Tesla Returns as Pwn2Own Hacker Takeover Target
Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to complete vehicle compromise.
read more
Cloud Security
Microsoft Patch Tuesday Fixes 11 Critical Vulnerabilities, One Zero-Day
Microsoft’s first Patch Tuesday of 2023 addresses 98 vulnerabilities, more than twice as many as last month – including one zero-day flaw that’s being actively exploited, as well as 11 critical flaws. The zero-day, CVE-2023-21674, is a Windows Advanced Local Procedure Call (ALPC) elevation of privilege vulnerability with a CVSS score of 8.8. The flaw, […]
The post Microsoft Patch Tuesday Fixes 11 Critical Vulnerabilities, One Zero-Day appeared first on eSecurityPlanet.
Investors Bet Big on Subscription-Based Security Skills Training
Hack The Box, a British startup working on technology to simplify cybersecurity skills training, has banked a $55 million funding round as venture capital investors place big bets on the subscription-based talent assessment space.
read more
Attackers abuse business-critical cloud apps to deliver malware
Over 400 distinct cloud applications delivered malware in 2022, nearly triple the amount seen in the prior year, and 30% of all cloud malware downloads in 2022 originated from Microsoft OneDrive, according to Netskope. Cloud applications are widely use…
Microsoft Patch Tuesday: 97 Windows Vulns, 1 Exploited Zero-Day
Microsoft’s security patching machine hummed into overdrive Tuesday with the release of fixes for at least 97 documented software vulnerabilities, including a zero-day that’s already been exploited to escape the browser sandbox.
read more
Researchers’ Quantum Threat Debunked, RSA Safe for Now
In a paper published late last month, 24 Chinese researchers suggested that RSA-2048 encryption could be broken using a quantum computer with 372 physical quantum bits. Cryptographer Bruce Schneier drew attention to the paper [PDF] last week in a blog post, noting that IBM recently announced a 433-qubit quantum computer, far exceeding the researchers’ stated […]
The post Researchers’ Quantum Threat Debunked, RSA Safe for Now appeared first on eSecurityPlanet.
Intel Adds TDX to Confidential Computing Portfolio With Launch of 4th Gen Xeon Processors
Intel announced on Tuesday that it has added Intel Trust Domain Extensions (TDX) to its confidential computing portfolio with the launch of its new 4th Gen Xeon enterprise processors.
read more
Adobe Plugs Security Holes in Acrobat, Reader Software
Software maker Adobe has rolled out its first batch of security patches for 2023 with fixes for at least 29 security vulnerabilities in a range of enterprise-facing products.
The most prominent update, for the widely deployed Adobe Acrobat and Reader s…
Zoom Patches High Risk Flaws on Windows, MacOS Platforms
Video messaging giant Zoom has released patches for multiple security vulnerabilities that expose both Windows and macOS users to malicious hacker attacks.
The vulnerabilities, in the enterprise-facing Zoom Rooms product, could be exploited in privileg…
How to gain security consciousness through cost
In this Help Net Security video, Karthik Kannan, CEO at Anvilogic, talks about predictions for the cybersecurity world in 2023 and how to gain security consciousness through cost.
The post How to gain security consciousness through cost appeared first …