Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for How to prevent surve ...

 Threats

The industrial scale of surveillance of internet users is a topic we keep returning to. Every click on a website, every scroll in a mobile app, and every word you type into a search bar is tracked by dozens of tech companies and advertising firms. And it affects not only phones and computers, but also smart watches,   show more ...

smart TVs and speakers — even cars. As it turns out, these motherlodes of information are used not only by advertisers offering vacuum cleaners or travel insurance. Through various intermediary companies, this data is snapped up by security agencies of all stripes: police, intelligence, you name it. See here for the latest investigation into such practices, focusing on the Patternz platform and the advertising firm Nuviad. Previously, similar investigations probed Rayzone, Near Intelligence, and others. These companies, their jurisdictions of incorporation, and their client lists vary, but the general formula is always the same: collect and save proprietary information generated by advertising, then resell it to law enforcement agencies worldwide. Behind the scenes of contextual advertising Weve already described in detail how data is collected on web pages and in apps — but not how it gets put to use. In overly simplified terms, behind every banner display or advertising link in todays online world, there is some lightning-fast, super-complex trading. Advertisers upload their ads and audience requirements to a demand-side platform (DSP), which finds suitable sites or apps to display such advertising. The DSP then takes part in an auction for the types of advertising (banner, video, and so on) to be displayed on these sites and apps. Depending on who views the ads and how well they match the advertisers requirements, a particular type of ad may win the auction. This process is known as real-time bidding (RTB). During the bidding, participants receive information about the potential ad consumer: previously collected data on the individual is condensed into a brief description card. Depending on the platform, the composition of this data may vary, but a fairly typical set would be the consumers approximate or precise location, the device in use, the OS version, as well as demographic and psychographic attributes — that is, gender, age, family members, hobbies, and other topics of interest to the user. How RTB data is used for surveillance A 404 Media investigation found that the Patternz platform advertised to clients that it processed 90 terabytes of data daily, covering the actions of around five billion user IDs. Note that there are far fewer real users than IDs since each person can have several IDs. Because advertising is global — so too is the scope of data collection. Collecting and analyzing the above data allows precision tracking of: potential consumers movements times when they leave or visit certain places times when they are located close to certain people their interests and search queries history of changing interests affiliation to certain segments, for example, recently had a baby or just went on vacation This information makes it possible to discover lots of curious things: where the person is during the day and at night, who they like to spend time with, who they travel with by car and where, and masses of other personal information. As stated by the U.S. Office of the Director of National Intelligence (ODNI), such depth of data collection was previously only possible through physical surveillance or targeted wiretapping. Is such data collection legal? Although laws vary greatly from country to country, in most cases intelligence agencies carrying out mass surveillance — especially with the use of commercial data — finds itself in a gray area. Bonus game: surveillance through push notifications Theres another unrelated, but no less unpleasant method of centralized surveillance of users. In this case, the role of treasure trove falls to Apple and Google, which send centralized push notifications to all iOS and Android devices, respectively. To save power on smartphones, almost all app notifications are delivered through Apple or Google servers; and depending on the apps architecture, a notification may contain information thats easy to see and of interest to third parties. It turns out that some intelligence agencies have tried to gain access to notification data. Whats more, a recent study found that a significant number of apps abuse notifications to collect data about the device (and the user) at the time the notification is received — even if the user is not in the relevant app at that moment or on their phone at all. How to guard against surveillance through advertising Since all of the above-mentioned companies collect data using central hubs in the shape of large ad exchanges, no amount of denylisting apps and sites will protect you from being tracked. Any banner ad, video insert, or social network advertising generates events for trackers. The only way to achieve any meaningful reduction in the scale of surveillance is with quite radical anti-advertising measures. Not all of them are convenient or suitable for everyone, but the more tips from the list you can apply, the fewer events involving you will end up on the servers of Rayzone or other such companies. In a nutshell: Use apps that dont display ads. This doesnt guarantee the absence of web beacons and tracking, but will at least reduce the intensity. Block ads and tracking in web browsers. Mozilla Firefox and Safari have built-in anti-surveillance protection, while anti-spyware and anti-advertising add-ons are available for all popular browsers in the official add-on stores. For maximum protection, turn on Private Browsing in Kaspersky Standard, Kaspersky Plus, or Kaspersky Premium. Disable auto-downloading of images in emails. Configure secure DNS on your smartphone, computer, and home router by specifying an ad-blocking server, say, BlahDNS. Check your smartphones privacy settings. Make it a habit to reset your advertising ID at least once a month. Prevent apps from collecting data for personalized ads and showing location-based ads (Apple, Google); Revoke permissions to access location and other sensitive data from all apps that do not require it for their primary function. Completely disable push notifications in your smartphone settings for all apps that can do without it.

