Microsoft has released a new open-source security tool to close gaps in threat analysis for industrial control systems and help address increased nation-state attacks on critical infrastructure.
KnowBe4, a Tampa Bay, FL-based provider of security awareness training and simulated phishing platform, is to acquire Egress Software Technologies, a London, UK-based company that specializes in adaptive and integrated cloud email security.
Of the 4.79 million imageless Docker Hub repositories uncovered, 3.2 million of them are said to have been used as landing pages to redirect unsuspecting users to fraudulent sites as part of three broad campaigns.
Prompt Fuzzer is interactive and user-friendly, allowing users to repeat the process as many times as needed to harden their system prompts and see their security score increase as the prompt becomes more resilient.
Researchers have found two novel types of attacks that target the conditional branch predictor found in high-end Intel processors, which could be exploited to compromise billions of processors currently in use.
The Product Security and Telecommunications Infrastructure (PSTI) Act has come into effect, requiring manufacturers of consumer-grade IoT products sold in the UK to stop using guessable default passwords and have a vulnerability disclosure policy.
Discovered by Infoblox, the threat activity does not have a clear goal or motivation but demonstrates sophistication and advanced capabilities to manipulate global DNS systems.
The FCC has fined four major U.S. wireless carriers – AT&T, Sprint, T-Mobile, and Verizon – a total of nearly $200 million for unlawfully selling access to their customers’ real-time location data without consent.
Additionally, the tech giant reports that it identified and blocked 333,000 Google Play accounts that uploaded malware, fraudulent apps, or engaged in repeated grave policy violations.
Researchers found a novel infection chain associated with the DarkGate malware, which is a Remote Access Trojan (RAT) developed using Borland Delphi and marketed as a Malware-as-a-Service (MaaS) offering on a Russian-language cybercrime forum.