43 matches found
Join Us at Wasm I/O 2026
Akamai is sponsoring Wasm IO 2026 as part of our commitment to WebAssembly. Get all the details...
Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends
The elusive Iranian threat group known as Infy aka Prince of Persia has evolved its tactics as part of efforts to hide its tracks, even as it readied new command-and-control C2 infrastructure coinciding with the end of the widespread internet blackout the regime imposed at the start of January...
Home Office Phishing Scam Target UK Visa Sponsorship System
Fake Home Office emails target the UK Visa Sponsorship System, stealing logins to issue fraudulent visas and run…...
Top 10 for LLM & Gen AI Project Ranked by OWASP
Trend Micro has become a Gold sponsor of the OWASP Top 10 for LLM and Gen AI Project, merging cybersecurity expertise with OWASP's collaborative efforts to address emerging AI security risks. This partnership underscores Trend Micro's unwavering commitment to advancing AI security, ensuring a...
3 New State-Backed Gangs Target Govt Sectors with HEAT Attack Methods
Global cyber gangs are evolving rapidly, wielding advanced techniques and enjoying state sponsorship. Menlo Security’s latest report exposes…...
PTP at DEF CON 31 2023
Come and see us at the Aerospace Village, at Caesars Forum. Aerospace Village Fri 11th to Sun 13th Activity Take off in an A320 with hacked engine performance calculator. Then try to land it again. Fri 11th August 5:00 PM Pen Test Partners Power Hour We’ll be talking about: Hacking Electronic...
Sponsor function allows voiding some elses chance to win
Lines of code Vulnerability details Impact Anyone can delegate someone elses balance to the sponsorship address, increasing their own likelihood of winning, while voiding the victims chance. Proof of Concept The issue is in the call-chain starting with Vault.sponsor: //Vault function sponsoruint2...
2023 CWE Top 25 Most Dangerous Software Weaknesses
The Homeland Security Systems Engineering and Development Institute, sponsored by the Department of Homeland Security and operated by MITRE, has released the 2023 Common Weakness Enumeration CWE Top 25 Most Dangerous Software Weaknesseslink is external. The CWE Top 25 is calculated by analyzing...
New DownEx Malware Campaign Targets Foreign Government Institutions in Central Asia
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The DownEx malware was discovered in a cyberattack on government institutions in Kazakhstan and Afghanistan in 2022, likely with state sponsorship. The attackers used spear-phishing emails to infiltrate...
TikTok Paid for Influencers to Attend the Pro-TikTok Rally in DC
The embattled social media company brought out the checkbook to ensure at least 30 of its biggest assets—creators—were in DC to help fend off critics...
GHSA-V829-X6HH-CQFQ Crossplane-runtime contains Improper Input Validation via Compositions
Summary Fuzz testing, by Ada Logics and sponsored by the CNCF, identified a vulnerability in the fieldpath package from crossplane/crossplane-runtime that an already highly privileged Crossplane user able to create or update Compositions could leverage to cause an out of memory panic in Crossplan...
International Women’s Day: The power of diversity to build stronger cybersecurity teams
Women’s History Month is a special time for me as I reflect on all the great innovations women have made over the years. Women have driven technology forward throughout history. Notable women in cybersecurity like cryptologists Agnes Meyer Driscoll and Genevieve Grotjan Feinstein worked behind th...
Researchers Uncover Connection b/w Moses Staff and Emerging Abraham's Ax Hacktivists Group
New research has linked the operations of a politically motivated hacktivist group known as Moses Staff to another nascent threat actor named Abraham's Ax that emerged in November 2022. This is based on "several commonalities across the iconography, videography, and leak sites used by the groups,...
Meet Wiz at KubeCon North America
Wiz will be attending and sponsoring KubeCon for the first time and we have a lot to share regarding how enterprises can better secure their container and Kubernetes environments. Come say hi!...
Beware bogus OperaGX sponsorship offers
If you’re a YouTuber, watch out for bogus Opera missives winging their way to you. The Browser team has had to send out a warning in relation to scammy antics trading on their good name. At a time when people are stretched for cash, nothing could be better than a promo mail bearing good news...
IoT Cybersecurity Improvement Act Passed, Heads to President's Desk
Security experts are applauding the recent stamp of approval by the U.S. Senate on a groundbreaking internet-of-things IoT security regulatory effort. The IoT Cybersecurity Improvement Act, which was led in bipartisan sponsorship by Reps. Will Hurd R-Texas and Robin Kelly D-Ill., would require th...
Podcast: Managing an Out-Of-Control Security Tech Stack
This podcast is sponsored by Arctic Wolf. In this sponsored podcast, Threatpost podcast host Cody Hackett and Sam McLane, chief technology officer with Arctic Wolf, discuss important considerations when building a multi-layered cybersecurity strategy and best practices when evaluating security...
All the places you can see and hear Talos at Black Hat 2019
It is once again time for Security Summer Camp – the annual week when security experts descend upon Las Vegas for Black Hat and DEFCON. Talos will be around all week, but we want to start off with a Black Hat preview — the Defcon one will be here later today. Throughout the conference, Talos...
Practical advice for earning higher Microsoft bounty awards
This year at the Nullcon International Security Conference I shared practical advice for how security researchers can maximize the impact of their security vulnerability submissions and earn higher bounty awards under the Microsoft Bounty Program. For those who couldn’t be there, I had two core...
Wallarm to Sponsor AppSec Cali
If you are a SecOps or DevOps professional on the west coast you can not miss the premier California application security event: AppSec California, January 22–25th in Santa Monica. Here are testimonials from the previous AppSec Cali events: “I'm looking forward to AppSecCali next week. Last year...