By the time Howard Rheingold’s “Virtual Reality” was published in 1991, the Sensorama was already a “slowly deteriorating” relic stashed away in a cabana next the pool at its inventor’s West Los Angeles home. Rheingold describes awe — even surprise — that the system was still operable almost 30 years after its introduction. “I was
Month: May 2023
Danni Brooke, former Met police officer and star of Channel 4’s Hunted, has been confirmed as the keynote speaker at this year’s Women in Cybersecurity event at Infosecurity Europe, the most influential information security event running from 20-22 June 2023 at ExCeL London. Dubbed the ‘Undercover Mother’, Danni is a leading intelligence figure, formerly working as a
by Paul Ducklin Researchers at web coding security company SALT just published a fascinating description of how they found an authentication bug dubbed CVE-2023-28131 in a popular online app-buildin toolkit known as Expo. The good news is that Expo responded really quickly to SALT’s bug report, coming up with a fix within just a few
May 31, 2023Ravie LakshmananFirmware Security / Vulnerability Cybersecurity researchers have found “backdoor-like behavior” within Gigabyte systems, which they say enables the UEFI firmware of the devices to drop a Windows executable and retrieve updates in an unsecure format. Firmware security firm Eclypsium said it first detected the anomaly in April 2023. Gigabyte has since acknowledged
During Computex today, Dutch semiconductor giant NXP announced its i.MX 91, the latest processor from its i.MX 9 series of applications processors for industrial, medical, consumer and IoT use cases. During his keynote, NXP Secure Connected Edge executive vice president and general manager Rafael Sotomayor gave some details about the new processor. Features include an
Welcome back to Found, where we get the stories behind the startups. This week Becca and Dom are joined by Stacy Blain, the co-founder and chief science officer at Concarlo Therapeutics. Blain talked about how she had been researching how to cure drug-resistant cancers before she accidently found her way into entrepreneurship after her academic
Microsoft Azure has certifications to validate your knowledge and help you along your cloud career path. One of these core certifications that all IT administrators and security administrators should pass is AZ-500: Microsoft Azure Security Technologies. Once you pass this exam, you become a Microsoft Certified: Azure Security Engineer Associate. This certification targets Azure Security
Ransomware gangs are using a variety of business-like practices to boost profits, making it more difficult for defenders to differentiate various groups, a new report by WithSecure has surmised. This move towards mirroring legitimate businesses practices means that tactics, techniques and procedures (TTPs) are blurring, Stephen Robinson, senior threat intelligence analyst at WithSecure said
May 30, 2023Ravie LakshmananZero Day / Vulnerability Multiple security flaws uncovered in Sonos One wireless speakers could be potentially exploited to achieve information disclosure and remote code execution, the Zero Day Initiative (ZDI) said in a report published last week. The vulnerabilities were demonstrated by three different teams from Qrious Secure, STAR Labs, and DEVCORE
A cybersecurity firm says a popular Android screen recording app that racked up tens of thousands of downloads on Google’s app store subsequently began spying on its users, including by stealing microphone recordings and other documents from the user’s phone. Research by ESET found that the Android app, “iRecorder — Screen Recorder,” introduced the malicious
India’s JioCinema broke the global record for the most concurrent views to a live streamed event on Monday, eclipsing a long-standing milestone set by Disney’s Hotstar, as the Asian tycoon Mukesh Ambani spares no expense in expanding his digital empire. The Indian streaming app, whose partner includes James Murdoch’s Bodhi Tree-backed Viacom18, surpassed the record
Unit 42, Palo Alto Networks threat research team, has found new malicious activity targeting IoT devices, using a variant of Mirai, a piece of malware that turns networked devices running Linux, typically small IoT devices, into remotely controlled bots that can be used in large-scale network attacks. Dubbed IZ1H9, this variant was first discovered in
May 29, 2023Ravie LakshmananCyber Threat / Malware A crypter (alternatively spelled cryptor) malware dubbed AceCryptor has been used to pack numerous strains of malware since 2016. Slovak cybersecurity firm ESET said it identified over 240,000 detections of the crypter in its telemetry in 2021 and 2022. This amounts to more than 10,000 hits per month.
Jensen Huang wants to bring generative AI to every data center, the Nvidia co-founder and CEO said during Computex in Taipei today. During the speech, Huang’s first public speech in almost four years he said, he made a slew of announcements, including chip release dates, its DGX GH200 super computer and partnerships with major companies.
