Pulse of Truth

A new study suggests that certain brain activity patterns may be linked to feeling less groggy in the morning.

The cybersecurity landscape has witnessed an unprecedented surge in malicious scanning activity, with DShield honeypots recording over one million log entries in a single day for the first time in their operational history. This dramatic escalation represents a significant shift from typical honeypot activity patterns, where such high-volume events were previously considered exceptional rather than […] The post DShield Honeypot Scanning Reaches Record-High – 1,000,000+ Logs in a Day appeared first on Cyber Security News.

Delta Air Lines is leaning into dynamic ticket pricing that uses artificial intelligence to individually determine the highest fee you’d willingly pay for flights, according to comments Fortune spotted in the company’s latest earnings call. Following a limited test of the technology last year, Delta is planning to shift away from static ticket prices entirely […]

The Chinese have a new tool called Massistant.

Massistant is the presumed successor to Chinese forensics tool, “MFSocket”, reported in 2019 and attributed to publicly traded cybersecurity company, Meiya Pico. The forensics tool works in tandem with a corresponding desktop software. Massistant gains access to device GPS location data, SMS messages, images, audio, contacts and phone services. Meiya Pico maintains partnerships with domestic and international law enforcement partners, both as a surveillance hardware and software provider, as well as through training programs for law enforcement personnel...

The future of cybersecurity awareness might just be… gluten-based.

Silk Road criminal tipped police off to dirty cop who stole 50 seized bitcoins.

The expanded partnership aims to help shore up identity security as attackers increasingly target user credentials

Comments

In April, the cybersecurity community held its breath as the Common Vulnerabilities and Exposures (CVE) program was plunged into a moment of existential crisis. In the end, an eleventh-hour reprieve saved the day. While CVEs do not encompass the full scope of network security issues, they are still a critical component to track as part of a security program. Over the last 25 years, the CVE program has evolved into a critical, shared, and global … More → The post Why we must go beyond tooling and CVEs to illuminate security blind spots appeared first on Help Net Security.

In case you can’t wait for your flash memory to die from write cycling, TeamGroup now has a drive that, via software or hardware, can destroy its own flash chips …read more

404 Media has seen user manuals for Mobile Fortify, ICE’s new facial recognition app which allows officers to instantly look up DHS, State Department, and state law enforcement databases by just pointing a phone at someone’s face.

Buy Now, Pay Later (BNPL) apps are everywhere these days. Whether you’re buying sneakers or groceries, chances are you’ve seen the option to split your payments over time. It’s quick and easy. But behind the convenience is a growing privacy concern that most users know little about. A new study from Incogni digs into just how much personal information BNPL apps collect and share. The research looked at eight of the most popular BNPL apps … More → The post Buy Now, Pay Later… with your data appeared first on Help Net Security.

Computer scientist Peter Gutmann tells The Reg why it's 'bollocks' The US National Institute for Standards and Technology (NIST) has been pushing for the development of post-quantum cryptographic algorithms since 2016.…

Security researchers have warned the 'FileFix' technique, which builds on the notorious 'ClickFix' tactic, is being used in the wild by threat actors.

Newly published research shows that the domain name system—a fundamental part of the web—can be exploited to hide malicious code and prompt injection attacks against chatbots.

Three perfect 10s in the last month - ISE, ISE, baby Cisco has issued a patch for a critical 10 out of 10 severity bug in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could allow an unauthenticated, remote attacker to run arbitrary code on the operating system with root-level privileges. …

The announcement marks the second major Salt Typhoon incident in the space of two years

Between March and December of last year, infamous Chinese state-sponsored APT Salt Typhoon gained access to sensitive US National Guard data.

In this Help Net Security interview, Galal Ibrahim Maghola, former Head of Cybersecurity at G42 Company, discusses strategic approaches to implementing DevSecOps at scale. Drawing on experience in regulated industries such as finance, telecom, and critical infrastructure, he offers tips on ownership models, automation, and compliance. His approach focuses on collaborative practices that balance speed, security, and developer productivity. How do you recommend companies structure ownership of DevSecOps? Should security teams drive it, or is … More → The post Making security and development co-owners of DevSecOps appeared first on Help Net Security.

As the European Commission prepares an upcoming proposal for a Digital Networks Act (DNA), a growing network of groups are raising serious concerns about the resurgence of “fair share” proposals from major telecom operators. The original idea was to introduce network usage fees on certain companies to pay ISPs. We have said it before and we’ll say it again: there is nothing fair about this “fair share” proposal, which could undermine net neutrality and hurt consumers by changing how content is delivered online. Now the EU Commission is toying with an alternative idea: the introduction of a dispute resolution mechanism to foster commercial agreements between tech firms and telecom operators. EFF recently joined a broad group of more than 80 signatories, from civil society organizations to audio-visual companies in a joint statement aimed at preserving net neutrality in the DNA. In the letter, we argue that the push to introduce a mandatory dispute resolution mechanism into EU law would pave the way for content and application providers (CAPs) to pay network fees for delivering traffic. These ideas, recycled from 2022, are being marketed as necessary for funding infrastructure, but the real cost would fall on the open internet, competition, and users themselves. This isn't just about arcane telecom policy—it’s a battle over the future of the internet in Europe. If the DNA includes mechanisms that force payments from CAPs, we risk higher subscription costs,[...]

Steam, which has hosted sex games for years, says developers must now comply with the standards of payment processors and financial institutions.

Nearly a quarter of cybersecurity bosses said their companies have experienced an attack powered by artificial intelligence in the past year, according to a new survey in which AI risk emerged as the defining challenge.

Gets five-and-a-half years.

Summer Maxwell / SFGATE: Location sharing apps like Find My, Snap Map, and Life360 remain popular among Gen Z users, despite concerns about their impact on real-world relationships  —  Teens and 20-somethings are embracing location sharing to see where their friends are instantly.  Is that a bad thing?

Comments