Fly Catcher: Detect aircraft spoofing by monitoring for malicious signals
Fly Catcher is an open-source device that can detect aircraft spoofing by monitoring for malicious ADS-B signals in the 1090MHz frequency. Angelina Tsuboi, the developer of …
Researchers develop technique to prevent software bugs
A team of computer scientists led by the University of Massachusetts Amherst recently announced a new method for automatically generating whole proofs that can be used to …
Microsoft fixes critical flaws in Windows Kerberos, Hyper-V (CVE-2024-20674, CVE-2024-20700)
For January 2024 Patch Tuesday, Microsoft has released fixes for 49 CVE-numbered vulnerabilities, two of which are critical: CVE-2024-20674 and CVE-2024-20700. None of the …
Attackers could use vulnerabilities in Bosch Rexroth nutrunners to disrupt automotive production
Researchers have discovered over two dozen vulnerabilities in “smart” cordless nutrunners (i.e., pneumatic torque wrenches) manufactured by Bosch Rexroth that …
SQLi vulnerability in Cacti could lead to RCE (CVE-2023-51448)
A blind SQL injection vulnerability (CVE-2023-51448) in Cacti, a widely-used network monitoring, performance and fault management framework, could lead to information …
“Security researcher” offers to delete data stolen by ransomware attackers
When organizations get hit by ransomware and pay the crooks to decrypt the encrypted data and delete the stolen data, they can never be entirely sure the criminals will do as …
If you prepare, a data security incident will not cause an existential crisis
Why is it that when a company becomes aware of a potential data security incident, the team working on it (and others who are made aware that “something” is going on) have an …
Understanding zero-trust design philosophy and principles
In this Help Net Security interview, Phil Vachon, Head of Infrastructure in the Office of the CTO at Bloomberg, discusses the varying definitions of zero trust among security …
Securing AI systems against evasion, poisoning, and abuse
Adversaries can intentionally mislead or “poison” AI systems, causing them to malfunction, and developers have yet to find an infallible defense against this. In …
Accelerate essential cyber hygiene for your small business
Think you’re too small to experience a cyber attack? That’s not the case. In fact, cyber threat actors (CTAs) are increasingly setting their sights on small …
Social engineer reveals effective tricks for real-world intrusions
In this Help Net Security interview, Jayson E. Street, Chief Adversarial Officer at Secure Yeti, discusses intriguing aspects of social engineering and unconventional methods …
Review: Engineering-grade OT security: A manager’s guide
Andrew Ginter is a widely-read author on industrial security and a trusted advisor for industrial enterprises. He holds a BSc. in Applied Mathematics and an MSc. in Computer …
Featured news
Resources
Don't miss
- Fake macOS help sites push Shamos infostealer via ClickFix technique
- Why a new AI tool could change how we test insider threat defenses
- Why satellite cybersecurity threats matter to everyone
- Kopia: Open-source encrypted backup tool for Windows, macOS, Linux
- Review: Adversarial AI Attacks, Mitigations, and Defense Strategies