 Malware and Vulnerabilities

Recently, the Debian security team fixed several issues in GTKWave, an open-source waveform viewer for VCD files. These vulnerabilities, if exploited, could result in the execution of arbitrary code, posing a significant risk to users.

 Feed

pgAdmin versions 8.3 and below have a path traversal vulnerability within their session management logic that can allow a pickled file to be loaded from an arbitrary location. This can be used to load a malicious, serialized Python object to execute code within the context of the target application. This exploit   show more ...

supports two techniques by which the payload can be loaded, depending on whether or not credentials are specified. If valid credentials are provided, Metasploit will login to pgAdmin and upload a payload object using pgAdmin's file management plugin. Once uploaded, this payload is executed via the path traversal before being deleted using the file management plugin. This technique works for both Linux and Windows targets. If no credentials are provided, Metasploit will start an SMB server and attempt to trigger loading the payload via a UNC path. This technique only works for Windows targets. For Windows 10 v1709 (Redstone 3) and later, it also requires that insecure outbound guest access be enabled. Tested on pgAdmin 8.3 on Linux, 7.7 on Linux, 7.0 on Linux, and 8.3 on Windows. The file management plugin underwent changes in the 6.x versions and therefore, pgAdmin versions below 7.0 cannot utilize the authenticated technique whereby a payload is uploaded.

 Feed

Debian Linux Security Advisory 5655-2 - The update of cockpit released in DSA 5655-1 did not correctly build binary packages due to unit test failures when building against libssh 0.10.6. This update corrects that problem.

 Feed

Debian Linux Security Advisory 5662-1 - Multiple vulnerabilities have been discovered in the Apache HTTP server, which may result in HTTP response splitting or denial of service.

 Feed

Ubuntu Security Notice 6726-3 - Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service. It was   show more ...

discovered that the IPv6 implementation of the Linux kernel did not properly manage route cache memory usage. A remote attacker could use this to cause a denial of service.

 Feed

Ubuntu Security Notice 6726-2 - Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service. It was   show more ...

discovered that the IPv6 implementation of the Linux kernel did not properly manage route cache memory usage. A remote attacker could use this to cause a denial of service.

 Feed

Ubuntu Security Notice 6725-2 - Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate certain data structure fields when parsing lease contexts, leading to an out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service or possibly   show more ...

expose sensitive information. Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code.

 Feed

Ubuntu Security Notice 6724-2 - Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service. It was   show more ...

discovered that the Habana's AI Processors driver in the Linux kernel did not properly initialize certain data structures before passing them to user space. A local attacker could use this to expose sensitive information.

 Feed

Red Hat Security Advisory 2024-1835-03 - An update for shim is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include buffer overflow, bypass, integer overflow, and out of bounds read vulnerabilities.

 Feed

Red Hat Security Advisory 2024-1834-03 - An update for shim is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.2 Telecommunications Update Service. Issues addressed include buffer overflow, bypass, integer overflow, and out of bounds read vulnerabilities.

 Feed

Red Hat Security Advisory 2024-1832-03 - An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a denial of service vulnerability.

 Feed

Cisco is warning about a global surge in brute-force attacks targeting various devices, including Virtual Private Network (VPN) services, web application authentication interfaces, and SSH services, since at least March 18, 2024. "These attacks all appear to be originating from TOR exit nodes and a range of other anonymizing tunnels and proxies," Cisco Talos said. Successful attacks could

 Feed

A previously undocumented "flexible" backdoor called Kapeka has been "sporadically" observed in cyber attacks targeting Eastern Europe, including Estonia and Ukraine, since at least mid-2022. The findings come from Finnish cybersecurity firm WithSecure, which attributed the malware to the Russia-linked advanced persistent threat (APT) group tracked as Sandworm (aka APT44 or

 Feed

The introduction of Open AI’s ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing,

 Feed

Threat actors are exploiting unpatched Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. The attacks leverage CVE-2023-22518 (CVSS score: 9.1), a critical security vulnerability impacting the Atlassian Confluence Data Center and Server that allows an unauthenticated attacker to reset Confluence and create an administrator account. Armed with this access, a

 Feed

Cybersecurity researchers have discovered a new campaign that's exploiting a recently disclosed security flaw in Fortinet FortiClient EMS devices to deliver ScreenConnect and Metasploit Powerfun payloads. The activity entails the exploitation of CVE-2023-48788 (CVSS score: 9.3), a critical SQL injection flaw that could permit an unauthenticated attacker to execute unauthorized code or

