The Week in Ransomware – March 24th 2023
This week’s news has been dominated by the Clop ransomware gang extorting companies whose GoAnywhere services were breached using a zero-day vulnerability. Over the past…
Latest Cybersecurity News — Page 5814
View all →
There are better options for a privacy-respecting phone
Meet the new, better Apple. Here’s how to choose your phone and set it up. Whether you think the news of Apple scanning your private…
FBI confirms access to Breached cybercrime forum database
Today, the FBI confirmed they have access to the database of the notorious BreachForums (aka Breached) hacking forum after the U.S. Justice Department also officially…
ChatGPT could not find vulnerabilities in its own system. How vulnerabilities allowed user account takeover and leaked payment data
An flaw in an open-source library was the cause of an outage that occurred earlier this week for the ChatGPT service, according to OpenAI’s disclosure.…
Why Tackling Financial Crime Calls for A Privacy-First Approach
By Dr. Alon Kaufman, CEO and Co-Founder of Duality Technologies To gain the upper hand in the fight against financial crime, banks and other financial…
The Mr Robot “Hack Twitch” video
The Mr Robot “Hack Twitch” video Source link
Windows, Ubuntu, and VMWare Workstation hacked on last day of Pwn2Own
On the third day of the Pwn2Own hacking contest, security researchers were awarded $185,000 after demonstrating 5 zero-day exploits targeting Windows 11, Ubuntu Desktop, and…
Why You Can’t Have True Zero Trust Without API Security
By Richard Bird, Chief Security Officer, Traceable Global adoption of Zero Trust security models is soaring and with good reason. Due to organizations’ embrace of…
ChatGPT Bug Exposed Payment Details of Paid Users
Earlier, a ChatGPT bug exposed conversation histories to other users, but now reports indicate that the bug also exposed the payment details of paid users…
The Best Bug Bounty Recon Methodology
My first introduction to reconnaissance was Jason Haddix’s Bug Bounty Hunters Methodology. It’s the de facto standard and is still updated every year. There are…
Microsoft shares tips on detecting Outlook zero-day exploitation
Microsoft today published a detailed guide aiming to help customers discover signs of compromise via exploitation of a recently patched Outlook zero-day vulnerability. Tracked as…
Pre Auth Remote Command Execution (CVE-2022-36804) – Assetnote
Often when performing application security research, we come across other researchers who have found critical vulnerabilities in software that can inspire us to dig deeper…