Integrity/Availability/Authenticity/Security Leftovers
-
Silicon Angle ☛ Report finds excessive honeypots are spoiling cybersecurity data accuracy
According to the report and based on data from the Shodan search engine for internet-connected devices, there are more than 240,000 hosts posing as Confluence servers, but the number of genuine Confluence servers connected to the internet is far less, at around 4,000.
The discrepancy presents a significant challenge for security researchers and professionals attempting to gauge the real-world impact of vulnerabilities on Confluence servers. If there are 4,000 real servers and more than 240,000 honeypots, is it fair to assess the risk of a vulnerability based on using honeypots when the actual number of possible real targets is much, much lower?
-
The Register UK ☛ Rise of deepfake threats means biometric security measures won't be enough
As well as matching an individual's image to the one on record, systems relying on liveness detection also try to test if they are really there through an "active" request such as a head movement or "passive" sensing of micro facial movements and the focus of the eyes.
Yet these approaches could now be duped by AI deepfakes and need to be supplemented by additional layers of security, Gartner's VP Analyst Akif Khan told The Register.
-
Windows TCO
-
YLE ☛ Pro-Russian [cracker] group claims responsibility for DoS attacks on Finnish city websites
The cities of Helsinki, Tampere, Jyväskylä, Kotka, Lahti, Vaasa, Pori, Kuopio, Espoo and Turku all reported being targeted by Denial of Service attacks over the past two days. [...] Denial of Service attacks can be bought on the dark web, Moilanen added, and authorities — such as cities — are often the targets. The attacks over the last two days however strongly suggest a coordinated campaign, he said, and was probably intended to attract media attention.
-