Tag: proactive security
-
The Register: The Feds want developers to stop coding ‘unforgivable’ buffer overflow vulns
Source URL: https://www.theregister.com/2025/02/13/fbi_cisa_unforgivable_buffer_overflow/ Source: The Register Title: The Feds want developers to stop coding ‘unforgivable’ buffer overflow vulns Feedly Summary: FBI, CISA harrumph at Microsoft and VMware in call for coders to quit baking avoidable defects into stuff US authorities have labelled buffer overflow vulnerabilities “unforgivable defects”, pointed to the presence of the holes in…
-
Microsoft Security Blog: The BadPilot campaign: Seashell Blizzard subgroup conducts multiyear global access operation
Source URL: https://www.microsoft.com/en-us/security/blog/2025/02/12/the-badpilot-campaign-seashell-blizzard-subgroup-conducts-multiyear-global-access-operation/ Source: Microsoft Security Blog Title: The BadPilot campaign: Seashell Blizzard subgroup conducts multiyear global access operation Feedly Summary: Microsoft is publishing for the first time our research into a subgroup within the Russian state actor Seashell Blizzard and its multiyear initial access operation, tracked by Microsoft Threat Intelligence as the “BadPilot campaign”.…
-
The Register: February’s Patch Tuesday sees Microsoft offer just 63 fixes
Source URL: https://www.theregister.com/2025/02/12/patch_tuesday_february_2025/ Source: The Register Title: February’s Patch Tuesday sees Microsoft offer just 63 fixes Feedly Summary: Don’t relax just yet: Redmond has made some certificate-handling changes that could trip unprepared admins Patch Tuesday Microsoft’s February patch collection is mercifully smaller than January’s mega-dump. But don’t get too relaxed – some deserve close attention,…
-
Slashdot: Google Chrome May Soon Use ‘AI’ To Replace Compromised Passwords
Source URL: https://it.slashdot.org/story/25/02/11/1952248/google-chrome-may-soon-use-ai-to-replace-compromised-passwords?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Google Chrome May Soon Use ‘AI’ To Replace Compromised Passwords Feedly Summary: AI Summary and Description: Yes Summary: Google’s Chrome browser is set to enhance security by introducing an AI-driven feature that detects compromised passwords and automatically generates stronger replacements. This upgrade aims to streamline the process of password…
-
Alerts: CISA Releases Two Industrial Control Systems Advisories
Source URL: https://www.cisa.gov/news-events/alerts/2025/02/11/cisa-releases-two-industrial-control-systems-advisories Source: Alerts Title: CISA Releases Two Industrial Control Systems Advisories Feedly Summary: CISA released two Industrial Control Systems (ICS) advisories on February 11, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-319-17 2N Access Commander (Update A) ICSA-25-037-04 Trimble Cityworks (Update A) CISA encourages users…
-
Microsoft Security Blog: Build a stronger security strategy with proactive and reactive incident response: Cyberattack Series
Source URL: https://www.microsoft.com/en-us/security/blog/2025/02/10/build-a-stronger-security-strategy-with-proactive-and-reactive-incident-response-cyberattack-series/ Source: Microsoft Security Blog Title: Build a stronger security strategy with proactive and reactive incident response: Cyberattack Series Feedly Summary: Find out how a cyberattack by Storm-2077 was halted faster because the Microsoft Incident Response team is both proactive and reactive at the same time. The post Build a stronger security strategy…
-
The Register: US news org still struggling to print papers a week after ‘cybersecurity event’
Source URL: https://www.theregister.com/2025/02/10/us_newspapers_lee_enterprises_cyberattack/ Source: The Register Title: US news org still struggling to print papers a week after ‘cybersecurity event’ Feedly Summary: Publications across 25 states either producing smaller issues or very delayed ones US newspaper publisher Lee Enterprises is one week into tackling a nondescript “cybersecurity event," saying the related investigation may take "weeks…
-
The Register: Apple missed screenshot-snooping malware in code that made it into the App Store, Kaspersky claims
Source URL: https://www.theregister.com/2025/02/07/infected_apps_google_apple_stores/ Source: The Register Title: Apple missed screenshot-snooping malware in code that made it into the App Store, Kaspersky claims Feedly Summary: OCR plugin great for extracting crypto-wallet secrets from galleries Kaspersky eggheads say they’ve spotted the first app containing hidden optical character recognition spyware in Apple’s App Store. Cunningly, the software nasty…