Cybersecurity

Juniper Networks flings out emergency patches for perfect 10 router vuln

Get 'em while they're hot A critical vulnerability affecting Juniper Networks routers forced the vendor to issue emergency patches last week, and users are advised to apply them as soon as possible.…

Polyfill.io claims reveal new cracks in supply chain, but how deep do they go?

There will always be bad actors in the system. We can always learn from the drama they create Opinion  Libraries. Hushed temples to the civilizing power of knowledge, or launchpads of global destruction? Yep, another word tech has borrowed and debased. Code libraries are essential for adding just…

CISA director: US is ‘not afraid’ to shout about Big Tech’s security failings

Jen Easterly hopes CSRB's Microsoft report won't impede future private sector collaboration CISA director Jen Easterly says the Cybersecurity Safety Review Board (CSRB) "is not afraid to say when something is amiss" in response to questions about fears around private sector collaboration following the board's scathing Microsoft report.…

Police allege ‘evil twin’ of in-flight Wi-Fi used to steal passenger’s credentials

Fasten your seat belts, secure your tray table, and try not to give away your passwords Australia’s Federal Police (AFP) has charged a man with running a fake Wi-Fi networks on at least one commercial flight and using it to harvest fliers’ credentials for email and social media…

CISA looked at C/C++ projects and found a lot of C/C++ code. Wanna redo any of it in Rust?

So, so many lines of memory-unsafe routines in crucial open source, and unsafe dependencies The US government's Cybersecurity and Infrastructure Security Agency (CISA) has analyzed 172 critical open source projects and found that more than half contain code written in languages like C and C++ that are not…

TeamViewer says Russia broke into its corp IT network

Same APT29 crew that hit Microsoft and SolarWinds. How close were we to a mega backdoor situation? TeamViewer says it was Russian intelligence that broke into its systems this week.…

Unlock the future of security

Join our exclusive webinar on identity security Webinar  In today's rapidly evolving digital landscape, securing identities is more critical than ever.…

Google cuts ties with Entrust in Chrome over trust issues

Move comes weeks after Mozilla blasted certificate authority for failings Google is severing its trust in Entrust after what it describes as a protracted period of failures around compliance and general improvements.…

Microsoft hits snooze again on security certificate renewal

Seeing weird warnings in Microsoft 365 and Office Online? That'll be why Microsoft has expiration issues with its TLS certificates, resulting in unwanted security warnings.…

‘Skeleton Key’ attack unlocks the worst of AI, says Microsoft

Simple jailbreak prompt can bypass safety guardrails on major models Microsoft on Thursday published details about Skeleton Key – a technique that bypasses the guardrails used by makers of AI models to prevent their generative chatbots from creating harmful content.…

Copyright © 2024 Lugapel