New Competition Focuses on Hardening Cryptosystems
The Technology Innovation Institute’s year-long cryptographic challenge invites participants to assess concrete hardness of McEliece public-key encryption scheme.
News & Updates
TikTok Is Testing Exclusive Deals With Musicians—but It’s Definitely Not a Record Label
It’s nearly impossible to discount the role that TikTok has played in the modern music scene, for better or for worse. From artists being forced to churn out TikTok hits to classics from the 60’s getting a breath of fresh air, TikTok isn’t leaving the music industry any time soon. Now, it would appear that the social…
Cybersecurity Tools
Adversary in-the-Middle attack, what is it?
EXECUTIVE SUMMARY: Should you be more concerned about the threats filtering into your employees’ inboxes? Over 3.4 billion phishing emails are delivered every day. While phishing attacks alone can devastate a business, phishing attacks that serve as a gateway for other attack types can be even more damaging and difficult to disrupt. In this article, […]
The post Adversary in-the-Middle attack, what is it? appeared first on CyberTalk.
News & Updates
Malicious Chatbots Target Casinos in Southeast Asia
Dubbed “ChattyGoblin,” the China-backed actors use chatbots to scam Southeast Asian gambling companies.
Robert Rodriguez’s Sci-Fi Movies, Ranked
Though he became famous for his down-and-dirty action movies, Robert Rodriguez is a sci-fi guy. That’s just a fact. A brief look at his filmography shows that the vast majority of the films he’s directed are science fiction films or, in a few cases, more traditional fantasy or horror films.
News & Updates
YouTuber Who Built Tricorder That’s Better Than the Official Ones Explains How it Works
Some people believe that if you want something done right, you need to do it yourself. So that’s exactly what maker Mangy Dog dog did when they built a replica of a Star Trek tricorder that looks straight out of the 24th century. In a recent video, they show off even more of its wildly inventive functionality.
A Ringworm-Causing Superfungus Is Infecting People in New York City
Super-ringworm is on the loose in New York City. In a report this week, doctors and health officials have detailed the first known U.S. cases of the itchy infection caused by a contagious and emerging fungal germ—one highly resistant to many existing drugs. The fungus was first identified in South Asia, but it’s…
A Link Between Genders: Trans Joy and the Legend of Zelda
“It is inevitable all of us will see something of ourselves within Link,” says Keroblin, a Zelda fan who first remembers playing Phantom Hourglass in 2007, and identifies as transmasculine and agender. “We’re an active participant even [when] we can’t make narrative decisions, because we get to decide who Link is. It…
News & Updates
CISA Adds Seven Known Exploited Vulnerabilities to Catalog
CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
- CVE-2023-25717 Multiple Ruckus Wireless Products CSRF and RCE Vulnerability
- CVE-2021-3560 Red Hat Polkit Incorrect Authorization Vulnerability
- CVE-2014-0196 Linux Kernel Race Condition Vulnerability
- CVE-2010-3904 Linux Kernel Improper Input Validation Vulnerability
- CVE-2015-5317 Jenkins User Interface (UI) Information Disclosure Vulnerability
- CVE-2016-3427 Oracle Java SE and JRockit Unspecified Vulnerability
- CVE-2016-8735 Apache Tomcat Remote Code Execution Vulnerability
These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view other newly added vulnerabilities in the catalog, click on the arrow in the “Date Added to Catalog” column—which will sort by descending dates.
Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.
Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
Cybersecurity Tools
Black Basta Ransomware Attacks Global Technology Company ABB
ABB, a leading provider of electrification and automation technology, has been hit by a Black Basta ransomware attack, which has reportedly affected business operations. As part of its services, ABB develops industrial control systems (ICS) and SCADA systems for manufacturers and energy suppliers. The company has approximately 105,000 employees and is expected to generate $29.4 […]
The post Black Basta Ransomware Attacks Global Technology Company ABB appeared first on Heimdal Security Blog.