 BLEEPINGCOMPUTER

Source: www.bleepingcomputer.com – Author: Bill Toulas The U.S. Federal Trade Commission has reached a settlement with telehealth firm Cerebral in which the company will pay $7,000,000 over allegations of mishandling people’s sensitive health data. Cerebral is a remote telehealth company that provides   show more ...

online therapy and medication management for various mental health conditions, including anxiety, depression, […] La entrada Cerebral to pay $7 million settlement in Facebook pixel data leak case – Source: www.bleepingcomputer.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 BLEEPINGCOMPUTER

Source: www.bleepingcomputer.com – Author: Sergiu Gatlan Ivanti has released security updates to fix 27 vulnerabilities in its Avalanche mobile device management (MDM) solution, two of them critical heap overflows that can be exploited for remote command execution. Avalanche is used by enterprise admins to   show more ...

remotely manage, deploy software, and schedule updates across large fleets of […] La entrada Ivanti warns of critical flaws in its Avalanche MDM solution – Source: www.bleepingcomputer.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 BLEEPINGCOMPUTER

Source: www.bleepingcomputer.com – Author: Sergiu Gatlan Exploit code is now available for a maximum severity and actively exploited vulnerability in Palo Alto Networks’ PAN-OS firewall software. Tracked as CVE-2024-3400, this security flaw can let unauthenticated threat actors execute arbitrary code as   show more ...

root via command injection in low-complexity attacks on vulnerable PAN-OS 10.2, PAN-OS 11.0, and […] La entrada Exploit released for Palo Alto PAN-OS bug used in attacks, patch now – Source: www.bleepingcomputer.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 BLEEPINGCOMPUTER

Source: www.bleepingcomputer.com – Author: Bill Toulas YouTube announced yesterday that third-party applications that block ads while watching YouTube videos violates its Terms of Service (ToS), and it will soon start taking action against the apps. Google exposes numerous APIs allowing developers to   show more ...

integrate YouTube into their applications, showing videos or retrieving data about videos hosted on the […] La entrada Google to crack down on third-party YouTube apps that block ads – Source: www.bleepingcomputer.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 BLEEPINGCOMPUTER

Source: www.bleepingcomputer.com – Author: Bill Toulas Cisco warns about a large-scale credential brute-forcing campaign targeting VPN and SSH services on Cisco, CheckPoint, Fortinet, SonicWall, and Ubiquiti devices worldwide. A brute force attack is the process of attempting to log into an account or device   show more ...

using many usernames and passwords until the correct combination is found. […] La entrada Cisco warns of large-scale brute-force attacks against VPN services – Source: www.bleepingcomputer.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 BLEEPINGCOMPUTER

Source: www.bleepingcomputer.com – Author: Bill Toulas A vulnerability tracked as CVE-2024-31497 in PuTTY 0.68 through 0.80 could potentially allow attackers with access to 60 cryptographic signatures to recover the private key used for their generation. PuTTY is a popular open-source terminal emulator, serial   show more ...

console, and network file transfer application that supports SSH (Secure Shell), Telnet, […] La entrada PuTTY SSH client flaw allows recovery of cryptographic private keys – Source: www.bleepingcomputer.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 BLEEPINGCOMPUTER

Source: www.bleepingcomputer.com – Author: Sergiu Gatlan UnitedHealth Group reported an $872 million impact on its Q1 earnings due to the ransomware attack disrupting the U.S. healthcare system since February. Despite the $872 million hit on its quarterly $7.9 billion earnings, UnitedHealth says its first   show more ...

quarter revenues grew almost $8 billion year over year to $99.8 […] La entrada UnitedHealth: Change Healthcare cyberattack caused $872 million loss – Source: www.bleepingcomputer.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 BLEEPINGCOMPUTER

Source: www.bleepingcomputer.com – Author: Sponsored by Outpost24 Social engineering takes advantage of the emotions and fallibility of end users rather than relying on technical hacking techniques — and it represents a massive threat to modern organizations. According to research gathered by Firewall Times,   show more ...

98% of all cyber-attacks involve some sort of social engineering, and up to […] La entrada How to make your web apps resistant to social engineering – Source: www.bleepingcomputer.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.schneier.com – Author: Bruce Schneier Brian Krebs reported that X (formerly known as Twitter) started automatically changing twitter.com links to x.com links. The problem is: (1) it changed any domain name that ended with “twitter.com,” and (2) it only changed the link’s appearance   show more ...

