This week in the security news:
Malware-laced printer drivers
Unicode steganography
Rhode Island may sue Deloitte for breach. They may even win.
Japan's active cyber defense law
Stop with the ping
LLMs replace Stack Overflow - ya don't say?
Aggravated identity theft is aggravating
Ivanti DSM and why you shouldn't use it
EDR is still playing cat a...
This week in the security news:
Android catches up to iOS with its own lockdown mode
Just in case, there is a new CVE foundation
Branch privilege injection attacks
My screen is vulnerable
The return of embedded devices to take over the world - 15 years later
Attackers are going after MagicINFO
Hacking Starlink
Mitel SIP phones can be hacked
Rever...
Ongoing attacks leveraging a pair of critical operating system command injection flaws impacting GeoVision Internet of Things devices, tracked as CVE-2024-6047 and CVE-2024-11120, have prompted their inclusion in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, with federal agencies urged to remediate the security flaws by May 28, according to Security Affairs.
Security news for this week:
RDP and credentials that are not really revoked, and some RDP bitmap caching fun
Some magic info on MagicINFO
Vulnerability Management Zombies
There is a backdoor in your e-commerce
Airborne: vulnerabilities in AirPlay
Bring your own installer - crafty EDR bypass
The Signal clone used by US government officials: shock...
Attacks aimed at the end-of-life GeoVision IoT devices involved an exploit using the operating system command injection bugs, tracked as CVE-2024-6047 and CVE-2024-11120.
The crosswalk is talking to me man!, don't block my website without due process, Florida is demanding encryption backdoors, attacking boilers and banning HackRF Ones, time to update your flipper zero, using AI to create working exploits, what happens when you combine an RP2350 and an ESP32? Hopefully good hackery things!, more evidence that patchin...
Makers of IoT and embedded devices are about to face stringent regulations around firmware development, documentation and support. Here's why they'll need automation to keep up.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.