The treaty would allow any country to request technology firms to aid in cybercrime investigations and preserve data about their users — potentially imperiling penetration testers and security researchers, among others. Go to Source Author: Robert Lemos, Contributing Writer
Category Archives: Uncategorized
The vulnerability has been around for nearly 20 years and gives sophisticated attackers a way to bury virtually undetectable bootkits on devices with EPYC and Ryzen microprocessors. Go to Source Author: Jai Vijayan, Contributing Writer
More than 100 Ukrainian government devices have been affected by the threat that is being tracked as UAC-0198. Go to Source Author: Dark Reading Staff
A quick and easy exploit for crashing Windows computers has no fix yet nor really any way to mitigate its effects. Go to Source Author: Nate Nelson, Contributing Writer
The recent outage highlights the critical importance of adhering to established processes and governance frameworks. Go to Source Author: Erik Severinghaus
US citizens play middleman between US companies and the North Korean government agents they unwittingly hire. Go to Source Author: Nate Nelson, Contributing Writer
In 2023, no fewer than 94 percent of businesses were impacted by phishing attacks, a 40 percent increase compared to the previous year, according to research from Egress. What’s behind the surge in phishing? One popular answer is AI – particularly generative AI, which has made it trivially easier for threat actors to craft content […]
Cybersecurity researchers have identified a number of security shortcomings in photovoltaic system management platforms operated by Chinese companies Solarman and Deye that could enable malicious actors to cause disruption and power blackouts. “If exploited, these vulnerabilities could allow an attacker to control inverter settings that could take parts of the grid down, potentially causing Go […]
After a good year of sustained exuberance, the hangover is finally here. It’s a gentle one (for now), as the market corrects the share price of the major players (like Nvidia, Microsoft, and Google), while other players reassess the market and adjust priorities. Gartner calls it the trough of disillusionment, when interest wanes and implementations […]
The maintainers of the FreeBSD Project have released security updates to address a high-severity flaw in OpenSSH that attackers could potentially exploit to execute arbitrary code remotely with elevated privileges. The vulnerability, tracked as CVE-2024-7589, carries a CVSS score of 7.4 out of a maximum of 10.0, indicating high severity. “A signal handler in sshd(8) […]