Mozilla says Claude Opus 4.6 found 100+ bugs in Firefox in two weeks in January, 14 of them high-severity, more than the bugs typically reported in two months
Mozilla says Claude Opus 4.6 found 100+ bugs in Firefox in two weeks in January, 14 of them high-severity, more than the bugs typically reported in two months
New AI-powered tools are increasingly adept at spotting flaws. Hacking experts worry they will be good at exploiting them, too.
Researchers detail a side channel attack, which requires ~$11K worth of equipment and can be used to clone all YubiKeys running firmware prior to version 5.7
Sophisticated attack breaks security assurances of the most popular FIDO key. — The YubiKey 5, the most widely used hardware token …
A memo from Microsoft Chief People Officer Kathleen Hogan: “everyone at Microsoft” now has “security” as a “Core Priority”, used in performance reviews
“The Security Core Priority is not a check-the-box compliance exercise; it is a way for every employee and manager to commit to … X: Justin Elze / @hackinglz : I have heard securit...
Insurer Parametrix estimates that the global outage sparked by CrowdStrike's faulty update will cost US Fortune 500 companies, excluding Microsoft, $5.4B
Banking and healthcare firms, major airlines expected to suffer most losses, according to insurer Parametrix
TeamViewer warns that its corporate environment was breached on June 26 and attributes the cyberattack to the Russian hacking group APT29, aka Midnight Blizzard
but customer and company data is safe Alex Ivanovs / Stack Diary : TeamViewer confirms Russian spies hacked its corporate network The Hacker News : TeamViewer Detects Security Brea...
Microsoft outlines security principles and goals tied to executive compensation packages, following a scathing US Cyber Safety Review Board report in April 2024
expanding Microsoft's Secure Future Initiative Tom Krazit / Runtime : Microsoft wants to be judged on security Nick Heer / Pixel Envy : Microsoft Says It Is Prioritizing Security A...
Microsoft outlines security principles and goals tied to executive compensation packages, following a scathing US Cyber Safety Review Board report in April 2024
expanding Microsoft's Secure Future Initiative Tom Warren / The Verge : Read Satya Nadella's Microsoft memo on putting security first Tom Krazit / Runtime : Microsoft wants to be j...
How an empty, private AWS S3 bucket had ~100M PUT requests in a day, racking up a $1,300+ bill, due to a popular open-source tool using the same bucket name
Imagine you create an empty, private AWS S3 bucket in a region of your preference. What will your AWS bill be the next morning?
Researchers found an exposed Azure server with Microsoft staff credentials used to access internal systems; Microsoft was told February 6 and fixed on March 5
https://techcrunch.com/... #cybersecurity #microsoft Zack Whittaker / @zackwhittaker@mastodon.social : New, by me: Security researchers found an Azure storage server exposed to th...
Microsoft and OpenAI say hackers, including Russian, North Korean, Iranian, and Chinese-backed groups, are already using LLMs to refine and improve cyberattacks
Microsoft and OpenAI are revealing today that hackers are already using large language models like ChatGPT to refine and improve their existing cyberattacks.
Microsoft announces the Secure Future Initiative, which includes responding faster to vulnerabilities and using AI and automation to improve software security
Named the Secure Future Initiative, the commitment comes after hackers have been constantly exploiting many of its products for attacks on government and private sector entities. …...
Microsoft announces the Secure Future Initiative, which includes responding faster to vulnerabilities and using AI and automation to improve software security
Named the Secure Future Initiative, the commitment comes after hackers have been constantly exploiting many of its products for attacks on government and private sector entities. …...
Cisco plans to acquire cybersecurity company Splunk in cash for $157 per share, a 31% premium on Splunk's September 20 closing price, in a deal valued at ~$28B
https://www.reuters.com/... Chris Merkel / @chrismerkel@infosec.exchange : Scoop: Anonymous has hacked the neuralinks of the leadership teams at Splunk and Cisco. While I can't id...
MGM was likely hacked by Scattered Spider, an English-speaking group that previously used help desk calls to get passwords and planned to hack the slot machines
Person claiming to represent cybercriminals explains techniques used to evade detection by casino resort company
Filing: Caesars confirms the casino operator was hacked via a social engineering attack on an outsourced IT support vendor; sources: Caesars paid a ~$15M ransom
CURRENT REPORT Pursuant to Section 13 or 15(d) of the Securities Exchange Act … Thomas Barrabi / New York Post : Caesars Entertainment paid about $15M to hackers who stole customer...
Microsoft says Chinese hackers who in June breached US government email accounts stole an MSA key from a crash dump after hacking a Microsoft engineer's account
Microsoft says Storm-0558 Chinese hackers stole a signing key used to breach government email accounts from a Windows crash dump …
Amit Yoran, the CEO of cyber risk management company Tenable, says Microsoft partially fixed a critical Azure bug that would let hackers access sensitive data
Cybersecurity veteran Amit Yoran says Microsoft has a culture of toxic obfuscation when it comes to addressing security threats.
Wiz researchers: the compromised MSA signing key could have given Chinese hackers access beyond Outlook.com and Exchange Online; Microsoft disputes the report
Microsoft is disputing a new report that claims hackers may have had access to more parts of victims' systems than previously known … Source: Wiz Blog .
A report says the Microsoft key that Chinese hackers stole could have given them more access than originally assumed; Microsoft disputes the report
Microsoft is disputing a new report that claims hackers may have had access to more parts of victims' systems than previously known in a campaign … Source: Wiz Blog .