SaaS Apps Present an Abbreviated Kill Chain for Attackers – Dark Reading
Black Hat presentation reveals adversaries don’t need to complete all seven stages of a traditional kill chain to achieve their objectives. – Read More
2024
Dutch judge causes storm by using ChatGPT in judgment research – Legal IT Insider
Dutch tech publication Tweakers has kicked off a legal debate after revealing that a Dutch lower court judge has used ChatGPT as a source of information for the ruling. Tweakers…
Critical AWS Vulnerabilities Allow S3 Attack Bonanza – Dark Reading
Researchers at Aqua Security discovered the “Shadow Resource” attack vector and the “Bucket Monopoly” problem, where threat actors can guess the name of S3 buckets based on their public account…
Back to the future: Windows Update is now a trojan horse for hackers – CSO Online
A recent discovery has revealed a serious flaw in Microsoft’s Windows Update. Instead of protecting computers, it can be tricked into installing older, vulnerable operating system versions. This allows hackers…
Musk’s X under scrutiny in Europe for data privacy practices – CSO Online
Elon Musk’s X platform faces legal action in Ireland, with the Data Protection Commission (DPC) filing High Court proceedings over concerns related to the handling of European users’ personal data.…
Automated Security Validation: One (Very Important) Part of a Complete CTEM Framework – The Hacker News
The last few years have seen more than a few new categories of security solutions arise in hopes of stemming a never-ending tidal wave of risks. One of these categories…
Windows Downgrade Attack Risks Exposing Patched Systems to Old Vulnerabilities – The Hacker News
Microsoft said it is developing security updates to address two loopholes that it said could be abused to stage downgrade attacks against the Windows update architecture and replace current versions…
New Phishing Scam Uses Google Drawings and WhatsApp Shortened Links – The Hacker News
Cybersecurity researchers have discovered a novel phishing campaign that leverages Google Drawings and shortened links generated via WhatsApp to evade detection and trick users into clicking on bogus links designed…
Unlock the Future of Cybersecurity: Exclusive, Next Era AI Insights and Cutting-Edge Training at SANS Network Security 2024 – The Hacker News
The Immersive Experience Happening This September in Las Vegas!In an era of relentless cybersecurity threats and rapid technological advancement, staying ahead of the curve is not just a necessity, but…
Civil unrest could lead to suspension of bar exams in Bangladesh – Legal Cheek
UK regulator ‘closely monitoring’ situation The UK bar regulator is “closely monitoring” the situation in Bangladesh, where civil unrest is jeopardising the ability of aspiring barristers to sit their exams.…
SRA warns students sharing SQE content risks automatic fail and no resit option – Legal Cheek
Potentially career ending The regulator has reminded students not to share information about the content of assessment questions on the Solicitors Qualifying Exam (SQE), warning that those who do risk…
The deadline for the July/August Orange Rag is TODAY, 8 August! – Legal IT Insider
As per earlier social media messages, all content for the July/August Orange Rag needs to be with us by close of play today (8 August) if you want it to…
FBI and CISA Warn of BlackSuit Ransomware That Demands Up to $500 Million – The Hacker News
The ransomware strain known as BlackSuit has demanded as much as $500 million in ransoms to date, with one individual ransom demand hitting $60 million. That’s according to an updated…
EU’s DORA regulation explained: New risk management requirements for financial firms – CSO Online
What is the Digital Operational Resilience Act (DORA)? The Digital Operational Resilience Act (DORA) is designed to “consolidate and upgrade ICT risk requirements” across the financial entities to ensure all…
Critical Security Flaw in WhatsUp Gold Under Active Attack – Patch Now – The Hacker News
A critical security flaw impacting Progress Software WhatsUp Gold is seeing active exploitation attempts, making it essential that users move quickly to apply the latest. The vulnerability in question is…