Sources
SlashDot
- Microsoft Launches Phi-3 Mini, a 3.8B-Parameter Model Rivaling GPT-3.5 Capabilities 30 min 45 sec old
- Google Fires More Employees Over Protest of Cloud Contract With Israel 1 hour 34 min old
- Toyota's Hydrogen Future Is Crumbling As Owners File Lawsuits, Call For Buybacks 2 hours 36 min old
- NASA Officially Greenlights $3.35 Billion Mission To Saturn's Moon Titan 4 hours 47 min old
- Voyager 1 Resumes Sending Updates To Earth 8 hours 22 min old
- California Is Grappling With a Growing Problem: Too Much Solar 11 hours 32 min old
- Pareto's Economic Theories Used To Find the Best Mario Kart 8 Racer 13 hours 40 min old
- Apple Acquires Datakalab, a French Startup Behind AI and Computer Vision Tech 14 hours 41 min old
- Huawei Wants To Take Homegrown HarmonyOS Phone Platform Worldwide 14 hours 41 min old
- Gaming Giant Embracer Group Is Splitting Into Three Companies 15 hours 44 min old
Hacker News
- How Much Is Enough? On the Writerly Balance Between Money and Time 37 min 34 sec old
- Ask HN: Is Apple Going Nuts? 38 min 40 sec old
- Air Canada's Chatbot: Why RAG Is Better Than an LLM for Facts 41 min 16 sec old
- A Bibliography of Books and Articles about Unix and Unix Programming [pdf] 43 min 5 sec old
- Minecraft Java Edition 1.20.5 43 min 34 sec old
- Where Small Is Big – Berlin Is Strong in Quantum Tech 44 min 35 sec old
- Ask HN: How to Make News Aggregation Work in 2024? 45 min old
- Ruby 3.3.1 Released 45 min 17 sec old
- AI's impact on nursing and health care 45 min 28 sec old
- Reverse Engineering a Software Crack 46 min 12 sec old
Malware Bytes Security
- “Substantial proportion” of Americans may have had health and personal data stolen in Change Healthcare breach 1 hour 39 min old
- Picking fights and gaining rights, with Justin Brookman: Lock and Code S05E09 23 hours 58 min old
- Billions of scraped Discord messages up for sale 1 day 4 hours old
- A week in security (April 15 – April 21) 1 day 7 hours old
- Law enforcement reels in phishing-as-a-service whopper 4 days 21 hours old
- Mental health company Cerebral failed to protect sensitive personal data, must pay $7 million 5 days 58 min old
- Cannabis investment scam JuicyFields ends in 9 arrests 5 days 4 hours old
- Should you share your location with your partner? 5 days 19 hours old
- Giant Tiger breach sees 2.8 million records leaked 1 week 2 hours old
- A week in security (April 8 – April 14) 1 week 1 day old
Security Week
- The Battle Continues: Mandiant Report Shows Improved Detection But Persistent Adversarial Success 1 hour 53 min old
- Russian Cyberspies Deliver ‘GooseEgg’ Malware to Government Organizations 2 hours 53 min old
- UnitedHealth Says Patient Data Exposed in Change Healthcare Cyberattack 3 hours 36 min old
- Siemens Industrial Product Impacted by Exploited Palo Alto Firewall Vulnerability 5 hours 14 min old
- Ransomware Gang Leaks Data Allegedly Stolen From Government Contractor 5 hours 24 min old
- Microsoft DRM Hack Could Allow Movie Downloads From Popular Streaming Services 5 hours 52 min old
- Research Shows How Attackers Can Abuse EDR Security Products 1 day 2 hours old
- Rural Texas Towns Report Cyberattacks That Caused One Water System to Overflow 1 day 2 hours old
- CrushFTP Patches Exploited Zero-Day Vulnerability 1 day 3 hours old
- Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability 1 day 3 hours old
CNET Feed
- Save Up to 45% on Bed and Bath Goods During Brooklinen's Anniversary Sale - CNET 2 hours 34 min old
- Sonos Updates App With Universal Streaming Search - CNET 2 hours 44 min old
- Best Mother's Day Gift Cards for 2024 - CNET 2 hours 44 min old
- Game-Changing Products to Help You Stop Snoring - CNET 2 hours 44 min old
- Best Internet Providers in Metairie, Louisiana - CNET 2 hours 44 min old
- Score $40 Free Amazon Credit With This Samsung Galaxy A35 Deal - CNET 3 hours 35 sec old
