2024-12-13
Eclypsium
BTS #43 - CVE Turns 25
SentinelOne
AWS re:Invent 2024 Highlights | Empowering Customers Through Innovations & Security in Cloud
Offensive Security
Red Team vs Blue Team in Cybersecurity
Offensive Security
Building a Future-Ready Cybersecurity Workforce: The OffSec Approach to Talent Development
Schneier on Security
Friday Squid Blogging: Biology and Ecology of the Colossal Squid
Schneier on Security
Ultralytics Supply-Chain Attack
Bishop Fox Security
Current State of SonicWall Exposure: Firmware Decryption Unlocks New Insights
Amazon Security
Generative AI adoption and compliance: Simplifying the path forward with AWS Audit Manager
Dark Reading
Generative AI Security Tools Go Open Source
HackerOne
Azure Cloud Configuration Review
Ars Technica Security
Yearlong supply-chain attack targeting security pros steals 390K credentials
2024-12-12
Hunt and Hackett
Data Retention Challenges Under NIS2: How Hunt & Hackett’s MDR service enables root cause analysis without additional costs
Malwarebytes
Update now! Apple releases new security patches for vulnerabilities in iPhones, Macs, and more
Bishop Fox Security
Our Favorite Pen Testing Tools: 2024 Edition
Amazon Security
Introducing the AWS Network Firewall CloudWatch Dashboard
Dark Reading
Europol Cracks Down on Holiday DDoS Attacks
Talos Intelligence
The evolution and abuse of proxy networks
Ars Technica Security
Critical WordPress plugin vulnerability under active exploit threatens thousands
Palo Alto Networks
Security Operations in 2025 and Beyond
Palo Alto Networks
8 Trends Reshaping Network Security in 2025
Meta Security
How to build a mixed reality headset
Zero Day Initiative
SolarWinds Access Rights Manager: One Vulnerability to LPE Them All
2024-12-11
Github Security Blog
CodeQL zero to hero part 4: Gradio framework case study
Trail of Bits
Auditing the Ruby ecosystem’s central package repository
Schneier on Security
Jailbreaking LLM-Controlled Robots
Google Safety & Security
New features in Android to help you stay safe from unwanted Bluetooth tracking
Krebs on Security
How Cryptocurrency Turns to Cash in Russian Banks
Krebs on Security
Patch Tuesday, December 2024 Edition
Amazon Security
Securing the future: building a culture of security
Dark Reading
Researchers Crack Microsoft Azure MFA in an Hour
Dark Reading
Cybersecurity Lessons From 3 Public Breaches
Dark Reading
Tips for Preventing Breaches in 2025
The Citizen Lab
Legal barriers to justice: John Scott-Railton on the legal challenges faced by spyware victims
Ars Technica Security
Russia takes unusual route to hack Starlink-connected devices in Ukraine
Palo Alto Networks
Cortex XDR Delivers Unmatched 100% Detection in MITRE Evals 2024
2024-12-10
Eclypsium
Living Off the Land - Secure Boot Style
SpiderLabs
When User Input Lines Are Blurred: Indirect Prompt Injection Attack Vulnerabilities in AI LLMs
Cloudflare
Robotcop: enforcing your robots.txt policies and stopping bots before they reach your website
Schneier on Security
Full-Face Masks to Frustrate Identification
Amazon Security
Introducing an enhanced version of the AWS Secrets Manager transform: AWS::SecretsManager-2024-09-16
Amazon Security
AWS-LC FIPS 3.0: First cryptographic library to include ML-KEM in FIPS 140-3 validation
Dark Reading
Snowflake Rolls Out Mandatory MFA Plan
Dark Reading
FCC Proposes New Cybersecurity Rules for Telecoms
Dark Reading
Scottish Parliament TV at Risk From Deepfakes
The Citizen Lab
The Citizen Lab’s submission to the Senate Standing Committee on National Security, Defence and Veterans Affairs
Google Security Blog
Google Cloud expands vulnerability detection for Artifact Registry using OSV
Ars Technica Security
AMD’s trusted execution environment blown wide open by new BadRAM attack
Palo Alto Networks
Axios and Unit 42’s Sam Rubin Discuss Disruptive Cyberattacks
Meta Security
Inside Facebook’s video delivery system
Zero Day Initiative
The December 2024 Security Update Review
2024-12-09
Malwarebytes
A week in security (December 2 – December 8)
Cloudflare
Cloudflare 2024 Year in Review
Datadog HQ
Highlights from AWS re:Invent 2024
Schneier on Security
Trust Issues in AI
Bishop Fox Security
Bishop Fox ASM Delivers 24-Hour Head Start Against Critical PAN-OS Vulnerability
Dark Reading
Millionaire Airbnb Phishing Ring Busted Up by Police
Dark Reading
Google Launches Open Source Patch Validation Tool
HackerOne
New Guidance for Federal AI Procurement Embraces Red Teaming and Other HackerOne Suggestions
Talos Intelligence
MC LR Router and GoCast unpatched vulnerabilities
Snyk
Snyk-generated SBOMs now include license details for the open source libraries in your projects