🐛 COMMON VULNERABILITIES AND EXPOSURES 2[−]
1 JanNew Terrapin Flaw Could Let Attackers Downgrade SSH Protocol SecuritySecurity researchers from Ruhr University Bochum have discovered a vulnerability in the Secure Shell (SSH) cryptographic network protocol that could allow an attacker to downgrade the connection's security by breaking the integrity of the secure channel. Called Terrapin …THEHACKERNEWS.COM
1 JanHTTP RFCs Have Evolved, Breaking Into Cloud, Scaling AppSec at Netflix, & Confluence ... - ASW VaultHTTP RFCs have evolved: A Cloudflare view of HTTP usage trends, Career Advice and Professional Development, Active Exploitation of Confluence CVE-2022-26134 Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/vault-asw-7YOUTUBE.COM
⚠️ VULNERABILITY DISCLOSURE 4[−]
1 JanNew Variant of DLL Search Order Hijacking Bypasses Windows 10 and 11 ProtectionsSecurity researchers have detailed a new variant of a dynamic link library (DLL) search order hijacking technique that could be used by threat actors to bypass security mechanisms and achieve execution of malicious code on systems running Microsoft Windows 10 and Windows 11. The …THEHACKERNEWS.COM
1 JanOperation Triangulation: What You Get When Attack iPhones of Security Researcherssubmitted by c0mmando to netsec 1 points | 0 comments https://media.ccc.de/v/37c3-11859-operation_triangulation_what_you_get_when_attack_iphones_of_researchers Imagine discovering a zero-click attack targeting Apple mobile devices of your colleagues and managing to capture all th…MEDIA.CCC.DE
1 JanThe law enforcement operations targeting cybercrime in 2023In 2023, we saw numerous law enforcement operations targeting cybercrime operations, including cryptocurrency scams, phishing attacks, credential theft, malware development, and ransomware attacks. [...]BLEEPINGCOMPUTER.COM
1 JanThe biggest cybersecurity and cyberattack stories of 20232023 was a big year for cybersecurity, with significant cyberattacks, data breaches, new threat groups emerging, and, of course, zero-day vulnerabilities. [...]BLEEPINGCOMPUTER.COM
🔥 INCIDENT REPORTING 1[−]
1 JanCybersecurity Trends to Watch in 2024Expert Panelists Debate Impact of AI, Geopolitics and New Tactics in the Year Ahead In conjunction with a new report from CyberEd.io, Information Security Media Group asked some of the industry's leading cybersecurity and privacy experts about 10 top trends to watch in 2024. Rans…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 6[−]
1 JanNew JinxLoader Targeting Users with Formbook and XLoader MalwareA new Go-based malware loader called JinxLoader is being used by threat actors to deliver next-stage payloads such as Formbook and its successor XLoader. The disclosure comes from cybersecurity firms Palo Alto Networks Unit 42 and Symantec, both of which …THEHACKERNEWS.COM
1 Jan50+ Network Penetration Testing Tools for Hackers & Security Professionals – 2024Network Security tools for Penetration testing is more often used by security industries to test the vulnerabilities in network and applications. Here you can find the Comprehensive Network Security Tools list that covers Performing Penetration testing Operations in all Environme…GBHACKERS.COM
1 JanIt is possible to extract encryption keys by recording coil whine with a phone next to the computer (2013 paper)submitted by HiddenLayer5 to security 2 points | 1 comments https://web.archive.org/web/20230604104001/https://www.tau.ac.il/~tromer/papers/acoustic-20131218.pdf A more TLDR article about this: extremetech.com/…/173108-researchers-crack-the-wo… FAQs from the researchers: web.arch…WEB.ARCHIVE.ORG
1 JanMentorship Monday - Discussions for career and learning!submitted by shellsharks to cybersecurity 2 points | 0 comments Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? …INFOSEC.PUB
1 JanAI Wars 2024: The Race for Ethical Artificial Intelligencesubmitted by UBER_GheistXL to securitynews 1 points | 0 comments https://youtu.be/4LhDpXSCggQYOUTU.BE
1 JanThe Booming Business of Cybersecurity - Robert Herjavec - BSW VaultRobert Herjavec, CEO of Cyderes, was the keynote speaker at InfoSec World 2022, where he discussed the momentum we continue to see in the cybersecurity industry. Topics included mergers & acquisitions, Robert's outlook on the cyber market, staffing shortages, and nation state thr…YOUTUBE.COM
📡 INFOSEC NEWS 1[−]
1 JanIndustry Moves for the week of January 1, 2024 - SecurityWeekExplore industry moves and significant changes in the industry for the week of January 1, 2024. Stay updated with the latest industry trends and shifts.SECURITYWEEK.COM