Recently, several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in side channel attacks, leaking of sensitive data to log files, denial of service, or bypass of sandbox restrictions. The affected versions include 21.0.1, 17.0.9, 11.0.21,…
Tag: Security Boulevard
NSFGPT: A Large Model for Security Applications that Attracts Gartner’s Attention
NSFGPT is a large security model tailored for the security industry, based on the Security Large Language Model (SecLLM) as the core technology, and combining NSFOCUS’s 20 years of expertise in network security and 10 years of experience in AI…
Malicious Packages in npm, PyPI Highlight Supply Chain Threat
Software developers are being targeted with malicious packages in npm and PyPI as threat groups launch software supply-chain attacks. The post Malicious Packages in npm, PyPI Highlight Supply Chain Threat appeared first on Security Boulevard. This article has been indexed…
Randall Munroe’s XKCD ‘Light Leap Years’
<a class=” sqs-block-image-link ” href=”https://xkcd.com/2897/” rel=”noopener” target=”_blank”> <img alt=”” height=”389″ src=”https://images.squarespace-cdn.com/content/v1/5355d604e4b03c3e9896e131/3de48525-30a5-4477-9f43-85847b307da9/light_leap_years.png?format=1000w” width=”288″ /> </a><figcaption class=”image-caption-wrapper”> via the comic artistry and dry wit of Randall Munroe, creator of XKCD Permalink The post Randall Munroe’s XKCD ‘Light Leap Years’ appeared first on…
USENIX Security ’23 – Synchronization Storage Channels (S2C): Timer-less Cache Side-Channel Attacks on the Apple M1 via Hardware Synchronization Instructions
Authors/Presenters: Jiyong Yu, Aishani Dutta, Trent Jaeger, David Kohlbrenner, Christopher W. Fletcher Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at…
USENIX Security ’23 – Daniel Katzman, William Kosasih, Chitchanok Chuengsatiansup, Eyal Ronen, Yuval Yarom – The Gates of Time: Improving Cache Attacks with Transient Execution
Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott; and via the organizations YouTube channel. The post USENIX…
The xSPM Trend: Security Posture Management for Everything
The xSPM trend represents a holistic approach to managing and enhancing the security posture of diverse IT assets. The post The xSPM Trend: Security Posture Management for Everything appeared first on Security Boulevard. This article has been indexed from Security…
LockBit Ransomware Group Returns After Law Enforcement Operation
The LockBit ransomware group is swinging back days after U.S. and UK law enforcement agencies announced they had disrupted the operations of the prolific cybercrime gang, including seizing infrastructure and public-facing websites, grabbing decryption keys, and indicting two alleged members.…
Lost to the Highest Bidder: The Economics of Cybersecurity Staffing
When it comes to cybersecurity talent, supply and demand economics are amplified far beyond what is experienced in other fields. The post Lost to the Highest Bidder: The Economics of Cybersecurity Staffing appeared first on Security Boulevard. This article has…
Report: Cyberattacks Against Software Supply Chains Become More Targeted
Phylum found an increase in the discovery of malicious packages targeting the software supply chains of specific organizations. The post Report: Cyberattacks Against Software Supply Chains Become More Targeted appeared first on Security Boulevard. This article has been indexed from…