IoT

Using such information to contact organizations with internet-accessible programmable logic controllers resulted in a 34% reduction in PLC exposure in just a month, according to researchers, who noted testing the algorithm on Allen Bradley, Omron, and Wago PLCs.

In the news: Pacific Rim, Linux on Windows for attackers, one of the worst cases of a former employee's retaliation, Zery-Day FOMO, we predicted that, hacking for fun, working hard for no PoC, an LLM that discovers software vulnerabilities, absurd fines, long usernames and Okta, and paying a ransom with dough!

Attacks exploiting the authentication weakness within the 'lighthttpd' server, tracked as CVE-2024-8957, and the insufficient input sanitization bug, tracked as CVE-2024-8957, could enable camera hijacking and bot compromise, as well as further infiltration of devices within the same network.

Iranian cyber operation Emennet Pasargad was noted by the FBI, Department of Treasury, and the Israel National Cyber Directorate to have leveraged updated tradecraft, such as IP camera breaches and generative artificial intelligence, in recent attacks, including its compromise of the Summer Olympics.

Google's cookie encryption drama, Microsoft accusing Google of shady antitrust tactics, AI shenanigans, the rejected Defcon talk and hacking traffic lights, vulnerabilities in Realtek SD card readers, the never-ending debate on quantum computing vs. cryptography, backdoors are not secrets and where we are pushing attackers, firmware leakage, more o...

Such elevated prevalence of online devices in the U.S. has been attributed to the highly decentralized nature of its health system, a report from Censys revealed.

Get ready for a wild ride in this week's podcast episode, where we dive into the latest security shenanigans! Default Credentials Gone Wild: We’ll kick things off with a look at how default credential scanners are like that friend who shows up to the party but never brings snacks. They're everywhere, but good luck finding one that actually works!...

China, the U.S., Canada, and Germany were most targeted by attacks with the Mirai source code-based Gorilla botnet, which involved the exploitation of UDP flood, Valve Source Engine flood, ACK BYPASS flood, ACK flood, and SYN flood techniques, as well as an old Apache Hadoop YARN RPC vulnerability, an analysis from NSFOCUS revealed.