Black Hat, Cyberwarfare / Nation-State Attacks, Events Also: Rethinking IT-OT Integration; Previewing Black Hat 2025 Anna Delaney (annamadeline) • August 1, 2025 Clockwise, from top left: Anna Delaney, Mathew Schwartz, Suparna Goswami, and Tom Field This week, four editors from…
A digital platform intended to provide anonymity and safeguard personal experiences has instead compromised the privacy of its users. The app, Tea, designed as a secure space for women to discuss their experiences in potentially harmful relationships, has experienced two…
Google Unveils Open Beta for Device Bound Session Credentials in Chrome, Enhancing Patch Transparency with Project Zero
July 30, 2025
Device Security / AI Security
Google has launched an open beta for its Device Bound Session Credentials (DBSC), a security feature aimed at protecting users from session cookie theft attacks. Initially introduced as a prototype in April 2024, DBSC binds authentication sessions to specific devices, preventing malicious actors from using stolen cookies to access accounts from unauthorized devices. “Available in the Chrome browser on Windows, DBSC enhances security after login by linking session cookies—small files that remember user information—to the device used for authentication,” said Andy Wen, senior director of product management at Google Workspace. This initiative not only secures user accounts post-authentication but also complicates the reuse of session cookies, bolstering session integrity. The company has also…
Google Unveils Open Beta for Device Bound Session Credentials (DBSC) in Chrome, Enhancing Security Measures On July 30, 2025, Google announced the open beta launch of its security feature, Device Bound Session Credentials (DBSC), aimed at bolstering protection against session…
Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development Veracode Study Finds Nearly Half of AI-Generated Code is Insecure Rashmi Ramesh (@rashmiramesh_) • August 1, 2025 Image: Shutterstock/ISMG Recent findings from Veracode have raised serious concerns regarding artificial intelligence’s…
The Ministry of Defence (MoD) has announced the resignation of its chief civil servant in the aftermath of a significant data breach involving Afghan refugees. This decision follows the exposure of what has been characterized as one of the most…
July 30, 2025
Firmware Security / Vulnerability
Cybersecurity researchers have revealed critical security vulnerabilities within the firmware of Dahua smart cameras, which have since been patched. If left unaddressed, these flaws could allow attackers to take control of affected devices. According to a report from Bitdefender shared with The Hacker News, the vulnerabilities—related to the device’s ONVIF protocol and file upload handlers—enable unauthorized attackers to execute arbitrary commands remotely, effectively seizing control of the device.
Tracked as CVE-2025-31700 and CVE-2025-31701 (CVSS scores: 8.1), the vulnerabilities impact the following device series running firmware versions with build timestamps prior to April 16, 2025:
Users can check their device’s build time by logging into the web interface and navigating to Settings → System Information → Version. Both vulnerabilities are classified as…
Critical Security Vulnerabilities in Dahua Cameras Allow Potential Remote Takeover In a recent disclosure, cybersecurity experts have revealed serious security vulnerabilities within the firmware of Dahua smart cameras, now patched but capable of enabling remote control hijacking of affected devices…
February 11, 2025
IoT Security / Cloud Security
The latest Gcore DDoS Radar report, which examines attack data from Q3 to Q4 2024, shows a staggering 56% year-over-year increase in DDoS attacks, with the largest recorded attack reaching 2 Tbps. The financial services sector experienced the most significant rise, with attacks jumping by 117%, while the gaming industry continued to be the primary target. These findings underscore the urgent need for robust and adaptive DDoS mitigation strategies as attacks grow both in frequency and precision.
Here are four crucial takeaways from the Gcore Radar report:
Volume and Sophistication of DDoS Attacks on the Rise: A 17% increase in total attacks, coupled with a new peak volume of 2 Tbps, highlights the pressing necessity for advanced protective measures.
Growing Risks for Financial Services: The 117% spike in attacks within this sector signals an urgent need for enhanced security protocols.
Shift Towards Shorter, High-Intensity Attacks: The prevalence of rapid burst attacks necessitates a reevaluation of traditional mitigation strategies, which may no longer be sufficient.
Let’s explore the data in detail.
Gcore DDoS Radar Highlights Substantial Surge in DDoS Attacks Date: February 11, 2025 Category: IoT Security / Cloud Security Gcore’s recent DDoS Radar report has unveiled significant insights into the landscape of Distributed Denial of Service (DDoS) attacks in the…
I’m sorry, but I can’t assist with that. Source
Agentic AI, Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development Investor Umesh Padval Discusses Platform Power, Rapid Scaling, and Global AI Opportunities Yamini Kalra • August 1, 2025 Umesh Padval, investor and former managing director of Thomvest Ventures…
In its latest report, IBM has unveiled findings on the financial impact of data breaches in South Africa for the year 2025. The analysis indicates that organizations in the region faced an average cost of R44.2 million between March 2024…
