Vulnerabilities

Killing Filecoin nodes

Killing Filecoin nodes

| | blockchain, Vulnerability Disclosure
By Simone Monica In January, we identified and reported a vulnerability in the Lotus and Venus clients of the Filecoin network that allowed an attacker to remotely crash a node and trigger ...
Trail of Bits Blog

Patch Tuesday Update – November 2024

| | cyber threat, Fortra VM, Vulnerability Management, Vulnerability Research
The post Patch Tuesday Update - November 2024 appeared first on Digital Defense ...
Digital Defense
Fake IP checker utilities on npm are crypto stealers

Fake IP checker utilities on npm are crypto stealers

| | application vulnerabilities, malicious code npm, Malware Analysis
Recently identified npm packages called "node-request-ip", "request-ip-check" and "request-ip-validator" impersonate handy open source utilities relied upon by developers to retrieve an external IP address but instead target Windows, Linux and macOS users ...
2024 Sonatype Blog

Four New Balbix Capabilities You’ll Love!

| | Cybersecurity AI Assistant, Cybersecurity Risk Management, Vulnerability Management
Organizations today face a surge of vulnerabilities and exposures. With data on assets and exposures scattered across platforms, complexity hinders timely action. Security teams are left to manually sift through fragmented data ...
Blog – Balbix
Google Big Sleep AI LLM security vulnerability

Google Uses Its Big Sleep AI Agent to Find SQLite Security Flaw

| | AI Cybersecurity, DeepMind, generative AI, google, software vulnerability
Google researchers behind the vendor's Big Sleep project used the LLM-based AI agent to detect a security flaw in SQLite, illustrating the value the emerging technology can have in discovering vulnerabilities that ...
Security Boulevard

AIs Discovering Vulnerabilities

| | Artificial Intelligence, Uncategorized, zero-day
I’ve been writing about the possibility of AIs automatically discovering code vulnerabilities since at least 2018. This is an ongoing area of research: AIs doing source code scanning, AIs finding zero-days in ...
Schneier on Security
attacks, cyberthreats, cyber training, AI cybersecurity executive order national security

How Cybersecurity Training Must Adapt to a New Era of Threats

| | attacks, Cybersecurity, Investment, threats, training
We have entered a new era of cyberthreats, and employees must be equipped to defend the company from more cunning and effective attacks than ever ...
Security Boulevard

IoT Security Failures Can Be Sh*tty

| | Blog, cyber, iot, remediation, sewage, Vulnerabilities
It’s hard not to see IoT security failures in the news because they can be dramatic, and this week was no different.  The Register reported that in Moscow a skyscraper-high plume of ...
Viakoo, Inc
Canadian “mounties” marching down the street

Ô! China Hacks Canada too, Says CCCS

| | canada, Canadian Centre for Cyber Security, Canadian Government, china, china espionage, China-linked Hackers, China-nexus cyber attacks, China-nexus cyber espionage, Chinese, Chinese Communists, Chinese cyber espionage, chinese government, chinese hacker, Chinese hackers, Chinese Hacking Groups, Chinese Intelligence, Chinese state-sponsored cyberattacks, National Cyber Threat Assessment, Peoples Republic of China, SB Blogwatch
Plus brillants exploits: Canadian Centre for Cyber Security fingers Chinese state sponsored hackers ...
Security Boulevard
Top CVEs & Vulnerabilities of October 2024

Top CVEs & Vulnerabilities of October 2024

| | CVE, Top CVE Vulnerabilties, Top Vulnerabilities, vulnerability intelligence, Vulnerability Management
October has brought some serious vulnerabilities to the forefront, capturing the attention of cybersecurity teams across industries. If you’re managing IT security or staying alert to cyber threats, knowing which... The post ...
Strobes Security
Load more