Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

Russia-Linked Hackers Attack Japan's Govt, Ports

Russia-linked hackers have taken aim at Japan, following its ramping up of military exercises with regional allies and the increase of its defense budget.

DARKReading
Open in Source
#vulnerability#mac#ddos#dos#intel#backdoor#botnet#auth
Secure design principles in the age of artificial intelligence

At Red Hat, we are committed to delivering trustworthy and robust products through a comprehensive security approach that encompasses many Secure Development Lifecycle (SDLC) activities. Our approach is grounded in the foundational principles of secure system design, which were first articulated 50 years ago in 1974 by Jerome Saltzer and Michael Schroeder in their seminal work: The Protection of Information in Computer Systems.Try Red Hat Enterprise Linux AIThese principles, along with more recent advancements, such as those outlined in the CISA Secure by Design and SafeCode Fundamental Prac

Confidential Containers with IBM Secure Execution for Linux

Red Hat OpenShift sandboxed containers, built on Kata Containers, now provide the additional capability to run Confidential Containers (CoCo). Confidential Containers are containers deployed within an isolated hardware enclave protecting data and code from privileged users such as cloud or cluster administrators. The CNCF Confidential Containers project is the foundation for the OpenShift CoCo solution. You can read more about the CNCF CoCo project in this article.As part of OpenShift sandboxed containers release version 1.7.0 the support for Confidential Containers on IBM Z and LinuxONE using

ABB Cylon Aspect 3.08.01 (persistenceManagerAjax.php) Remote Code Execution

The ABB BMS/BAS controller suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the 'directory' HTTP POST parameter called by the persistenceManagerAjax.php script.

Unmanaged Cloud Credentials Pose Risk to Half of Orgs

These types of "long-lived" credentials pose a risk for users across all major cloud service providers, and must meet their very timely ends, researchers say.

Cisco Disables DevHub Access After Security Breach

The networking company confirms that cyberattackers illegally accessed data belonging to some of its customers.

Internet Archive Gets Pummeled in Round 2 Breach

This latest breach was through Zendesk, a customer service platform that the organization uses.

Akira ransomware continues to evolve

As the Akira ransomware group continues to evolve its operations, Talos has the latest research on the group's attack chain, targeted verticals, and potential future TTPs.

Hacker Advertises “Top Secret US Space Force (USSF) Military Technology Archive”

A hacker known as “TAINTU” is advertising a “Top Secret U.S. Space Force Military Technology Archive” for sale,…

Anti-Bot Services Help Cybercrooks Bypass Google 'Red Page'

The emergence of novel anti-detection kits for sale on the Dark Web limit the effectiveness of a Chrome browser feature that warns users that they have reached a phishing page.