Researchers IBM and VU Amsterdam discover major CPU vulnerability
A new CPU vulnerability affects all known computer architectures. The so-called GhostRace exploit makes it possible to steal data from the system memory of PCs with chips from Intel, AMD, Arm and IBM.
VUSec, the Systems & Network Security Group at the Dutch university VU Amsterdam, shares a ... Read more
Expert talks
Cookie stealing kits represent yet another cookie headache
In the never-ending game of whack-a-mole between cybersecurity teams and malicious actors, cookie hijacking is a trending threat. As teams get smarter about using secure passwords and multi-factor authentication, hackers are using cookies to gain unauthorized access to sessions and accounts.
As ... Read more
Malware scanner jeopardizes more than 10,000 WordPress sites
Two critical vulnerabilities in WordPress plugins from miniOrange will never receive a patch. More than 10,000 websites use the Malware Scanner plugin to detect attackers. However, the tool itself is exploitable by malicious actors.
The vulnerability in Malware Scanner was found by WordPress res... Read more
Can the right cybersecurity solution make Verstappen’s Red Bull go faster?
Formula 1 is all about speed. A team's cybersecurity solution must keep up with this. We spoke to Mark Hazelton, Oracle Red Bull Racing's Chief Security Officer, about the importance of cybersecurity within the team and the role Arctic Wolf plays in this regard.
Hazelton has been part of the wo... Read more
Chrome able to block 25 percent more phishing attempts
Google is improving phishing and malware protection for Chrome users. Websites are now monitored in real-time. This was necessary after Google found that malicious websites existed for an average of 10 minutes.
An update to the Safe Browsing feature, launched in 2005, should better protect Chro... Read more
Zscaler steps further into data processing with acquisition of Avalor
The startup Avalor has been around for just two years but is reportedly being acquired by Zscaler for hundreds of millions.
Zscaler is interested in acquiring Avalor because of the startup's Data Fabric for Security. In this environment, data from security and business systems can be integrated ... Read more
‘Increasing number of secrets leak in public GitHub repositories’
The amount of secrets leaked in public GitHub repositories is higher than ever. A report puts the total number of new leaks at 12.8 million by 2023.
12.8 million secrets were not properly shielded in public GitHub repositories in 2023. As a result, sensitive data is visible to everyone. Among t... Read more
BlackBerry: Critical infrastructure most attacked late 2023
Organizations that are part of critical infrastructure face the most cyber attacks in September-December 2023.
That's according to BlackBerry researchers. Attacks mainly targeted the government, financial services, healthcare and communications sectors. In total, these sectors suffered 62% of th... Read more
ChatGPT plugins leak sensitive data
The critical vulnerabilities allowed unauthorized access to third-party accounts and sensitive user data.
This was discovered by researchers at Salt Security. ChatGPT plugins provide interaction capabilities with third-party services. They perform tasks for users on platforms such as GitHub, Goo... Read more
Four-year sentence for hacker of LockBit ransomware group
A cybercriminal has been sentenced to four years in prison. The man deployed LockBit ransomware software and was involved in the activities of the ransomware group.
A key member of the LockBit ransomware group has been sentenced to four years in prison, Canadian broadcaster CTV News reports. A ... Read more