- Amazon Fresh and Whole Foods Now Have Unlimited Free Grocery Delivery for $10 a Month - CNET 3 hours 2 min old
- This New BNPL Credit Card Offers 10% Back on In-App Purchases. What’s the Catch? - CNET 3 hours 3 min old
- Glued to Your Phone? Here's Why, and How to Fix It - CNET 3 hours 42 min old
- Google Should Push RCS Texting Further Than Just the iPhone - CNET 3 hours 43 min old
ZDNet Security
- How a new law protects your thoughts from tech companies – and why it matters 4 hours 44 min old
- Tinder's 'Share My Date' feature will let you share date plans with friends and family 1 day 43 min old
- Brave search engine adds privacy-focused AI - no Google or Bing needed 4 days 19 hours old
- Android could soon protect you from malicious apps by quarantining them 4 days 23 hours old
- National Guard will use Google's AI for faster disaster response and recovery 5 days 21 hours old
- Criminals want to pay T-Mobile and Verizon staff for SIM swaps. Here's what you need to know 6 days 11 min old
- The Blink Mini 2 is seeing its first ever discount at 25% off 6 days 31 min old
- Gen AI training costs soar yet risks are poorly measured, says Stanford AI report 1 week 8 min old
- The best VPN deals right now 1 week 14 min old
- XZ Utils might not have been the only sabotage target, open-source foundations warn 1 week 19 min old
Computer Weekly Feed
- Enterprise AI: Free, premium or a bolt-on? 4 hours 44 min old
- Post Office boss used husband’s descriptions in Orwellian ploy to downplay Horizon problems 5 hours 59 min old
- Questions for IT and cyber leaders from the CSRB Microsoft report 7 hours 29 min old
- Five reasons why – and when – cloud storage is the answer 9 hours 48 min old
- IT Sustainability Think Tank: Sustainable innovation key to carbon emissions transparency 10 hours 56 min old
- Expert investigating Capture system refuses to meet ‘untrustworthy’ Post Office 11 hours 46 min old
- Lords split over UK government approach to autonomous weapons 12 hours 17 min old
- How data keeps Britain’s trains on track 12 hours 42 min old
- Securing the edge: A new battleground in mobile network security 1 day 3 hours old
- Austrian AI: from academia to commercial success and beyond 1 day 4 hours old
Security Wire Daily News
- Mandiant: Attacker dwell time down, ransomware up in 2023 7 hours 44 min old
- Mitre breached by nation-state threat actor via Ivanti flaws 1 day 2 hours old
- AI, toll fraud and messaging top the list of UC security concerns 1 day 3 hours old
- chief privacy officer (CPO) 1 day 5 hours old
- Explore CASB use cases before you decide to buy 1 day 6 hours old
- 7 steps to create a data loss prevention policy 4 days 3 hours old
- Automated patch management: 9 best practices for success 4 days 3 hours old
- 4 steps CISOs can take to raise trust in their business 4 days 4 hours old
- CISA: Akira ransomware extorted $42M from 250-plus victims 4 days 5 hours old
- Cisco discloses high-severity vulnerability, PoC available 4 days 21 hours old
EFF
- Podcast Episode: Right to Repair Catches the Car 8 hours 37 min old
- U.S. Senate and Biden Administration Shamefully Renew and Expand FISA Section 702, Ushering in a Two Year Expansion of Unconstitutional Mass Surveillance 18 hours 54 min old
- Internet Service Providers Plan to Subvert Net Neutrality. Don’t Let Them 3 days 15 hours old
- EFF, Human Rights Organizations Call for Urgent Action in Case of Alaa Abd El Fattah 3 days 23 hours old
- Congress: Don't Let Anyone Own The Law 4 days 1 hour old
- Two Years Post-Roe: A Better Understanding of Digital Threats 4 days 18 hours old
- Fourth Amendment is Not For Sale Act Passed the House, Now it Should Pass the Senate 4 days 23 hours old
- About Face (Recognition) | EFFector 36.5 5 days 22 hours old
- How Political Campaigns Use Your Data to Target You 6 days 19 hours old
