Recent Security News
-
New DLL Search Order Hijacking Technique Targets WinSxS folder
January 2, 2024 at 10:36AM Security Joes discovered a new DLL search order hijacking technique allowing adversaries to execute malicious code in Windows’ WinSxS folder. The technique abuses applications’ search order, leading to the loading of a malicious DLL before the legitimate library. Attackers can inject unauthorized code into trusted processes, effectively bypassing security tools.…
-
The law enforcement operations targeting cybercrime in 2023
January 2, 2024 at 10:10AM In 2023, law enforcement conducted numerous successful operations targeting cybercrime, including infiltrating ransomware gangs, dismantling encrypted communication platforms, and seizing cryptocurrency accounts and illegal marketplaces worldwide. These efforts resulted in the arrest of thousands of suspects and over $1 billion in seized assets, with a focus on disrupting a wide…
-
The biggest cybersecurity and cyberattack stories of 2023
January 2, 2024 at 10:10AM In 2023, cybersecurity saw numerous significant events, including 23andMe suffering a data breach impacting 6.9 million users, major ransomware attacks on Danish hosting providers and DISH Network, and government-sponsored advanced attacks on iOS devices. Notably, GoDaddy’s multi-year breach and widespread data theft using a zero-day vulnerability in MOVEit Transfer were…
-
Startups Scramble to Build Immediate AI Security
January 2, 2024 at 10:07AM In early 2003, the emergence of artificial intelligence (AI) security became imminent with the introduction of ChatGPT, impacting startups focusing on machine learning security operations, AppSec remediation, and privacy enhancement through homomorphic encryption. Today’s AI faces significant vulnerability challenges, particularly concerning the security of foundational models. Startups are debating various…
-
10 Years After Yahoo Breach, What’s Changed? (Not Much)
January 2, 2024 at 09:02AM Yahoo experienced the biggest data breaches in history, yet experts caution that after a decade, we have not heeded the lessons from these incidents. Based on the meeting notes, it seems that the discussion highlighted the significant data breaches experienced by Yahoo customers, which were considered some of the largest…