Collaborate Disseminate
In a bold move, Apple has published a draft ballot for commentary to GitHub to shorten Transport Layer Security (TLS) certificates down from 398 days to just 45 days by 2027. The Apple proposal will likely go up for a vote among Certification Authority… Continue reading Apple’s 45-day certificate proposal: A call to action
Am I Isolated is an open-source container security benchmark that probes users’ runtime environments and tests for container isolation. The Rust-based container runtime scanner runs as a container, detecting gaps in users’ container runtime isola… Continue reading Am I Isolated: Open-source container security benchmark
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched critical security flaw impacting Palo Alto Networks Expedition to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation… Continue reading CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability
AI-enhanced malicious attacks are the top emerging risk for enterprises in the third quarter of 2024, according to Gartner. Key emerging risks for enterprises It’s the third consecutive quarter with these attacks being the top of emerging risk. IT vend… Continue reading Why AI-enhanced threats and legal uncertainty are top of mind for risk executives
Here’s a look at the most interesting products from the past week, featuring releases from Atakama, Authlete, Symbiotic Security, and Zywave. Atakama introduces DNS filtering designed for MSPs Atakama announced the latest expansion of its Managed Brows… Continue reading New infosec products of the week: November 8, 2024
An anonymous reader quotes a report from Variety: A “Mass Effect” TV series is officially in development at Amazon MGM Studios, Variety has learned exclusively. Daniel Casey is set to write and executive produce the adaptation. Karim Zreik will executi… Continue reading ‘Mass Effect’ TV Series Is In the Works At Amazon
Although generative AI and large language models have been pushed as direct replacements for certain kinds of workers, plenty of businesses actually doing this have found that using this new …read more Continue reading Using AI To Help With Assembly
‘Multiple’ malware samples likely targeting education orgs Criminals are using game-related applications to infect Windows systems with a malicious software framework called Winos4.0 that gives the attackers full control over compromised machines.… Continue reading Winos4.0 abuses gaming apps to infect, control Windows machines
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Continue reading ISC Stormcast For Friday, November 8th, 2024 https://isc.sans.edu/podcastdetail/9214, (Fri, Nov 8th)
Max will begin a gradual password-sharing crackdown with “soft messaging” over the next few months, with a potential price increase to follow. The Verge reports: During Warner Bros. Discovery’s Q3 earnings call on Thursday, chief financial officer Gunn… Continue reading Max Is Getting Ready For Its Own Password-Sharing Crackdown