Fri.Dec 24, 2021

article thumbnail

Experts warn of a new stealthy loader tracked as BLISTER

Security Affairs

Security researchers spotted a campaign that is employing a new stealthy malware tracked as BLISTER that targets windows systems. Elastic Security researchers uncovered a malware campaign that leverages a new malware and a stealthy loader tracked as BLISTER, that uses a valid code signing certificate issued by Sectigo to evade detection. BLISTER loads second-stage payloads that are executed directly in the memory of the Windows system and maintain persistence.

Libraries 100
article thumbnail

Weekly Update 275

Troy Hunt

I'd say this is probably the most epic scene I've ever done one of these videos from and equally, the main topic of the day around Pwned Passwords and the work done with the FBI and NCA is the most epic thing I've done for a very long time. On reflection, I feel like this is the first major step towards HIBP growing up and becoming self-sufficient; that Pwned Passwords piece is now owned by the community, supported by the community, contributed to by 2 of the world's foremost

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Log4j: A CISO's Practical Advice

Dark Reading

Working together is going to make getting through this problem a lot easier.

139
139
article thumbnail

Fisher Price Chatter Bluetooth Telephone 60G LTE has serious privacy issues

Security Affairs

Experts found serious privacy issues affecting Fisher Price Chatter Bluetooth Telephone, a Bluetooth headset that appears like a classic kids toy. Fisher Price Chatter Bluetooth Telephone has the appearance of a classic kids toy, but it was designed for adults and allows to make and receive calls over Bluetooth using a nearby smartphone. The device is a Bluetooth headset that accepts the connections from a smartphone and could be used to take calls or as a speakerphone, unfortunately, serious pr

Privacy 88
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

The Worst Hacks of 2021

WIRED Threat Level

It was a year of ransomware, surveillance, data breaches, and yes, more ransomware.

article thumbnail

Friday Squid Blogging: Squid-Headed Statue Appears in Dallas

Schneier on Security

Someone left it in a cemetery. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.