Author: James Ortega

Patchless Apple M-Chip Vulnerability Allows Cryptography Bypass

The available options for addressing the flaw are limited, leaving many Macs vulnerable to a “GoFetch” attack that steals keys — even quantum-resistant ones.

Source: Patchless Apple M-Chip Vulnerability Allows Cryptography Bypass


FBI Director Wray talks takedown operations, nation-state hackers, and growing threats in cyberspace

One early Sunday morning in Munich a couple of weeks ago, the Click Here podcast had a rare one-on-one interview with FBI Director Christopher Wray to talk about the growing threat in cyberspace and, more specifically, recent takedown operations against nation-state hackers from both Russia and China. Wray was in Germany for two high-profile gatherings — the Munich Cyber Security Conference and t

Source: FBI Director Wray talks takedown operations, nation-state hackers, and growing threats in cyberspace


After decades of memory-related software bugs, White House calls on industry to act

The Biden administration is continuing to pressure the tech industry to make products that are secure from the outset, issuing a call on Monday for greater use of memory-safe programming languages. The effort by the Office of the National Cyber Director (ONCD) is aimed at cutting down on a class of bugs that has caused problems since the 1980s: coding errors that allow attackers to abuse how soft

Source: After decades of memory-related software bugs, White House calls on industry to act


NIST Cybersecurity Framework 2.0 Officially Released

NIST releases Cybersecurity Framework 2.0, the first major update since the creation of the CSF a decade ago. The post appeared first on SecurityWeek .

Source: NIST Cybersecurity Framework 2.0 Officially Released


We’re at a Pivotal Moment for AI and Cybersecurity

But generative AI’s ability to strengthen security and fortify defenses can keep bad actors in check.

Source: We’re at a Pivotal Moment for AI and Cybersecurity


Phone Spy Tool Pitched for ‘Riot Detection’ in NYC

404 Media recently exposed Patternz, a global phone spy tool that tracks movements and interests through advertising data. Other internal documents now show the technology was marketed as a way to detect riots.

Source: Phone Spy Tool Pitched for ‘Riot Detection’ in NYC


Each Facebook User Is Monitored by Thousands of Companies – Consumer Reports

A Consumer Reports investigation found that Facebook collected data on each user from an average of 2,230 companies.

Source: Each Facebook User Is Monitored by Thousands of Companies – Consumer Reports


NSA Admits Secretly Buying Your Internet Browsing Data without Warrants

The U.S. National Security Agency (NSA) has admitted to buying internet browsing records from data brokers to identify the websites and apps Americans use that would otherwise require a court order, U.S. Senator Ron Wyden said last week. “The U.S. government should not be funding and legitimizing a shady industry whose flagrant violations of Americans’ privacy are not just unethical, but illegal

Source: NSA Admits Secretly Buying Your Internet Browsing Data without Warrants



Pwn2Own Automotive: $1.3M for 49 zero-days, Tesla hacked twice

The first edition of Pwn2Own Automotive has ended with competitors earning $1,323,750 for hacking Tesla twice and demoing 49 zero-day bugs in multiple electric car systems between January 24 and January 26. […]

Source: Pwn2Own Automotive: $1.3M for 49 zero-days, Tesla hacked twice