ChatGPT and other AI-themed lures used to deliver malicious software
“Since the beginning of 2023 until the end of April, out of 13,296 new domains created related to ChatGPT or OpenAI, 1 out of every 25 new domains were either malicious …
BSidesLjubljana 0x7E7 CFP is still open!
BSidesLjubljana 0x7E7, a non-profit conference organized by the information security community, will take place on June 16, 2023, at the C111 Computer Museum. The deadline for …
Amazon Inspector allows search of its vulnerability intelligence database
Amazon Inspector is designed to manage vulnerabilities by continuously scanning your AWS workloads for software vulnerabilities and unintended network exposure across your …
Top API vulnerabilities organizations can’t afford to ignore
75% of organizations typically change or update their APIs on a daily or weekly basis, creating a significant challenge for protecting the changing API attack surface, …
Unpaid open source maintainers struggle with increased security demands
Ensuring the security of the open-source software that modern organizations depend on is a crucial responsibility of the open source maintainers, especially as attacks on the …
You can now use passkeys to log in to your Google account
Users can now create passkeys for their Google account, the company has announced on Wednesday. Passkeys will enable users to sign in to their Google account on all major …
Attackers are trying to exploit old DVR vulnerabilities (CVE-2018-9995, CVE-2016-20016)
Five years ago, security researcher Fernandez Ezequiel discovered a vulnerability (CVE-2018-9995) in many digital video recorder (DVR) brands and released a tool for …
Google Chrome will lose the “lock” icon for HTTPS-secured sites
In September 2023, Google Chrome will stop showing the lock icon when a site loads over HTTPS, partly due to the now ubiquitous use of the protocol. The misunderstood Lock …
T-Mobile suffers second data breach this year
T-Mobile has revealed a second data breach that occurred in 2023, which reportedly exposed customer data and account PINs, leaving many T-Mobile users vulnerable to potential …
Tython: Open-source Security as Code framework and SDK
Development teams utilize automation through Infrastructure as Code (IaC) to facilitate rapid and frequent changes to their cloud-native architectures. Security teams must …
Malicious content lurks all over the web
Attackers are finding new ways to evade detection and blend in with normal network traffic using HTTP and HTTPS to deliver malware, according to Netskope. On average, five out …
Security in the cloud with more automation
Hopefully, you’ve been working with the Center for Internet Security (CIS) on securing your cloud infrastructure for a while now. Initially, you might have used our CIS …