This OpenSSL vulnerability allows to read memory contents or launch DoS attack
On Tuesday, the OpenSSL Project released a significant security update in order to address at least eight identified security weaknesses. These flaws leave OpenSSL users…
Month: February 2023
List of Proxy IPs Exposed to Block Killnet’s DDoS Bots
A list of proxy IPs used by Killnet and other network spamming gangs to target unsuspecting users means it is now possible to prevent the…
NIST Standardizes Ascon Cryptographic Algorithm for IoT and Other Lightweight Devices
Feb 08, 2023Ravie LakshmananEncryption / IoT Security The U.S. National Institute of Standards and Technology (NIST) has announced that a family of authenticated encryption and…
Security Think Tank: Poor training is worse than no training at all
A change is underway in security training of all kinds. Security managers are being asked to step up and make a real difference in training;…
Malicious Dota 2 game modes infected players with malware
Security researchers have discovered four malicious Dota 2 game modes that were used by a threat actor to backdoor the players’ systems. The unknown attacker created four…
Second UK Computer Misuse Act consultation reflects ‘very little progress’
Campaigner bemoans glacial progress of review and urges government to set clear timetable A review of the UK’s creaking cybercrime laws has been criticized for…
Researcher Hacked Toyota’s Global Supplier Portal
The Global Supplier Preparation Information Management System, or GSPIMS, of Toyota, was breached by a security researcher using a backdoor. After 90 days, the hacker…
How to Use Cloud Access Security Brokers for Data Protection
A cloud access security broker is a security policy enforcement point that can be located on-premises or in the cloud. Its purpose is to aggregate…
Analysis: Could NIST’s Cybersecurity Framework 2.0 be the beginning of international best practice?
[ This article was originally published here ] By John E. Dunn It’s been nearly seven years since the 1.1 revision of NIST’s Cybersecurity Framework.…
Unpatched Security Flaws Disclosed in Multiple Document Management Systems
Feb 08, 2023Ravie LakshmananVulnerability Management Multiple unpatched security flaws have been disclosed in open source and freemium Document Management System (DMS) offerings from four vendors…
Prolific social media fraudster jailed for three years
A prolific cyber criminal who used encrypted social media platform Telegram in a series of long-running frauds has been sentenced at Croydon Crown Court to…
Italian Winery Cantina Tollo, The Latest Victim of Cyber Attack
Premier Italian winery Cantina Tollo has disclosed a malicious cyber attack. The announcement came close on the heels of LockBit ransomware gang claiming Cantina Tollo…