SWEEPS Educational Initiative Offers Application Security Training
The secure coding curriculum was developed by University of California, Davis; University of Maryland Baltimore County; Worcester Polytechnic Institute; California…
Flaw in Wi-Fi Standard Can Enable SSID Confusion Attacks
Attackers can exploit the issue to trick users into connecting to insecure networks, but it works only under specific conditions.
Google: State hackers attack security researchers with new zero-day
Google's Threat Analysis Group (TAG) says North Korean state hackers are again targeting security researchers in attacks using at least…
VulnCheck Named CVE Numbering Authority for Common Vulnerabilities and Exposures
LEXINGTON, Mass.–(BUSINESS WIRE)–VulnCheck, the vulnerability intelligence company, today announced it has been authorized by the CVE Program as a CVE...
Microsoft Security Copilot Uses GPT-4 to Beef Up Security Incident Response
Microsoft's new AI assistant tool helps cybersecurity teams investigate security incidents and hunt for threats.
Tesla Model 3 Hacked in Less Than 2 Minutes at Pwn2Own Contest
In two days, ethical researchers from 10 countries have unearthed more than 22 zero-day bugs in a wide range of…
The Ethics of Network and Security Monitoring
The chances of getting hacked are no longer low. Companies need to rethink their data collection and monitoring strategies to…
Public interest in Log4Shell fades but attack surface remains
It's been four months since Log4Shell, a critical zero-day vulnerability in the ubiquitous Apache Log4j library, was discovered, and threat…
Credential-Stuffing Attacks on Remote Windows Systems Took Off in 2021
Password-guessing became last year's weapon of choice, as attackers attempted to brute-force vulnerable Remote Desktop Protocol (RDP) servers, SQL databases,…
Lazarus hackers target researchers with trojanized IDA Pro
A North Korean state-sponsored hacking group known as Lazarus is again trying to hack security researchers, this time with a…