Brave browser will prevent websites from port scanning visitors
We take a look at reports that Brave browser will prevent port scans of website visitors to keep them safe from tracking or other potentially…
Month: July 2023
Nine looks for new cyber security director – Training & Development – Security
Nine’s former group director of cyber security Celeste Lowe. Nine is looking for a new group director of cyber security following the departure of incumbent…
[tl;dr sec] #188 – Security Interview Questions, Secret Scanning Tools, PentestGPT
I hope you’ve been doing well! The “Full Utah” Experience Last weekend I got to hang out with my friend Scott Piper, and he gave…
Of sharks, surveillance, and spied on emails
This week on Lock and Code, we speak with Matthew Guargilia about the NSA’s broad powers to sweep up Americans’ emails, DMs, messages, and all…
Cache Me If You Can: Messing with Web Caching
In this talk, Louis covers 3 web cache related attacks: cache deception, edge side includes, and cache poisoning. Note: this was an awesomely dense, technical…
Anonymous Sudan claims to have stolen 30 million Microsoft’s customer accountsSecurity Affairs
Microsoft denied the data breach after the collective of hacktivists known as Anonymous Sudan claimed to have hacked the company. In early June, Microsoft suffered…
Police Bust International Phone Scam Gang Targeting Elderly
The alleged ringleader of the phone scam gang, which preyed on elderly individuals through fraudulent phone calls, has also been arrested. A major international law…
Chinese APT uses HTML smuggling to target European Ministries and embassiesSecurity Affairs
China-linked APT group was spotted using HTML smuggling in attacks aimed at Foreign Affairs ministries and embassies in Europe. A China-linked APT group was observed…
Microsoft denies data breach, theft of 30 million customer accounts
Microsoft has denied the claims of the so-called hacktivists “Anonymous Sudan” that they breached the company’s servers and stole credentials for 30 million customer accounts.…
New Meduza Malware Targets Wallets, Passwords and Browsers on Windows
Meduza authors are pushing the malware as a subscription-based service, offering plans for 1-month, 3-month, and lifetime access. Crimeware-as-a-Service (CaaS) operations have become the latest…
What is post-quantum cryptography and why is it important?
[ This article was originally published here ] Whether you work in the tech field or not, it’s likely that you’ve increasingly heard of quantum…
Patch Diffing CVE-2023-28121 to Compromise a WooCommerce – RCE Security
Back in March 2023, I noticed an interesting security advisory that was published by Wordfence about a critical “Authentication Bypass and Privilege Escalation” (aka CVE-2023-28121)…