Vulnerabilities

Killing Filecoin nodes

Trail of Bits | November 13, 2024 | blockchain, Vulnerability Disclosure

By Simone Monica In January, we identified and reported a vulnerability in the Lotus and Venus clients of the Filecoin network that allowed an attacker to remotely crash a node and trigger ...

Trail of Bits Blog

Patch Tuesday Update – November 2024

Digital Defense by Fortra | November 12, 2024 | cyber threat, Fortra VM, Vulnerability Management, Vulnerability Research

The post Patch Tuesday Update - November 2024 appeared first on Digital Defense ...

Digital Defense

Fake IP checker utilities on npm are crypto stealers

Ax Sharma | November 12, 2024 | application vulnerabilities, malicious code npm, Malware Analysis

Recently identified npm packages called "node-request-ip", "request-ip-check" and "request-ip-validator" impersonate handy open source utilities relied upon by developers to retrieve an external IP address but instead target Windows, Linux and macOS users ...

2024 Sonatype Blog

Four New Balbix Capabilities You’ll Love!

Martin Johnson | November 11, 2024 | Cybersecurity AI Assistant, Cybersecurity Risk Management, Vulnerability Management

Organizations today face a surge of vulnerabilities and exposures. With data on assets and exposures scattered across platforms, complexity hinders timely action. Security teams are left to manually sift through fragmented data ...

Blog – Balbix

Google Big Sleep AI LLM security vulnerability

Google Uses Its Big Sleep AI Agent to Find SQLite Security Flaw

Jeffrey Burt | November 5, 2024 | AI Cybersecurity, DeepMind, generative AI, google, software vulnerability

Google researchers behind the vendor's Big Sleep project used the LLM-based AI agent to detect a security flaw in SQLite, illustrating the value the emerging technology can have in discovering vulnerabilities that ...

Security Boulevard

AIs Discovering Vulnerabilities

Bruce Schneier | November 5, 2024 | Artificial Intelligence, Uncategorized, zero-day

I’ve been writing about the possibility of AIs automatically discovering code vulnerabilities since at least 2018. This is an ongoing area of research: AIs doing source code scanning, AIs finding zero-days in ...

Schneier on Security

attacks, cyberthreats, cyber training, AI cybersecurity executive order national security

How Cybersecurity Training Must Adapt to a New Era of Threats

Matt Lindley | November 5, 2024 | attacks, Cybersecurity, Investment, threats, training

We have entered a new era of cyberthreats, and employees must be equipped to defend the company from more cunning and effective attacks than ever ...

Security Boulevard

IoT Security Failures Can Be Sh*tty

John Gallagher | November 1, 2024 | Blog, cyber, iot, remediation, sewage, Vulnerabilities

It’s hard not to see IoT security failures in the news because they can be dramatic, and this week was no different. The Register reported that in Moscow a skyscraper-high plume of ...

Viakoo, Inc

Canadian “mounties” marching down the street

Ô! China Hacks Canada too, Says CCCS

Plus brillants exploits: Canadian Centre for Cyber Security fingers Chinese state sponsored hackers ...

Security Boulevard

Top CVEs & Vulnerabilities of October 2024

Shubham Jha | November 1, 2024 | CVE, Top CVE Vulnerabilties, Top Vulnerabilities, vulnerability intelligence, Vulnerability Management

October has brought some serious vulnerabilities to the forefront, capturing the attention of cybersecurity teams across industries. If you’re managing IT security or staying alert to cyber threats, knowing which... The post ...

Strobes Security