[tl;dr sec] #215 – Cloud Threat Landscape, Web LLM Security Labs, Azure Logs Primer
I hope you’ve been doing well! 🐕️ Dogn’t You Dare Last week, I shared that recently I slid on something questionable while entering a BART…
Month: January 2024
Tesla hacked again, 24 more zero-days exploited at Pwn2Own Tokyo
Security researchers hacked the Tesla infotainment system and demoed 24 more zero-days on the second day of the Pwn2Own Automotive 2024 hacking competition. Synacktiv Team…
Researchers Awarded Over $1 Million in Pwn2Own Hacking Competition
At Pwn2Own Automotive 2024 Day 2, researchers were rewarded over $1 million for exploiting Tesla infotainment systems, Sony, Alphine players, Autel charging systems, and much more. On the…
REVIEW OF THE ISC2 CISSP CERTIFICATION
As companies increasingly embrace digital transformation, the cybersecurity threat environment constantly evolves. However, there is a notable shortage of skilled cybersecurity leaders. This is where…
Searchlight Cyber adds AI-powered language translation to simplify dark web investigations
Searchlight Cyber has added AI-powered language translation into its dark web investigation and monitoring products DarkIQ and Cerberus. This enhancement gives cybersecurity professionals instant access…
Patch now! Fortra GoAnywhere MFT vulnerability exploit available
On January 22, 2024, software company Fortra warned customers about a new authentication bypass vulnerability impacting GoAnywhere MFT (Managed File Transfer) that allows an attacker…
SystemBC Malware’s C2 Server Analysis Exposes Payload Delivery Tricks
Jan 25, 2024NewsroomRemote Access Trojan Cybersecurity researchers have shed light on the command-and-control (C2) server of a known malware family called SystemBC. “SystemBC can be…
The race to regulate AI: 2024 unpacked
2023 was a breakout year for AI in the commercial and consumer worlds. This has created huge momentum for further growth in investment, development and…
Cisco warns of critical RCE flaw in communications software
Cisco is warning that several of its Unified Communications Manager (CM) and Contact Center Solutions products are vulnerable to a critical severity remote code execution…
Ensuring Data Security in Retail ERP
Retail ERP systems are typically integrated with other key business systems, including eсommerce platforms, procurement and HR software, CRM, and POS tools. This turns them…
Russian hackers breached Microsoft, HPE corporate maliboxes
Cozy Bear (aka Midnight Blizzard, aka APT29) has been busy hacking and spying on big tech companies: both Microsoft and Hewlett Packard Enterprise (HPE) have…
AI likely to boost ransomware, warns government body
The British National Cyber Security Centre (NCSC) says it expects Artificial Intelligence (AI) to heighten the global ransomware threat. In a report, the NCSC makes…