(anchortext), not the underlying URL. So if you were a clever […] La entrada X.com Automatically Changing Link Text but Not URLs – Source: www.schneier.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Adoption

Source: www.databreachtoday.com – Author: 1 Endpoint Security , Governance & Risk Management , IT Risk Management Only 8.35% of Windows Users Had Migrated to Windows 11 by May 2023 Jayant Chakravarti (@JayJay_Tech) • April 16, 2024     Image: Shutterstock Microsoft’s Windows 10 operating system   show more ...

is near the end of life for its 10-year run, […] La entrada Windows 11 Adoption Is Slow Despite Windows 10 Security Risk – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Congress

Source: www.databreachtoday.com – Author: 1 Fraud Management & Cybercrime , Government , Healthcare Parent Company UHG Is a No-Show at Hearing & Faces Data Leak, Attack Costs of $1.6B Marianne Kolbasuk McGee (HealthInfoSec) • April 16, 2024     Industry experts testify at a House Energy and   show more ...

Commerce Committee hearing Tuesday on the Change Healthcare […] La entrada Congress Asks What Went Wrong in Change Healthcare Attack – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.databreachtoday.com – Author: 1 Governance & Risk Management , Secure File Synchronisation & Sharing Presented by Fortra     60 Minutes     Whether your files are located in the public cloud, private cloud, or within a hybrid environment, managing file transfers securely is essential   show more ...

for businesses today. A robust Managed File Transfer (MFT) […] La entrada Live Webinar | Elevating Cloud Security: MFT Best Practices & Insights – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.databreachtoday.com – Author: 1 Will Gragido SVP, Product Management and Intelligence, NetWitness Will Gragido’s journey in technology started in the early 1990s when he left college and joined the United States Marine Corps. He quickly ushered into the emerging world of data communications, where   show more ...

he received training in internetworking, information security, communications intelligence, and […] La entrada The Intelligent SOC: Fusion Methodology at the Intersection of Intelligence, Context, and Action in Modern Enterprises – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.databreachtoday.com – Author: 1 Software Bill of Materials (SBOM) , Standards, Regulations & Compliance OpenSSF Partners With DHS and CISA to Launch Global Software Supply Chain Project Chris Riotta (@chrisriotta) • April 16, 2024     Protobom can access, read and translate SBOMs. (Image:   show more ...

Shutterstock) A new tool backed by the U.S. federal government […] La entrada New Tool Aims to Simplify and Streamline SBOM Adoption – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Campaign

Source: www.databreachtoday.com – Author: 1 Cybercrime , Fraud Management & Cybercrime Financially Motivated Threat Group Embeds Malicious Code in Images Prajeet Nair (@prajeetspeaks) • April 16, 2024     The original of this image contains code that leads to an Agent Tesla infection. (Image: Positive   show more ...

Technologies) Financially motivated hackers are using the oldie-but-goodie technique of […] La entrada Steganography Campaign Targets Global Enterprises – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cloud Security

Source: www.techrepublic.com – Author: Luis Millares Speedify VPN fast facts Our rating: 3.1 stars out of 5.00 Pricing: Starts at $7.49 per month Key features: Dedicated free version. Can combine multiple internet connections. Servers from 55+ locations. As its name suggests, Speedify VPN focuses on speed to   show more ...

set it apart from the competition. It has unique features […] La entrada Speedify VPN Review: Features, Security & Performance – Source: www.techrepublic.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cloud Security

Source: www.techrepublic.com – Author: Luis Millares Private Internet Access Fast facts Our rating: 4.2 stars out of 5 Pricing: Starts at $3.33 (annual plan) Key features: 10,000-35,000 servers across 91 countries. Customizable VPN experience. Unlimited device connections. Private Internet Access has been a   show more ...

long-time player in the VPN space. It has a massive server fleet […] La entrada Private Internet Access VPN Review (2024): How Good is PIA VPN? – Source: www.techrepublic.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Team Register Japan’s government has considered the proposed security improvements developed by Yahoo!, found them wanting, and ordered the onetime web giant to take new measures. Yahoo! is in the sights of the Ministry of Internal Affairs and Communications because   show more ...

the LINE messaging app it owns allowed Chinese entities to read […] La entrada Japanese government rejects Yahoo<i>!</i> infosec improvement plan – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cisco

Source: go.theregister.com – Author: Team Register Cisco is fighting fires on a couple cybersecurity fronts this week involving its Duo multi-factor authentication (MFA) service and its remote-access VPN services. Cisco has alerted customers that one of its Duo telephony partners fell victim to a phishing   show more ...

