Security News

Multiple security vulnerabilities have been disclosed in the TCP/IP network protocol stack of an open-source reference implementation of the Unified Extensible Firmware Interface (UEFI)...

The future of data privacy is the end of compromise. With the world producing data at astounding rates, we need ways to put data to the best use while protecting against breaches and ensuring privacy, data protection and access control.

Skytrack is an open-source command-line tool for plane spotting and aircraft OSINT reconnaissance. The tool utilizes multiple data sources to collect information on aircraft, can produce a PDF report for a specific aircraft, and offers conversion between ICAO and Tail Number designations.

He discusses ransomware gangs, the role of cyber insurance, and how governments and regulatory bodies are responding to the ransomware threat. In light of the increasing sophistication of ransomware attacks, can you discuss the dynamics of negotiating with ransomware gangs? How do these negotiations typically unfold, and what are the critical business considerations during these interactions?

Besides helping security teams perform these tasks more accurately, AI also helps them improve their working speed. Speed is also what cybercriminals are achieving when harnessing the power of AI: it allows them to quickly adapt their attacks to new security measures.

High-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the U.K., and the U.S. have been targeted by an Iranian...

While Netskope expects the total number of users accessing AI apps in the enterprise to continue rising moderately next year, there is an emerging population of power users who are steadily growing their use of generative AI apps. Overall adoption of cloud applications continued to rise throughout the year, with enterprise users consistently trying out new apps while increasing their usage of the most popular apps.

Toyota Tsusho Insurance Broker India, an Indo-Japanese joint insurance venture, operated a misconfigured server that exposed more than 650,000 Microsoft-hosted email messages to customers, a security researcher has found. Zveare then examined the calculator web page on the TTIBI website and saw that it included a client-side function that created a request to send email using a server-side API. "This caught my eye because this was a client-side email sending mechanism," he wrote in a post describing his findings.

Research made public on Tuesday detailed how miscreants can exploit the hole to read data they're not supposed to in a system's local GPU memory. While the flaw potentially affects all GPU applications on vulnerable chips, it is especially concerning for those processing machine-learning applications because of the amount of data these models process using GPUs, and therefore the amount of potentially sensitive information that could be swiped by exploiting this issue.

Have I Been Pwned has added almost 71 million email addresses associated with stolen accounts in the Naz.API dataset to its data breach notification service. The Naz.API dataset is a massive collection of 1 billion credentials compiled using credential stuffing lists and data stolen by information-stealing malware.