Hot Topics

zero-day

Alarming Intrusion: Chinese Government Hackers Target US Internet Providers

Alarming Intrusion: Chinese Government Hackers Target US Internet Providers

| | Blog, government, Infrastructure, nation-state attacks, Nation-State Bad Actors, Nation-State Threat Actors, national cybersecurity, National Cybersecurity Strategy, Uncategorized, Zero Day Attacks, zero-day, zero-day attack, zero-day attack identification, Zero-day threats
A recent Washington Post report sent shockwaves through the cybersecurity landscape, revealing that Chinese government-backed hackers have infiltrated at least two major US internet service providers (ISPs) and several smaller ones ...
MixMode
Critical Microsoft Zero-Day Vulnerability Exploited in the Wild for Over a Year

Critical Microsoft Zero-Day Vulnerability Exploited in the Wild for Over a Year

| | azure, Blog, Cybersecurity News, Zero Day Attacks, zero-day, zero-day attack
A severe zero-day vulnerability in Microsoft Windows, tracked as CVE-2024-38112, has been actively exploited by threat actors for at least 18 months. This security flaw in the Windows MSHTML Platform allows remote ...
MixMode
Nation-States and Zero-days Cranking Up the Heat

Nation-States and Zero-days Cranking Up the Heat

| | Blog, nation-state attacks, national cybersecurity, National Cybersecurity Strategy, Zero Day Attacks, zero-day, zero-day attack, zero-day attack identification, Zero-day threats
Summertime isn't just for vacations and barbecues—it's also prime season for zero-day attacks. These attacks, launched by malicious actors exploiting previously unknown vulnerabilities in software, are a significant concern for national security ...
MixMode
Facial Recognition Fail: How It Misidentified an Innocent Man

Critical SSH Vulnerability, Facial Recognition Flaws, How to Safely Dispose of Old Devices

| | arrest, Cyber Security, Cybersecurity, data, Data Privacy, Delete My Data, Detroit, Detroit Police, Digital Forensics, Digital Privacy, Episodes, Exploit, facial recognition, hard drive, HDD, Information Security, Infosec, Old Computer, Old PC, openssh, personal data, Podcast, Podcasts, Privacy, Qualys, RegreSSHion, Secure Wipe, security, SSH, technology, vulnerability, Weekly Edition, zero-day
In episode 337, we cover “broken” news about the new SSH vulnerability ‘regreSSHion‘ highlighting the vulnerability discovered in the OpenSSH protocol by Qualys and its implications. We then discuss the Detroit Police ...
Shared Security Podcast

Using LLMs to Exploit Vulnerabilities

| | academic papers, Artificial Intelligence, cyberattack, Cybersecurity, LLM, Uncategorized, Vulnerabilities, zero-day
Interesting research: “Teams of LLM Agents can Exploit Zero-Day Vulnerabilities.” Abstract: LLM agents have become increasingly sophisticated, especially in the realm of cybersecurity. Researchers have shown that LLM agents can exploit real-world ...
Schneier on Security
Cybersecurity Insights with Contrast CISO David Lindner | 5/24/24

Cybersecurity Insights with Contrast CISO David Lindner | 5/24/24

| | Contrast Assess, Contrast Protect, CVE, runtime security, zero-day
Insight #1 Tool consolidation continues, with Palo Alto’s plans to absorb IBM's QRadar software. This movement will continue and makes sense for the consumers of security software, as well. The reasons are ...
AppSec Observer
Cybersecurity Insights with Contrast CISO David Lindner | 5/24/24

Cybersecurity Insights with Contrast CISO David Lindner | 5/24/24

| | Contrast Assess, Contrast Protect, CVE, runtime security, zero-day
Insight #1 Tool consolidation continues, with Palo Alto’s plans to absorb IBM's QRadar software. This movement will continue and makes sense for the consumers of security software, as well. The reasons are ...
AppSec Observer
Zero-Day Nightmare: Palo Alto, Cisco, and MITRE Under Attack

Zero-Day Nightmare: Palo Alto, Cisco, and MITRE Under Attack

| | Blog, government, MITRE ATT&CK, national cybersecurity, National Cybersecurity Strategy, Palo Alto Network, Palo Alto Networks, Zero Day Attacks, zero-day, zero-day attack, Zero-day threats
Zero-day threats continue to wreak havoc on organizations worldwide, with recent attacks targeting corporate and government networks. In the last few weeks, government-sponsored threat actors have targeted Palo Alto Networks and Cisco ...
MixMode

Preparing for Holiday Cyberattacks

| | advice, application protection, Best Practices, Cybersecurity, next gen security, Phishing, security, Security Research, vulnerability, zero-day
How can security teams be ready for holiday cyberattacks and a seasonal peak in cybercrime? Holiday cyberattacks are on the rise. The vacation season, be it Christmas, Hanukkah, Easter, St. Patrick’s Day, ...
TrueFort

WordPress Form Plugin Vulnerability CVE-2024-28890 Affecting 500k+ Sites

| | advice, application protection, Best Practices, Cybersecurity, lateral movement, microsegmentation, next gen security, Security Research, vulnerability, zero trust, zero-day
Urgent patching alert (CVE-2024-28890) lists critical vulnerabilities in Forminator plugin that affect over 500,000 WordPress sites  : OFFICIAL CVE-2024-28890 PATCHING INFORMATION :  WordPress is one of the most popular content management systems ...
TrueFort
Load more

Application Security Check Up