- Speaking Freely: Lynn Hamadallah 6 days 20 hours old
Wired Security
- Change Healthcare Finally Admits It Paid Ransomware Hackers—and Still Faces a Patient Data Leak 11 hours 49 min old
- The Next US President Will Have Troubling New Surveillance Powers 22 hours 44 min old
- North Koreans Secretly Animated Amazon and Max Shows, Researchers Say 1 day 8 hours old
- AI-Controlled Fighter Jets Are Dogfighting With Human Pilots Now 3 days 5 hours old
- The Biggest Deepfake Porn Website Is Now Blocked in the UK 3 days 22 hours old
- The Trump Jury Has a Doxing Problem 4 days 20 hours old
- The Real-Time Deepfake Romance Scams Have Arrived 5 days 4 hours old
- Big Tech Squares Off Against US Spies 5 days 21 hours old
- Hackers Linked to Russia’s Military Claim Credit for Sabotaging US Water Utilities 6 days 5 hours old
- Change Healthcare’s New Ransomware Nightmare Goes From Bad to Worse 6 days 20 hours old
KrebsOnSecurity
- Russian FSB Counterintelligence Chief Gets 9 Years in Cybercrime Bribery Scheme 19 hours 36 min old
- Who Stole 3.6M Tax Records from South Carolina? 1 week 4 hours old
- Crickets from Chirp Systems in Smart Lock Key Leak 1 week 1 day old
- Why CISA is Warning CISOs About a Breach at Sisense 1 week 4 days old
- Twitter’s Clumsy Pivot to X.com Is a Gift to Phishers 1 week 6 days old
- April’s Patch Tuesday Brings Record Number of Fixes 1 week 6 days old
- Fake Lawsuit Threat Exposes Privnote Phishing Sites 2 weeks 5 days old
- ‘The Manipulaters’ Improve Phishing, Still Fail at Opsec 2 weeks 6 days old
- Thread Hijacking: Phishes That Prey on Your Curiosity 3 weeks 4 days old
- Recent ‘MFA Bombing’ Attacks Targeting Apple Users 4 weeks 6 min old
Guardian Security
- Change the law on computer evidence with an amendment to data protection bill | Letter 22 hours 19 min old
- Met police failed to act on Commons ‘honeytrap’ sexting reports last year 1 week 4 days old
- William Wragg resigns from two Commons roles after divulging MPs’ phone numbers 2 weeks 17 hours old
- No 10 tells MPs to be cautious about unsolicited messages after attempted ‘honeytrap’ 2 weeks 1 day old
- An MP who gives out colleagues’ numbers to blackmailers. Isn’t William Wragg just right for this Tory party? | Marina Hyde 2 weeks 4 days old
- Senior Tory MP to keep whip during sexting scandal investigation 2 weeks 4 days old
- Senior Tory ‘mortified’ after reportedly passing MPs’ data to dating app contact 2 weeks 4 days old
- Police launch inquiry after MPs targeted in apparent ‘spear-phishing’ attack 2 weeks 4 days old
- Poland launches inquiry into previous government’s spyware use 3 weeks 1 day old
- Power grab: the hidden costs of Ireland’s datacentre boom – podcast 3 weeks 4 days old
Microsoft Malware Protection Center
- Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials 23 hours 44 min old
- Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters 5 days 23 hours old
- New Microsoft guidance for the DoD Zero Trust Strategy 6 days 23 hours old
- Microsoft recognized as a Leader in the Forrester Wave™: Workforce Identity Platform, Q1 2024 1 week 23 hours old
- How Microsoft discovers and mitigates evolving attacks against AI guardrails 1 week 4 days old
- Explore Microsoft’s AI innovations at RSA Conference 2024 2 weeks 4 days old
- Get end-to-end protection with Microsoft’s unified security operations platform, now in public preview 2 weeks 5 days old
- Microsoft Priva announces new solutions to help modernize your privacy program 3 weeks 2 hours old
Cloud Security Briefing: News and Advice
- Explore CASB use cases before you decide to buy 1 day 6 hours old
- RSA Conference 2024 focuses on collaboration, resilience 1 week 5 days old
- Cloud database security: Best practices, challenges and threats 1 week 6 days old
- 9 top cloud storage security issues and how to contain them 2 weeks 4 days old
- SASE vs. SD-WAN: What's the difference? 3 weeks 6 hours old
