Tool of First Resort: Israel-Hamas War in Cyber
An analysis of cyber operations in the Israel-Hamas War.
Aggregator
We’ve hired Ash Devata as CEO at GreyNoise, and I get my dream job.
9 months 1 week ago
See why Andrew Morris, GreyNoise's founder, is thrilled to step into his dream role as Chief Architect, focusing on technical innovation and AI strategy. With Ash Devata joining as CEO, Andrew is excited to partner with someone known for their customer focus and industry expertise, ensuring GreyNoise continues to thrive in the ever-evolving landscape of cybersecurity.
Trend Micro Discovers Actively Exploited Vulnerability Affecting Millions of Users: Customers Already Protected
9 months 1 week ago
Scaling security with AI: from detection to solution
9 months 1 week ago
Kimberly Samra
CVE-2024-23724: Ghost CMS Stored XSS Leading to Owner Takeover
9 months 1 week ago
The post CVE-2024-23724:
Ghost CMS Stored XSS Leading to Owner Takeover appeared first on Rhino Security Labs.
Tyler Ramsbey
AI and cyber security: what you need to know
9 months 1 week ago
Understanding the risks - and benefits - of using AI tools.
Decrypted: Rhysida Ransomware
9 months 2 weeks ago
The team at Avast has developed a decryptor for the Rhysida ransomware and released it for public download. The Rhysida ransomware has been active since May 2023. As of Feb 2024, their TOR site lists 78 attacked companies, including IT (Information Technology) sector, healthcare, universities, and government organizations.
The post Decrypted: Rhysida Ransomware appeared first on Avast Threat Labs.
Threat Research Team
Deepfakes in the global election year of 2024: A weapon of mass deception?
9 months 2 weeks ago
As fabricated images, videos and audio clips of real people go mainstream, the prospect of a firehose of AI-powered disinformation is a cause for mounting concern
Vulnerability assessments vs. penetration testing
9 months 2 weeks ago
Penetration tests are a detailed hands-on exploration of an organization’s weaknesses while vulnerability assessments quickly identify risks without going deeper. Here’s why you need both.
Unleashing the power of cloud with containerisation
9 months 2 weeks ago
New NCSC guidance describes how organisations can make the most of containerisation.
QR Codes - what's the real risk?
9 months 2 weeks ago
How safe is it to scan that QR code in the pub? Or in that email?
Phishing attacks: defending your organisation
9 months 2 weeks ago
How to defend your organisation from email phishing attacks.
Reducing data exfiltration by malicious insiders
9 months 2 weeks ago
Advice and recommendations for mitigating this type of insider behaviour.
Say Goodbye to Monolithic EdgeWorkers: Introducing Flexible Composition (Part 2)
9 months 2 weeks ago
Evan Hughes & AJ Johnson
国内开发者的网络超时日常
9 months 2 weeks ago
Life find its way.
三仙归洞
9 months 2 weeks ago
仙人把碗扣下,问里面有几颗豆子。然后,仙人就不见了,只剩下那只碗。一开始大家不信他是仙人,以为就是个变戏法的。
Video: ASCII Smuggling and Hidden Prompt Instructions
9 months 2 weeks ago
A couple of weeks ago hidden prompt injections were discovered and we covered it at the time.
This video explains it in more detail, and also highlights implications beyond hiding instructions, including what I call ASCII Smuggling. This is the usage of Unicode Tags Block characters to both craft and deciper hidden messages in plain sight.
Using Unicode encoding to bypass security features or execute code (XSS, SSRF,.
SigmaHQ Rules Release Highlights — r2024–02–12
9 months 2 weeks ago
Nasreddine Bencherchali
甲辰随笔:关于策略性思考
9 months 2 weeks ago
新的一年希望自己能多读书,也会把自己的一些感触记录在这里。想到哪写到哪,不成体系,仅为记录。
Data Matters ? Is Your API Security Data Rich or Data Poor?
9 months 2 weeks ago
Taking a data-rich approach to security is the most effective way to stay a step ahead of today?s quickly evolving API threats.
Abigail Ojeda