New open-source project takeover attacks spotted, stymied
The OpenJS Foundation has headed off a “credible takeover attempt” similar to the one that resulted in a backdoor getting included in the open-source XZ Utils package by someone who called themselves “Jia Tan”. This malicious.....»»
Tracecat: Open-source SOAR
Tracecat is an open-source automation platform for security teams. The developers believe security automation should be accessible to everyone, especially understaffed small- to mid-sized teams. Core features, user interfaces, and day-to-day workflow.....»»
UK outlaws awful default passwords on connected devices
The law aims to prevent global-scale botnet attacks. Enlarge (credit: Getty Images) If you build a gadget that connects to the Internet and sell it in the United Kingdom, you can no longer make the default password "pass.....»»
Apple must open iPadOS to sideloading within 6 months, EU says
iPads must comply with the same DMA regulations as the iPhone. Enlarge (credit: Andrew Cunningham) Starting in March with the release of iOS 17.4, iPhones in the European Union have been subject to the EU's Digital Marke.....»»
Too many vehicles, slow reactions and reckless merging: New math model explains how traffic and bacteria move
What do the flow of cars on a highway and the movement of bacteria towards a food source have in common? In both cases, annoying traffic jams can form. Especially for cars, we might want to understand how to avoid them, but perhaps we've never though.....»»
Researchers unveil novel attack methods targeting Intel’s conditional branch predictor
Researchers have found two novel types of attacks that target the conditional branch predictor found in high-end Intel processors, which could be exploited to compromise billions of processors currently in use. The multi-university and industry resea.....»»
Okta warns customers about credential stuffing onslaught
Credential stuffing attacks have exploded this April, Okta warns, and advises its customers to use available tools to block access requests originating from residential proxies before authentication takes place. Abuse of proxy networks “In cred.....»»
Meta to face EU probe for not doing enough to stop Russian disinformation
Insufficient moderation of political ads risk undermining electoral process. Enlarge (credit: FT) Brussels is set to open a probe into Meta’s Facebook and Instagram as soon as Monday over concerns the social media gian.....»»
AI is creating a new generation of cyberattacks
Most businesses see offensive AI fast becoming a standard tool for cybercriminals, with 93% of security leaders expecting to face daily AI-driven attacks, according to Netacea. Offensive AI in cyberattacks The research, “Cyber security in the age o.....»»
Prompt Fuzzer: Open-source tool for strengthening GenAI apps
Prompt Fuzzer is an open-source tool that evaluates the security of your GenAI application’s system prompt against dynamic LLM-based threats. Prompt Fuzzer features Simulation of over a dozen types of GenAI attacks The tool contextualizes itsel.....»»
Open Source Hardware Certifications For March 2024
Take a look at a few of the Open Source Hardware Association certifications from the month of March The post Open Source Hardware Certifications For March 2024 appeared first on Make: DIY Projects and Ideas for Makers......»»
Microsoft open-sources infamously weird, RAM-hungry MS-DOS 4.00 release
DOS 4.00 was supposed to add multitasking to the OS, but it was not to be. Enlarge / A DOS prompt. Microsoft has open-sourced another bit of computing history this week: The company teamed up with IBM to release the sou.....»»
LSA Whisperer: Open-source tools for interacting with authentication packages
LSA Whisperer consists of open-source tools designed to interact with authentication packages through their unique messaging protocols. Support is currently provided for the cloudap, kerberos, msv1_0, negotiate, pku2u, schannel packages and cloudap.....»»
Net neutrality has been restored
The Federal Communications Commission (FCC) today voted to restore a national standard to ensure the internet is fast, open, and fair. Today’s decision to reclassify broadband service as a Title II telecommunications service allows the FCC to prote.....»»
BlizzCon 2024 is not happening despite Blizzard’s strong 2024 lineup
Blizzard Entertainment confirmed that BlizzCon 2024 is not happening, but it will leave the door open for the event to return in the future......»»
Garry’s Mod is taking down 20 years’ worth of “Nintendo Stuff”
Creator: "They don't want you playing with that stuff... we have to respect that." Enlarge / "5ario" here won't be on the Garry's Mod Steam Workshop for long. (credit: Steam / LmaoSPW) The popular long-running Source-eng.....»»
IBM acquires HashiCorp in multi-billion dollar deal to boost cloud reach
HashiCorp agrees to $6.4 billion takeover deal by IBM as the companies look to take on more of the market......»»
Dropzone AI raises $16.85 million to combat advanced AI attacks
Dropzone AI has raised $16.85 million in Series A funding. Theory Ventures led the round, adding to their cohort of existing investors Decibel Partners, Pioneer Square Ventures, and In-Q-Tel (IQT). Carta CISO Garrett Held, Head of Security at Postman.....»»
BforeAI raises $15 million to stop attacks before they occur
BforeAI has secured $15 million in Series A funding led by SYN Ventures, with renewed participation from early investors Karma Ventures, Karista, Addendum Capital, and a new investment from the Partnership Fund for New York City. BforeAI autonomously.....»»
The guardian angels of the source of the Seine
The river Seine, the centerpiece of the Paris Olympics opening ceremony in July, starts with a few drops of water in a mossy grotto deep in the woods of central France......»»
Nation-state hackers exploit Cisco firewall 0-days to backdoor government networks
Perimeter devices ought to prevent network hacks. Why are so many devices allowing attacks? Enlarge (credit: Getty Images) Hackers backed by a powerful nation-state have been exploiting two zero-day vulnerabilities in Ci.....»»