Information

18 Feb

Patch or perish: How organizations can master vulnerability management

Information

Business Security Don’t wait for a costly breach to provide a painful reminder of the importance of timely software patching Phil Muncaster 05 Feb 2025  •  , 5 min. read Vulnerability exploitation has long been a popular tactic for threat actors. But it’s becoming increasingly so – a fact that should alarm every network defender. Observed cases of vulnerability exploitation resulting in data breaches surged three-fold annually in 2023, according to one estimate. And attacks…

Read More
18 Feb

Katharine Hayhoe: The most important climate equation | Starmus highlights

Information

WeLiveScience The atmospheric scientist makes a compelling case for a head-to-heart-to-hands connection as a catalyst for climate action 17 Feb 2025 Most people acknowledge that climate change is real and human-driven, yet many still struggle to see how it directly affects their lives. To bridge this gap, Dr. Katharine Hayhoe introduces a simple but powerful equation: Science + Worry + Action = Hope As one of the world’s most effective climate communicators, Dr. Hayhoe maintains…

Read More
18 Feb

How Phished Data Turns into Apple & Google Wallets

Information, Insights

Carding — the underground business of stealing, selling and swiping stolen payment card data — has long been the dominion of Russia-based hackers. Happily, the broad deployment of more secure chip-based payment cards in the United States has weakened the carding market. But a flurry of innovation from cybercrime groups in China is breathing new life into the carding industry, by turning phished card data into mobile wallets that can be used online and at…

Read More
17 Feb

What is penetration testing? | Unlocked 403 cybersecurity podcast (ep. 10)

Information

Ever wondered what it’s like to hack for a living – legally? Learn about the art and thrill of ethical hacking and how white-hat hackers help organizations tighten up their security. 12 Feb 2025 What if breaking into computer systems, tricking people into handing over passwords, and even sneaking into buildings was part of your normal daily routine? That is the reality for penetration testers – or, more broadly, ethical hackers – who get paid…

Read More
17 Feb

Neil Lawrence: What makes us unique in the age of AI | Starmus highlights

Information

WeLiveScience As AI advances at a rapid clip, reshaping industries, automating tasks, and redefining what machines can achieve, one question looms large: what remains uniquely human? 10 Feb 2025 In his talk, Neil Lawrence, the Deep Mind Professor of Machine Learning at the University of Cambridge, tackles the aforementioned fundamental question head-on. With a career dedicated to understanding the intersection of technology and human potential, Mr. Lawrence explores how intelligent systems can complement, rather than…

Read More
17 Feb

Gaming or gambling? Lifting the lid on in-game loot boxes

Information

Kids Online The virtual treasure chests and other casino-like rewards inside your children’s games may pose risks you shouldn’t play down 13 Feb 2025  •  , 5 min. read Historically, many video games followed a straightforward economic model: pay once, play forever. These days, however, purchasing a game is often just the beginning. At the same time, modern gaming has increasingly embraced free-to-play ecosystems, where players get access to the base game at no cost,…

Read More
13 Feb

Nearly a Year Later, Mozilla is Still Promoting OneRep

Information, Insights

In mid-March 2024, KrebsOnSecurity revealed that the founder of the personal data removal service Onerep also founded dozens of people-search companies. Shortly after that investigation was published, Mozilla said it would stop bundling Onerep with the Firefox browser and wind down its partnership with the company. But nearly a year later, Mozilla is still promoting it to Firefox users. Mozilla offers Onerep to Firefox users on a subscription basis as part of Mozilla Monitor Plus. Launched…

Read More
11 Feb

Microsoft Patch Tuesday, February 2025 Edition

Information, Insights

Microsoft today issued security updates to fix at least 56 vulnerabilities in its Windows operating systems and supported software, including two zero-day flaws that are being actively exploited. All supported Windows operating systems will receive an update this month for a buffer overflow vulnerability that carries the catchy name CVE-2025-21418. This patch should be a priority for enterprises, as Microsoft says it is being exploited, has low attack complexity, and no requirements for user interaction.…

Read More
07 Feb

Teen on Musk’s DOGE Team Graduated from ‘The Com’

Information, Insights

Wired reported this week that a 19-year-old working for Elon Musk‘s so-called Department of Government Efficiency (DOGE) was given access to sensitive US government systems even though his past association with cybercrime communities should have precluded him from gaining the necessary security clearances to do so. As today’s story explores, the DOGE teen is a former denizen of ‘The Com,’ an archipelago of Discord and Telegram chat channels that function as a kind of distributed…

Read More
06 Feb

Experts Flag Security, Privacy Risks in DeepSeek AI App

Information, Insights

New mobile apps from the Chinese artificial intelligence (AI) company DeepSeek have remained among the top three “free” downloads for Apple and Google devices since their debut on Jan. 25, 2025. But experts caution that many of DeepSeek’s design choices — such as using hard-coded encryption keys, and sending unencrypted user and device data to Chinese companies — introduce a number of glaring security and privacy risks. Public interest in the DeepSeek AI chat apps…

Read More