News
-
"Computer Scientists Awarded $3M to Bolster Cybersecurity"The Defense Advanced Research Projects Agency (DARPA), the research and development agency of the US Department of Defense (DOD), has awarded a team of computer scientists at Cornell University a $3 million grant in support of using reinforcement learn
-
"Building More Cyber-Resilient Satellites Begins With a Strong Network"Nation-states are prioritizing seizing control of another nation's satellite infrastructure and destroying or disabling it in today's global cyber cold war.
-
"EU Urged to Reconsider Cyber Resilience Act's Bug Reporting Within 24 Hours"Security professionals and researchers from ESET, Rapid7, the Electronic Frontier Foundation (EFF), and more, have expressed concerns over the European Union (EU) requiring software publishers to disclose unpatched vulnerabilities to government a
-
"Your Cheap Android TV Streaming Box May Have a Dangerous Backdoor"Earlier this year, security researcher Daniel Milisic discovered that an inexpensive Android TV streaming box called the T95 came infected with malware, and multiple other researchers confirmed his findings.
-
"Atlassian Ships Urgent Patch for Exploited Confluence Zero-Day"Business software maker Atlassian recently called immediate attention to a major security defect in its Confluence Data Center and Server products and warned that the issue has already been exploited as zero-day in the wild.
-
"Phishing Campaign Targeted US Executives Exploiting a Flaw in Indeed Job Search Platform"According to Menlo Security researchers, threat actors have used an open redirection vulnerability contained by the Indeed job search platform to carry out phishing attacks.
-
"ChatGPT 'Not a Reliable' Tool for Detecting Vulnerabilities in Developed Code"According to a new report by NCC Group that examines various Artificial Intelligence (AI) cybersecurity use cases, generative AI, particularly ChatGPT, should not be considered a reliable resource for detecting vulnerabilities in developed code without
-
"Qualcomm Patches 3 Zero-Days Reported by Google"US chip giant Qualcomm recently announced patches for over two dozen product vulnerabilities, including three zero-days reported by Google cybersecurity units.
-
"NSA and ESF Partners Release Report on MFA and SSO Challenges"The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and industry partners have released a Cybersecurity Technical Report (CTR) titled "Developer and Vendor Challenges to Identity and Access Management" to pr
-
"Rogue npm Package Deploys Open-Source Rootkit in New Supply Chain Attack"The discovery of a new deceptive package hidden within the npm package registry that deploys the open-source rootkit r77 marks the first time a malicious package has provided rootkit functionality.
-
"New 'Looney Tunables' Linux Bug Gives Root on Major Distros"By exploiting a buffer overflow flaw in the GNU C Library's (glibc) ld.so dynamic loader, a newly discovered Linux vulnerability called Looney Tunables allows local attackers to gain root privileges.
-
"Fast-Growing Dropbox Campaign Steals Microsoft SharePoint Credentials"Threat actors in a Business Email Compromise (BEC) campaign are using Dropbox messages to steal Microsoft user credentials.