10 matches found
Russian Hackers Stole Microsoft Source Code—and the Attack Isn’t Over
Plus: An ex-Google engineer gets arrested for allegedly stealing trade secrets, hackers breach the top US cybersecurity agency, and X’s new feature exposes sensitive user data...
CVE-2023-44487
A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RSTSTREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any...
Adopting guidance from the US National Cybersecurity Strategy to secure the Internet of Things
The recently published United States National Cybersecurity Strategy warns that many popular Internet of Things IoT devices are not sufficiently secure to protect against many of today’s common cybersecurity threats.1 The strategy also cautions that many of these IoT devices are difficult—or, in...
U.S. Cybersecurity Agency Adds 6 Flaws to Known Exploited Vulnerabilities Catalog
The U.S. Cybersecurity and Infrastructure Security Agency has added a batch of six flaws to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. This comprises three vulnerabilities that Apple patched this week CVE-2023-32434, CVE-2023-32435, and CVE-2023-32439...
Microsoft Patch Tuesday for April 2023 — Snort rules and prominent vulnerabilities
Microsoft released its monthly round of security updates and patches today, continuing its trend of fixing zero-day vulnerabilities on Patch Tuesday. Aprils security update includes one vulnerability thats actively being exploited in the wild. There are also eight critical vulnerabilities and the...
How web data is leading US cybersecurity to unreached possibilities
By Owais Sultan Businesses across the United States are using web scraping, or web data collection, infrastructure as a first line… This is a post from HackRead.com Read the original post: How web data is leading US cybersecurity to unreached possibilities...
Is Your Data Safe? Check Out Some Cybersecurity Master Classes
Since cybersecurity is definitely an issue that's here to stay, I've just checked out the recently released first episodes of Cato Networks Cybersecurity Master Class Series. According to Cato, the series aims to teach and demonstrate cybersecurity tools and best practices; provide research and...
How Trump’s Ukraine Mess Entangled CrowdStrike
A US cybersecurity company became a topic of interest for President Donald Trump in his call with Ukraine’s Volodymyr Zelensky...
This Week in Security News: Medical Malware and Monitor Hacks
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn how baby monitors may be susceptible to hacking. Also, learn about a medical flaw that enables hackers to hide malware. Read on: Is Yo...
How to Punish Cybercriminals
Interesting policy paper by Third Way: "To Catch a Hacker: Toward a comprehensive strategy to identify, pursue, and punish malicious cyber actors": In this paper, we argue that the United States currently lacks a comprehensive overarching strategic approach to identify, stop and punish...