Techstars’ Kerty Levy knows a thing or two about where seed funding is, and where it might be going, in the Northeast. During a presentation at TechCrunch’s Early Stage in Boston last month, Levy took a brief look at deal counts and valuations before exploring in more depth what the obstacles to funding are right
Smart contracts execute processes, transactions and other tasks when specific events, conditions and logic are met, depending on how they are programmed. Smart contracts are deployed on a blockchain, such as Ethereum or other distributed ledger infrastructure, where they listen for events and updates from cryptographically secure data feeds called oracles. These contracts often control
Perception Point has observed a 356% growth in the number of advanced phishing attacks attempted by threat actors in 2022. According to the company’s 2023 Annual Report: Cybersecurity Trends & Insights report, the total number of attacks increased by 87%. Among the reasons behind this growth is the fact that malicious actors continue to gain widespread
May 27, 2023Ravie LakshmananAPI Security / Vulnerability A critical security vulnerability has been disclosed in the Open Authorization (OAuth) implementation of the application development framework Expo.io. The shortcoming, assigned the CVE identifier CVE-2023-28131, has a severity rating of 9.6 on the CVSS scoring system. API security firm Salt Labs said the issue rendered services using
ESET research uncovers an Android app that initially had no harmful features but months later turned into a spying tool This week, ESET malware researcher Lukas Stefanko revealed how an initially legitimate Android app morphed into a malicious trojan that could steal users’ files and record surrounding audio from the device’s microphone and then exfiltrate
Welcome, folks, to Week in Review (WiR), TechCrunch’s regular column that rounds up the week in tech news. Dunno about y’all, but it’s felt like a long one — and I’m thankful for the extended weekend. For those observing Memorial Day, do enjoy. Those not, take the time off where you’re able. We all need
Welcome to the TechCrunch Exchange, a weekly startups-and-markets newsletter. It’s inspired by the daily TechCrunch+ column where it gets its name. Want it in your inbox every Saturday? Sign up here. From cybersecurity to SaaS for restaurants, the key to running a successful business is selling a product that solves your clients’ real problems. —
A Chinese nation-state threat group is conducting intrusion and espionage campaigns against U.S. critical infrastructure entities, according to a new report by Microsoft. In a blog post Wednesday, Microsoft Threat Intelligence detailed the ongoing campaign that involves a group of Chinese state-sponsored hackers it tracks as “Volt Typhoon” that’s been active since 2021. Because the
New Russian-linked malware designed to take down electricity networks has been identified by Mandiant threat researchers, who have urged energy firms to take action to mitigate this “immediate threat.” The specialized operational technology (OT) malware, dubbed COSMICENERGY, has similarities to malware used in previous attacks targeting electricity grids, including the ‘Industroyer’ incident that took down
A new stealthy information stealer malware called Bandit Stealer has caught the attention of cybersecurity researchers for its ability to target numerous web browsers and cryptocurrency wallets. “It has the potential to expand to other platforms as Bandit Stealer was developed using the Go programming language, possibly allowing cross-platform compatibility,” Trend Micro said in a
This week, Worldcoin, an outfit that aims to serve as proof of personhood in a world where it’s harder by the day to distinguish a human from a bot, raised $115 million in Series C funding. Led by the 10-year-old venture firm Blockchain Capital, whose bets have included Coinbase, Kraken and OpenSea, the investment brings
After sales software startup TigerEye closed its Series A and established a board of directors, its co-founders put them on notice: One thing we’d like to never do is the three-hour, too-in-the-weeds, non-strategic board meeting. “Every board deck I’ve made and seen is more than 80 pages long,” says Tracy Young, co-founder and CEO of
ESET researchers reveal details about a prevalent cryptor, operating as a cryptor-as-a-service used by tens of malware families In this blogpost we examine the operation of AceCryptor, originally documented by Avast. This cryptor has been around since 2016 and because – throughout its existence – it has been used to pack tens of malware families,
A smart contract is a type of blockchain application that performs transactions and other processes according to a set of rules defined within the program’s code. The contract executes automatically if its terms are met; it doesn’t depend on a person, institution or other third-party intermediary. Many people associate smart contracts with cryptocurrency platforms, where
Romanian cybersecurity firm Safetech launched its official presence in the UK on May 23, 2023, underscoring the recent growth of the UK’s cybersecurity sector. Plans to build a security operations center (SOC) at the Plexal Innovation Hub based in London were announced during the company’s launch event. Anca Stancu, co-founder and managing partner of Safetech
by Paul Ducklin A PYTHON PERSPECTIVE VORTEX No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found. Or just drop the URL of our
- 1
- 2
- 3
- …
- 6
- Next Page »