Blog

White House to share ransomware data with allies

Creates policy on how governments should respond to attacks.
http://news.poseidon-us.com/Sy8z1F

Google expands bug bounty program to cover AI-related threats

Google has expanded its bug bounty program, aka Vulnerability Rewards Program (VRP), to cover threats that could arise from Google’s generative AI systems. Google’s AI bug bounty program Following the voluntary commitment to the Biden-⁠Harris Administration to develop responsible AI and manage its risks, Google has added AI-related risks to its bug bounty program, which gives recognition and compensation to ethical hackers who successfully find and disclose vulnerabilities in Google’s systems. The company identified common … More → The post Google expands bug bounty program to cover AI-related threats appeared first on Help Net Security.
http://news.poseidon-us.com/Sy7b5p

SA patient health info deleted in third-party app breach

Folder also contained contact details for 12,624 patients.
http://news.poseidon-us.com/Sy6YsB

Transport for NSW experiences network-wide comms outage

Resulted in service delays.
http://news.poseidon-us.com/Sy6Xxz

Westpac ramps up generative AI ambitions

Podcast: Targets 1000 engineering users by year’s end.
http://news.poseidon-us.com/Sy6WqG

Spam or Phishing? Looking for Credentials & Passwords, (Sun, Oct 29th)

We are now at the end of the Cybersecurity Awareness month, it is important to remain digitally safe all year round [1][2][3].
http://news.poseidon-us.com/Sy6Sw5

Week in review: VMware patches critical vulnerability, 1Password affected by Okta breach

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: GOAD: Vulnerable Active Directory environment for practicing attack techniques Game of Active Directory (GOAD) is a free pentesting lab. It provides a vulnerable Active Directory environment for pen testers to practice common attack methods. “Disappearing” implants, followed by first fixes for exploited Cisco IOS XE zero-day Cisco has released the first fixes for the IOS XE zero-day (CVE-2023-20198) exploited by … More → The post Week in review: VMware patches critical vulnerability, 1Password affected by Okta breach appeared first on Help Net Security.
http://news.poseidon-us.com/Sy5jxR

Novel device promotes efficient, real-time and secure wireless access

Researchers have created new technology for more accessible, real-time wireless connectivity.
http://news.poseidon-us.com/Sy4Cm7

Certain online games use dark designs to collect player data

The privacy policies and practices of online games contain dark design patterns which could be deceptive, misleading, or coercive to users, according to a new study.
http://news.poseidon-us.com/Sy4Cl6

Size Matters for Many Security Controls, (Sat, Oct 28th)

This week, I'm teaching FOR610 in Manchester, and while my students are busy resolving some challenges, I'm looking at my hunting results from the previous days. I found an interesting sample. The file was delivered via an email with a URL pointing to a well-known file-sharing service: hxxps://www[.]Mediafire[.]com/file/o3m15ydxnhlm9w0/New+Purchase+Order+pdf.tgz/file. The file is not available anymore, but I was able to find it back on VirusTotal: “New Purchase Order pdf.tgz” (SHA256:7f351b32e6209496ef59c511dffaf9312508b53e476b1e77171af3d433b94087[1]) with a low score of 3/54.
http://news.poseidon-us.com/Sy4C4z