Aggregator

Tenable disabled two Nessus scanner agent versions after a faulty plugin update caused agents to go offline. Tenable Nessus is a widely-used vulnerability scanning tool designed to identify and assess security vulnerabilities in systems, networks, and applications. Tenable was forced to disable two Nessus scanner agent versions because a faulty plugin update caused agents to […]

爱思唯尔（Elsevier）旗下期刊《人类进化杂志》（Journal of Human Evolution，JHE）的编辑委员会近乎全员辞职。这是 2023 年以来第 20 起集体辞职。最新的事件与 AI 使用相关。出版方在未咨询或通知编辑的情况下，将 AI 投入到稿子的校对流程。然而 AI 加入后不仅没有减轻编辑的工作，反而使工作更加繁重。稿子在经过 AI 校对后，出现了一系列严重的错误，比如文章校样中所有专有名词都没有大写，属和种也没有用斜体突出显示。编辑们的辞职信中写道：“这些错误给该杂志带来了极大的麻烦。为了补救这些问题，我们足足花费了6个月时间。”尽管多次向出版商表达 A I校对的危害性，爱思唯尔的回应却是“编辑无需关注语言、语法、可读性、一致性或术语及格式的准确性”。

New variants of the Eagerbee malware framework are being deployed against government organizations and internet service providers (ISPs) in the Middle East. [...]

Уникальная сеть CENI меняет правила игры в области искусственного интеллекта.

In just two years, LLMs have become standard for developers — and non-developers — to generate code, but companies still need to improve security processes to reduce software vulnerabilities.

A vulnerability has been found in OpenVPN up to 2.6.10 and classified as problematic. This vulnerability affects unknown code of the component PUSH_REPLY Message Handler. The manipulation leads to improper validation of specified type of input. This vulnerability was named CVE-2024-5594. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

The Indian government has published a draft version of the Digital Personal Data Protection (DPDP) Rules for public consultation. "Data fiduciaries must provide clear and accessible information about how personal data is processed, enabling informed consent," India's Press Information Bureau (PIB) said in a statement released Sunday. "Citizens are empowered with rights to demand data erasure,

在 AT&T、Verizon、 Lumen Technologies 和 T-Mobile 之后，又有三家美国电信公司—— Charter Communications、Consolidated Communications 和 Windstream——据报道被中国黑客组织 Salt Typhoon 入侵。黑客还利用未及时打上补丁的 Fortinet 设备漏洞，入侵了思科的大型网络路由器。中国否认了入侵，指责美国散布虚假信息。对于最新的报道，思科和 Fortinet 拒绝置评。

Akamai volunteers in Costa Rica came together to remove trash from the beach and plant trees ? and they learned how their everyday choices affect the planet.

The post SAQ A-EP: Top 5 Actions Merchants Must Take to comply with PCI DSS 4 Requirements 6.4.3 and 11.6.1 by March 31, 2025 appeared first on Feroot Security.

The post SAQ A-EP: Top 5 Actions Merchants Must Take to comply with PCI DSS 4 Requirements 6.4.3 and 11.6.1 by March 31, 2025 appeared first on Security Boulevard.

As we begin 2025, artificial intelligence (AI) continues to be both a game-changer and a point of contention in the software industry.

The post 2025 predictions: Artificial intelligence (AI) appeared first on Security Boulevard.

The PhishWP plugin enables scammers to create fake payment pages, stealing sensitive data via Telegram

China is continuing to target U.S. entities in its efforts regarding Taiwan, including using state-sponsored Flax Typhoon to compromise Guam infrastructure. U.S. are pushing back, with the Treasury Department sanctioning a Chinse cybersecurity firm accused of aiding in some of the attacks.

The post China’s Salt Typhoon Attacks Guam entity; US Sanctions Chinese Company appeared first on Security Boulevard.

Microsoft Bing is displaying what is being categorized as a misleading Google-esque search page when users search for Google, making it look you are on the competing search engine. [...]

Join us for our first industry webinar of 2025: Beyond the Perimeter: Addressing Blind Spots in Identity Security for 2025.

Our founder Simon Moffatt will be in conversation with Silverfort CEO Hed Kovetz, where they'll be chatting about the rise and need for identity security - what it is, how it works and how to get there.

The post Addressing Blind Spots in Identity Security for 2025 appeared first on The Cyber Hut.

The post Addressing Blind Spots in Identity Security for 2025 appeared first on Security Boulevard.