In this Black Hat Europe preview, devices bridging critical machinery with the wider Internet are exposed and subject to numerous supply chain-induced bugs.
Cyber News, Cyber Threat Trends
Friends, forever Continue reading on The CISO Den »
Cyber News, Cyber Threat Trends
ACM.383 Security problems and workarounds if you choose to do this Continue reading on Cloud Security »
Cyber News, Cyber Threat Trends
A group of academics has disclosed a new “software fault attack” on AMD’s Secure Encrypted Virtualization (SEV) technology that could be potentially exploited by threat actors to infiltrate encrypted virtual machines (VMs) and even perform privilege escalation. The attack has been codenamed CacheWarp (CVE-2023-20592) by researchers from the CISPA Helmholtz Center for Information Security and […]
Cyber News
Boeing Roughed-Up After Ransomware Deadline Expires The Beating Occurred Friday Amid an Aggressive New ‘Digital Extortion’ Crimewave In the uncannily evocative language of street parlance—Boeing just got jumped. Boeing, a leading aerospace and defense company, has been targeted by the notorious Lockbit syndicate in a significant ransomware attack. A vast amount of its confidential data […]
Cyber Thoughts
This is a current list of where and when I am scheduled to speak: I’m speaking at the AI Summit New York on December 6, 2023. The list is maintained on this page. Tags: Schneier news Sidebar photo of Bruce Schneier by Joe MacInnis.
Cyber News
Sad story of Tokelau, and how its top-level domain “became the unwitting host to the dark underworld by providing a never-ending supply of domain names that could be weaponized against internet users. Scammers began using .tk websites to do everything from harvesting passwords and payment information to displaying pop-up ads or delivering malware.” Tags: domain […]
Cyber News
In 2023, the global average cost of a data breach reached $4.45 million. Beyond the immediate financial loss, there are long-term consequences like diminished customer trust, weakened brand value, and derailed business operations. In a world where the frequency and cost of data breaches are skyrocketing, organizations are coming face-to-face with a harsh reality: traditional […]
Cyber News
Publicly-accessible Docker Engine API instances are being targeted by threat actors as part of a campaign designed to co-opt the machines into a distributed denial-of-service (DDoS) botnet dubbed OracleIV. “Attackers are exploiting this misconfiguration to deliver a malicious Docker container, built from an image named ‘oracleiv_latest’ and containing Python malware compiled as an ELF executable,” […]
Cyber News