AWS Plans Multifactor Authentication Mandates for 2024
Amazon will add new MFA requirements for users with the highest privileges, with plans to include other user levels over…
News
Bing Chat LLM Tricked Into Circumventing CAPTCHA Filter
By reframing the narrative of the filter, the large-language model chatbot was more willing to solve the visual puzzle and…
Turnkey Rootkit for Amateur Hackers Makes Supply Chain Attacks Easy
It's never been easier to hide malware in plain sight in open source software package repositories, and "DiscordRAT 2.0" now…
Breaches Are the Cost of Doing Business, but NIST Is Here to Help
Treating the NIST Cybersecurity Framework as a business requirement is a strong step toward preventing breaches.
Patch Confusion for Critical Exim Bug Puts Email Servers at Risk — Again
Defenders have been left scrambling after the way patches were released for six flaws in the open source mail server,…
How to Measure Patching and Remediation Performance
Tracking metrics like MTTR, MTTD, MTTP, and MTTC can demonstrate the effectiveness of your patch management process and your value…
Russian Hacktivism: Flashy Non-Events or Serious Threat?
While it's tempting to dismiss Russian hacktivist DDoSing as all sizzle and no steak, experts warn the cyberattacks can cause…
Name That Edge Toon: Office Artifacts
Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift…
USPS Anchors Snowballing Smishing Campaigns
Researchers found 164 domains connected to a single threat actor located in Tehran.
Attacks on Maximum Severity WS_FTP Bug Have Been Limited — So Far
While CVE-2023-40044 is critical, threat watchers hope it won't be another MOVEit for customers of Progress Software's file transfer technology.