Security News > 2024 > April

The basic plan was to develop coded messages from recordings of whales, dolphins, sea lions, and seals. The submarine would broadcast the noises and a computer-the Combo Signal Recognizer-would detect the specific patterns and decode them on the other end.

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more...

Credential stuffing attacks have exploded this April, Okta warns, and advises its customers to use available tools to block access requests originating from residential proxies before authentication takes place. "In credential stuffing attacks, adversaries attempt to sign-in to online services using large lists of usernames and passwords obtained from previous data breaches of unrelated entities, or from phishing or malware campaigns," Okta's Moussa Diallo and Brett Winterford explained.

A security vulnerability has been discovered in the R programming language that could be exploited by a threat actor to create a malicious RDS (R Data Serialization) file such that it results in...

Researchers have found two novel types of attacks that target the conditional branch predictor found in high-end Intel processors, which could be exploited to compromise billions of processors currently in use. The new paper, "Pathfinder: High-Resolution Control-Flow Attacks Exploiting the Conditional Branch Predictor," details two novel attacks that could compromise the billions of Intel processors in use.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Multiple critical security flaws have been disclosed in the Judge0 open-source online code execution system that could be exploited to obtain code execution on the target system. The three flaws,...

The Board will advise the Secretary, the critical infrastructure community, other private sector stakeholders, and the broader public on the safe and secure development and deployment of AI technology in nation's critical infrastructure. Create a forum for DHS, the critical infrastructure community, and AI leaders to share information on the security risks presented by AI. The Board will help DHS stay ahead of evolving threats posed by hostile nation-state actors and reinforce our national security by helping to deter and prevent those threats.

Please turn on your JavaScript for this page to function normally. Prompt Fuzzer is an open-source tool that evaluates the security of your GenAI application's system prompt against dynamic LLM-based threats.

Please turn on your JavaScript for this page to function normally. Insider threats are a prominent issue and can lead to serious security breaches.