Hot Topics

Hacking

Who Are APT29?

| | APT29, Hacking, Malware, Threats and Trends
Russian hacker group APT29 is one of the most technically skilled and organized threat actors ...
Blog – Coro Cybersecurity
Get a demo

Roku experiences another data breach; Apple notifies users about mercenary spyware attacks

| | Data breaches, Hacking, research, Thursday Threats
It’s rare to see a data breach study observers call a “mixed bag.” Normally, reports on data breaches are grim, touting how each year was a record high for the number of ...
BlackCloak | Protect Your Digital Life™

Linux Backdoor Infection Scare, Massive Social Security Number Heist

| | backdoor, Cyber Security, Cybersecurity, Data breach, Data Privacy, Digital Privacy, Episodes, government, Government Contractor, Hacking, Information Security, Infosec, Linux, open source, pii, Podcast, Podcasts, Privacy, security, sensitive data, Social Security Numbers, technology, Weekly Edition, XZ Utils
In episode 325, Tom and Kevin discuss a significant backdoor threat that nearly compromised Linux systems globally, stemming from an infiltration into an open-source project called XZ Utils by attackers who gained ...
Shared Security Podcast

Backdoor in XZ Utils That Almost Happened

| | backdoors, economics of security, essays, Hacking, Infrastructure, Linux, national security policy, open source, SSH, supply chain, Uncategorized
Last week, the Internet dodged a major nation-state attack that would have had catastrophic cybersecurity repercussions worldwide. It’s a catastrophe that didn’t happen, so it won’t get much attention—but it should. There’s ...
Schneier on Security

US Cyber Safety Review Board on the 2023 Microsoft Exchange Hack

| | china, email, Hacking, Microsoft, Privacy, Uncategorized
The US Cyber Safety Review Board released a report on the summer 2023 hack of Microsoft Exchange by China. It was a serious attack by the Chinese government that accessed the emails ...
Schneier on Security

XZ Utils Backdoor

| | backdoors, Hacking, Linux, open source, SSH, Uncategorized
The cybersecurity world got really lucky last week. An intentionally placed backdoor in XZ Utils, an open-source compression utility, was pretty much accidentally discovered by a Microsoft engineer—weeks before it would have ...
Schneier on Security

Security Vulnerability in Saflok’s RFID-Based Keycard Locks

| | Cybersecurity, Hacking, hotels, Internet of things, locks, Uncategorized, Vulnerabilities
It’s pretty devastating: Today, Ian Carroll, Lennert Wouters, and a team of other security researchers are revealing a hotel keycard hacking technique they call Unsaflok. The technique is a collection of security ...
Schneier on Security
Who's to Blame for Hacked Social Media Accounts?

Who’s to Blame for Hacked Social Media Accounts, Spoofed Online Meeting Requests and Malware

| | , Cyber Security, Cybersecurity, Data Privacy, Digital Privacy, Episodes, facebook, google, hacked, Hacking, Information Security, Infosec, Instagram, Malware, Meeting Invite, Meta, Microsoft Teams, online, Podcast, Podcasts, Privacy, rat, RATs, remote-access Trojan, security, social media, Spoofed Online Meetings, spoofing, Teams, technology, Weekly Edition, Zoom
In episode 320, Tom and Scott discuss the contentious issue of who is accountable when Facebook or Instagram accounts are hacked, discussing potential failings on both the user’s and Meta’s part. They ...
Shared Security Podcast

A Taxonomy of Prompt Injection Attacks

| | academic papers, Artificial Intelligence, Hacking, LLM, Uncategorized
Researchers ran a global prompt hacking competition, and have documented the results in a paper that both gives a lot of good examples and tries to organize a taxonomy of effective prompt ...
Schneier on Security

Stopping Credential Stuffing Attacks: We Need to Do Better

| | AI Application Security, API security, cyberattacks, Hacker News, Hacking
Do you know what 23andMe, Jason's Deli, North Face, and Hot Topic have in common? They've all been breached by successful credential stuffing attacks in the last year!  An attack type that ...
Wallarm
Load more

Secure Guardrails