June 28, 2024
CISA looked at C/C++ projects and found a lot of C/C++ code. Wanna redo any of it in Rust?
So, so many lines of memory-unsafe routines in crucial open source, and unsafe dependencies The US government's Cybersecurity and Infrastructure Security Agency (CISA) has analyzed 172 critical open source projects and found that more than half contain code written in languages like C and C++ that are not…
TeamViewer says Russia broke into its corp IT network
Same APT29 crew that hit Microsoft and SolarWinds. How close were we to a mega backdoor situation? TeamViewer says it was Russian intelligence that broke into its systems this week.…
Unlock the future of security
Join our exclusive webinar on identity security Webinar In today's rapidly evolving digital landscape, securing identities is more critical than ever.…
Google cuts ties with Entrust in Chrome over trust issues
Move comes weeks after Mozilla blasted certificate authority for failings Google is severing its trust in Entrust after what it describes as a protracted period of failures around compliance and general improvements.…
Microsoft hits snooze again on security certificate renewal
Seeing weird warnings in Microsoft 365 and Office Online? That'll be why Microsoft has expiration issues with its TLS certificates, resulting in unwanted security warnings.…
‘Skeleton Key’ attack unlocks the worst of AI, says Microsoft
Simple jailbreak prompt can bypass safety guardrails on major models Microsoft on Thursday published details about Skeleton Key – a technique that bypasses the guardrails used by makers of AI models to prevent their generative chatbots from creating harmful content.…
Polyfill.io owner punches back at ‘malicious defamation’ amid domain shutdown
No supply-chain attacks to see over here! After having its website shut down, the polyfill.io owner is fighting back against claims it smuggled suspicious code onto websites all across the internet.…