- Cloud computing forensics techniques for evidence acquisition 3 weeks 6 hours old
- Private vs. public cloud security: Benefits and drawbacks 3 weeks 6 days old
US-Cert Current Activity
- Cisco Releases Security Advisories for Cisco Integrated Management Controller 4 days 3 hours old
- CISA and Partners Release Advisory on Akira Ransomware 5 days 3 hours old
- Oracle Releases Critical Patch Update Advisory for April 2024 5 days 3 hours old
- CISA Releases Three Industrial Control Systems Advisories 5 days 3 hours old
- CISA Releases Four Industrial Control Systems Advisories 1 week 3 hours old
- Joint Guidance on Deploying AI Systems Securely 1 week 1 day old
- CISA Adds One Known Exploited Vulnerability to Catalog 1 week 4 days old
- Citrix Releases Security Updates for XenServer and Citrix Hypervisor 1 week 4 days old
- Juniper Releases Security Bulletin for Multiple Juniper Products 1 week 4 days old
- Palo Alto Networks Releases Guidance for Vulnerability in PAN-OS, CVE-2024-3400 1 week 4 days old
Google Security Blog
- Prevent Generative AI Data Leaks with Chrome Enterprise DLP 4 days 23 hours old
- How we built the new Find My Device network with user security and privacy in mind 2 weeks 23 hours old
- Google Public DNS’s approach to fight against cache poisoning attacks 3 weeks 4 days old
- Address Sanitizer for Bare-metal Firmware 3 weeks 6 days old
Graham Cluely Security Blog
- Change Healthcare data for sale on dark web as fallout from ransomware attack spirals out of control 5 days 1 hour old
- 3.5 million Omni Hotel guest details held to ransom by Daixin Team 5 days 1 hour old
- Police smash LabHost international fraud network, 37 arrested 5 days 1 hour old
- Smashing Security podcast #368: Gary Barlow, and a scam turns deadly 5 days 16 hours old
- Zambia arrests 77 people in swoop on “scam” call centre 1 week 1 day old
- East Central University suffers BlackSuit ransomware attack 1 week 4 days old
- DragonForce ransomware – what you need to know 1 week 4 days old
- When a breach goes from 25 documents to 1.3 terabytes… 1 week 5 days old
- Smashing Security podcast #367: WhatsApp at Westminster, unhealthy AI, and Drew Barrymore 1 week 5 days old
- Targus business operations disrupted following cyber attack 1 week 6 days old
InfoWorld
- Java services hit hardest by third-party vulnerabilities, report says 5 days 6 hours old
- Most developers have adopted devops, survey says 6 days 15 hours old
- Better application networking and security with CAKES 1 week 6 hours old
- Rust gets security fix for Windows vulnerability 1 week 3 days old
- Synopsys takes aim at software supply chain risks 1 week 6 days old
- Synopsys aims to mitigate software supply chain risks 1 week 6 days old
- Synopsys takes aim at software supply chain risks 1 week 6 days old
- Parasoft unveils safety testing tool for C and C++ apps 2 weeks 6 hours old
- Eclipse joins with industry groups to secure open source 2 weeks 3 days old
- Rust memory safety explained 2 weeks 6 days old
US-Cert Alerts
- #StopRansomware: Akira Ransomware 5 days 23 hours old
Security Now
- SN 970: GhostRace - AT&T Breach Update, Cookie Notices, Router Buttons 6 days 15 hours old
- SN 969: Minimum Viable Secure Product - Dlink NAS Backdoor, Privnote, Crowdefense 1 week 6 days old
- SN 968: A Cautionary Tale - XZ Outbreak, AT&T Data Breach 2 weeks 6 days old
- SN 967: GoFetch - Apple vs. DOJ, ".INTERNAL" TLD 3 weeks 6 days old
Security Wire Weekly
- Key software patch testing best practices 1 week 1 day old
- Cloud database security: Best practices, challenges and threats 1 week 6 days old
- 10 enterprise patch management best practices 2 weeks 5 days old
- Cybersecurity highlights from KubeCon + CloudNativeCon Europe 3 weeks 6 days old
The Security Ledger
- Episode 257: Securing Software on Wheels with 3 weeks 5 days old