-stealing malware, launching an ad-tracking feature to lure corporate users with fake ads for collaborative groupware such as Slack and Notion.
-
"Heartbleed is 10 Years Old – Farewell Heartbleed, Hello QuantumBleed!"The Heartbleed bug turned ten years old on April 1. In March 2014, Google and Codenomicon discovered the Heartbleed bug in OpenSSL, and it was reported on April 1, 2014.
-
"USF Research Reveals Language Barriers Limit Effectiveness of Cybersecurity Resources"Fawn Ngo, an associate professor at the University of South Florida College of Behavioral and Community Sciences, explored the connections among demographic characteristics, cyber hygiene practices, and cyber victimization using a sample of Limited Eng
-
"Cloud Email Filtering Bypass Attack Works 80% of the Time"Researchers have discovered a misconfiguration in popular enterprise cloud-based email spam filtering services. The study shows that organizations are far more vulnerable to email-based cyber threats than they realize.
-
"Hackers Target macOS Users with Malicious Ads Spreading Stealer Malware"Information stealers, including "Atomic Stealer," are being delivered to Apple macOS users through malicious ads and fake websites.
-
"UK Law Enforcers Arrest 400 in Major Fraud Crackdown"UK police recently arrested hundreds of suspects and seized $15m as part of an ongoing crackdown on rampant fraud in the country.
-
"Vultur Banking Malware for Android Poses as McAfee Security App"Security researchers have discovered a new version of the Android "Vultur" banking Trojan with more advanced remote control capabilities and a better evasion mechanism.
-
"Escalating Malware Tactics Drive Global Cybercrime Epidemic"WatchGuard reports that evasive, basic, and encrypted malware increased in the fourth quarter of 2023, contributing to a boost in total malware.
-
"Shopping Platform PandaBuy Data Leak Impacts 1.3 Million Users"Have I Been Pwned (HIBP) recently announced that data belonging to more than 1.3 million customers of the PandaBuy online shopping platform has been leaked, allegedly after two threat actors exploited multiple vulnerabilities to breach systems.