Hot Topics

Vulnerabilities

Radware DDoS-for-hire

An ‘Alarming Escalation’ of Sophistication in DDoS Attacks, Cloudflare Says

| | CloudFlare, Cybersecurity, ddos
Distributed DDoS attacks are becoming increasingly sophisticated and complex, making an already-expanding threat landscape even more challenging ...
Security Boulevard
Biden Admin. Adds ‘Mercenary Spyware’ Firms to Ban List

Biden Admin. Adds ‘Mercenary Spyware’ Firms to Ban List

| | android spyware, Biden administration, Commerce Department, Cytrox, Department of Commerce, Entity List, eu, Europe, European Union, European Union (EU), Intellexa, iOS spyware, Malware Spyware, Predator spyware, SB Blogwatch, spyware
European cousins Intellexa and Cytrox essentially banned by Commerce Dept. — Predator/ALIEN not welcome in U.S ...
Security Boulevard
PCI-DSS PayPal Visa AI digital payments Security the Price of Convenience in Supply Chain Payments

PCI-DSS 4.0 is Here. What Does it Mean for Online Retailers?

| | Cybersecurity, Fraud, payment card security, PCI DSS, retail
PCI-DSS 4.0 was released in early 2022 with a two-year transition period to allow organizations time to learn about and implement it. Are you ready for the transition? ...
Security Boulevard
ChatGPT Spyderbat Lacework Zerologon Malware Complacency

ChatGPT Provides Limited Help Identifying Malware

| | Artificial Intelligence, ChatGPT, Endor Labs, Malware, software supply chain
Current LLM-based tech like ChatGPT can accurately classify malware risk in only 5% of cases—and they may never be able to recognize novel approaches used to create malware ...
Security Boulevard
Microsoft ransomware AWS Spring4Shell flaws vulnerabilities WhiteSource Python

CISA to Gov’t Agencies: Mitigate a Flaw in Windows and Office

| | cisa, Cybersecurity, Microsoft, NATO, RomCom
The U.S. government is giving federal agencies three weeks to mitigate a zero-day Microsoft Windows and Office security flaw exploited by the Russian-linked RomCom threat group ...
Security Boulevard
GPT OpenSSF AI ML Darktrace Concentric supply chain Palo Alto AI partnership ai

The Two Faces of AI in Identity Management

| | AI, ChatGPT, deepfake, identity, identity and access management, rsa
The advent of AI made identity the most-targeted part of the attack surface. But without AI, identity is a sitting duck ...
Security Boulevard
Red Menshen budgets semiconductor data, secure, conflict, oil security tools budget dark, web, threat

APT Group Red Menshen is Rapidly Evolving its BPFDoor Malware

| | BPF, Linux, Malware, Red menshen, Trend Micro
Red Menshen is an APT group that is rapidly evolving its BPFDoor backdoor malware that targets systems running Linux or Solaris ...
Security Boulevard
OPSEC FAIL: US Military Email Going to Mali — via Typo

OPSEC FAIL: US Military Email Going to Mali — via Typo

| | defense department, Department of Defense, DoD, E-mail, email, Johannes Zuurbier, Mali, military, Military Communications, mxrecords, pentagon, Russia, SB Blogwatch, U.S. Department of Defense, U.S. military, United States Department of Defense, US DOD, US Military
MX Mixup: Russian-allied government can intercept “highly sensitive information”—because there’s no “I” in .ML ...
Security Boulevard
cisco Cyber Kill Switch

Cisco Nexus 9000 Users Must Disable Encryption to Dodge Vuln

| | cisco, Cisco 9000 series, encryption, Network Security, Nexus
There is no workaround or patch for a high-severity vulnerability—and none will be forthcoming—in Cisco’s Nexus 9000 series switches ...
Security Boulevard
audits, testing, API security vulnerabilities testing BRc4 Akamai security pentesting ThreatX red team pentesting API APIs Penetration Testing

Why Pentesting-as-a-Service is Vital for Business Security

| | Attack Surface Management, Network Security, Penetration Testing, pentesting, pentesting-as-a-service, vulnerability
Conducting regular penetration tests (pentests) is a proactive option that identifies, evaluates and mitigates risks ...
Security Boulevard
Load more