Security News > 2023
Researchers are exploring promising quantum computing applications across various domains, from cryptography and optimization problems to drug discovery and artificial intelligence. Quantum computers, with their ability to perform complex calculations at speeds unattainable by classical counterparts, possess the potential to crack widely used encryption methods, posing a significant threat to the privacy and security of sensitive information.
Roughly 38% of applications using the Apache Log4j library are using a version vulnerable to security issues, including Log4Shell, a critical vulnerability identified as CVE-2021-44228 that carries the maximum severity rating, despite patches being available for more than two years. Log4Shell is an unauthenticated remote code execution flaw that allows taking complete control over systems with Log4j 2.0-beta9 and up to 2.15.0.
Kali Linux 2023.4 released: New tools, Kali for Raspberry Pi 5, and more!OffSec has released Kali Linux 2023.4, the latest version of its penetration testing and digital forensics platform. Microsoft will offer extended security updates for Windows 10Microsoft will not abandon Windows 10 users to an insecure fate once it reaches end of support on October 14, 2025: both enterprises and individual consumers will be able receive Extended Security Updates, but will have to pay for them.
In a presentation at the Black Hat Europe security conference, researchers from the International Institute of Information Technology at Hyderabad said that their tests showed that most password managers for Android are vulnerable to AutoSpill, even if there is no JavaScript injection. Password managers on Android use the platform's WebView framework to automatically type in a user's account credentials when an app loads the login page to services like Apple, Facebook, Microsoft, or Google.
Researchers from the Vrije Universiteit Amsterdam have disclosed a new side-channel attack called SLAM that could be exploited to leak sensitive information from kernel memory on current and...
An unknown pro-Russia influence group spent time recruiting unwitting Hollywood actors to assist in smear campaigns against Ukraine and its president Volodymyr Zelensky. Exploiting platforms like Cameo, which allows people to pay public figures for personalized videos, usually for events like birthdays, this influence operation compensated US celebrities to record videos for a "Vladimir," supporting his fight against substance addiction.
Threat hunters have unmasked the latest tricks adopted by a malware strain called GuLoader in an effort to make analysis more challenging. "While GuLoader's core functionality hasn't changed...
Kentucky health system Norton Healthcare has confirmed that a ransomware attack in May exposed personal information belonging to patients, employees, and dependents. "On May 9, 2023, Norton Healthcare discovered that it was experiencing a cybersecurity incident, later determined to be a ransomware attack," it said in a press release published on Friday.
Two competing bills to reauthorize America's FISA Section 702 spying powers advanced in the House of Representatives committees this week, setting up Congress for a battle over warrantless surveillance before the law lapses in the New Year. The bipartisan bill reauthorizes Section 702 of the Foreign Intelligence Surveillance Act for three years with reforms including requiring all US intelligence agencies to obtain a warrant before conducting a US person query.
The woman-who has only been identified by her surname, Wang-was having a meal with friends at a hotpot restaurant in Kunming, a city in southwest China. When everyone's selections arrived at the table, she posted a photo of the spread on the Chinese social media platform WeChat.