FreshRSS

πŸ”’
β–³ πŸ”ƒ
☐ β˜† βœ‡ Troy Hunt

Welcoming the Liechtenstein Government to Have I Been Pwned

By Troy Hunt β€” March 12th 2024 at 07:17
Welcoming the Liechtenstein Government to Have I Been Pwned

Over the last 6 years, we've been very happy to welcome dozens of national governments to have unhindered access to their domains in Have I Been Pwned, free from cost and manual verification barriers. Today, we're happy to welcome Liechtenstein's National Cyber Security Unit who now have full access to their government domains.

We provide this support to governments to help those tasked with protecting their national interests understand more about the threats posed by data breaches, and we look forward to welcoming many more national infosec teams in the future.

☐ β˜† βœ‡ Troy Hunt

Welcoming the German Government to Have I Been Pwned

By Troy Hunt β€” March 7th 2024 at 07:51
Welcoming the German Government to Have I Been Pwned

Back in 2018, we started making Have I Been Pwned domain searches freely available to national government cybersecurity agencies responsible for protecting their nations' online infrastructure. Today, we're very happy to welcome Germany as the 35th country to use this service, courtesy of their CERTBund department. This access now provides them with complete access to the exposure of their government domains in data breaches.

With the unabated flood of data breaches, we're happy to provide this support to governments in the hope it better enables them to protect their national interests and we look forward to welcoming many more national CERTs in the future.

☐ β˜† βœ‡ The Hacker News

Rhysida Ransomware Cracked, Free Decryption Tool Released

By Newsroom β€” February 12th 2024 at 13:12
Cybersecurity researchers have uncovered an "implementation vulnerability" that has made it possible to reconstruct encryption keys and decrypt data locked by Rhysida ransomware. The findings were published last week by a group of researchers from Kookmin University and the Korea Internet and Security Agency (KISA). "Through a comprehensive analysis of Rhysida Ransomware, we identified an
☐ β˜† βœ‡ The Hacker News

Critical Boot Loader Vulnerability in Shim Impacts Nearly All Linux Distros

By Newsroom β€” February 7th 2024 at 13:33
The maintainers of shim have released version 15.8 to address six security flaws, including a critical bug that could pave the way for remote code execution under specific circumstances. Tracked as CVE-2023-40547 (CVSS score: 9.8), the vulnerability could be exploited to achieve a Secure Boot bypass. Bill Demirkapi of the Microsoft Security Response Center (MSRC) has been&
☐ β˜† βœ‡ The Hacker News

New Glibc Flaw Grants Attackers Root Access on Major Linux Distros

By Newsroom β€” January 31st 2024 at 05:44
Malicious local attackers can obtain full root access on Linux machines by taking advantage of a newly disclosed security flaw in the GNU C library (aka glibc). Tracked as CVE-2023-6246 (CVSS score: 7.8), the heap-based buffer overflow vulnerability is rooted in glibc's __vsyslog_internal() function, which is used by syslog() and vsyslog() for system logging purposes. It's said to have
☐ β˜† βœ‡ WIRED

Notorious Spyware Maker NSO Group Is Quietly Plotting a Comeback

By Vas Panagiotopoulos β€” January 24th 2024 at 12:00
NSO Group, creator of the infamous Pegasus spyware, is spending millions on lobbying in Washington while taking advantage of the crisis in Gaza to paint itself as essential for global security.
☐ β˜† βœ‡ The Hacker News

What is Nudge Security and How Does it Work?

By The Hacker News β€” January 24th 2024 at 11:24
In today’s highly distributed workplace, every employee has the ability to act as their own CIO, adopting new cloud and SaaS technologies whenever and wherever they need. While this has been a critical boon to productivity and innovation in the digital enterprise, it has upended traditional approaches to IT security and governance. Nudge Security is the world’s first and only solution to address
☐ β˜† βœ‡ The Hacker News

5 Ways to Reduce SaaS Security Risks

By The Hacker News β€” January 3rd 2024 at 10:46
As technology adoption has shifted to be employee-led, just in time, and from any location or device, IT and security teams have found themselves contending with an ever-sprawling SaaS attack surface, much of which is often unknown or unmanaged. This greatly increases the risk of identity-based threats, and according to a recent report from CrowdStrike, 80% of breaches today use compromised
❌