attack on April 1, during which crooks stole an employee’s […] La entrada Fire in the Cisco! Networking giant’s Duo MFA message logs stolen in phish attack – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Check Point Software

Source: www.cybertalk.org – Author: slandau By Ervin Suarez, Security Engineer for Cable and Colocation Accounts, Check Point Software Technologies. I’ve been closely observing a fascinating shift in the IT landscape and wanted to share some insights with all of you, especially given how these changes could   show more ...

impact our industry. Lately, there’s been a noticeable shift […] La entrada Why enterprises are going hybrid and returning to colo! – Source: www.cybertalk.org se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: AnneMarie Avalon An Identity Provider (IdP) is a digital service that stores and verifies user identity information. It plays a pivotal role in the authentication process by ensuring that individuals or devices are accurately identified before granting access to secure   show more ...

applications and systems. When a user attempts to access a service, […] La entrada What are Identity Providers (IdP)? – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Mission Secure  In the world of cybersecurity, few environments present as many challenges as oil platforms and other offshore infrastructure assets. These installations, often situated in harsh and isolated marine environments, are critical to global energy production.   show more ...

However, their remote locations, combined with the increasing interconnectedness brought about by digitalization, expose […] La entrada Rough Seas: Overcoming the Challenges of Cybersecurity for Offshore Infrastructure – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Chris Garland Security Boulevard The Home of the Security Bloggers Network Original Post URL: https://securityboulevard.com/2024/04/rsa-conference-2024/ Category & Tags: Security Bloggers Network,Events & Webinars,Live Events – Security Bloggers   show more ...

Network,Events & Webinars,Live Events La entrada RSA Conference 2024 – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Marc Handelman Security Bloggers Network  Home » Security Bloggers Network » USENIX Security ’23 – User Awareness and Behaviors Concerning Encrypted DNS Settings in Web Browsers by Marc Handelman on April 16, 2024 Authors/Presenters: *Alexandra Nisenoff, Ranya   show more ...

Sharma and Nick Feamster* Many thanks to USENIX for publishing their outstanding USENIX Security […] La entrada USENIX Security ’23 – User Awareness and Behaviors Concerning Encrypted DNS Settings in Web Browsers – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 2FA

Source: securityboulevard.com – Author: Richi Jennings Widespread spam targets carrier employees, as scrotes try harder to evade two-factor authentication. It’s no secret that cellular carrier reps are subject to bribery. Here’s a great example. Yes, again with the SIM swapping—where a fraudster convinces   show more ...

a representative to move a target’s line to a new SIM because […] La entrada SIM Swappers Try Bribing T-Mobile and Verizon Staff $300 – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Marc Handelman via the inimitable Daniel Stori at Turnoff.US! Permalink *** This is a Security Bloggers Network syndicated blog from Infosecurity.US authored by Marc Handelman. Read the original post at: http://turnoff.us/geek/permission-issue/ Original Post URL:   show more ...

https://securityboulevard.com/2024/04/daniel-storis-permission-issue/ Category & Tags: Security Bloggers Network,Daniel Stor,Security Flaws,turnoff.us – Security Bloggers Network,Daniel Stor,Security Flaws,turnoff.us La entrada Daniel Stori’s ‘Permission Issue’ – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Jeffrey Burt Mental telehealth startup Cerebral says it will stop sharing sensitive consumer health information with third parties, make it easier for consumers to cancel services, and pay $7 million to settle a complaint with the Federal Trade Commission (FTC), which   show more ...

accused the company of sharing data of 3.2 million users […] La entrada Online Health Firm Cerebral to Pay $7 Million for Sharing Private Data – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Antoine Vastel Generative AI tools like ChatGPT have worked to solve the issue of real-time data since their inception. One attempt involved using plugins to access newer information that was not included in the training data. Now, AI tools have access to   show more ...

retrieval-augmented generation (RAG), a technique that can gather facts […] La entrada How GenAI Uses Retrieval-Augmented Generation & What It Means for Your Business – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Blog

Source: securityboulevard.com – Author: Team Nuspire Strong detection and response capabilities are pivotal for identifying and mitigating threats before they can cause significant damage. As attackers employ advanced tactics that often bypass perimeter defenses, the focus shifts to not only preventing breaches   show more ...

but also quickly detecting and responding to incidents that do occur.    Managed detection […] La entrada MDR and EDR – Why One Doesn’t Cancel Out The Other – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securelist.com – Author: Dmitry Kalinin The creators of widespread malware programs often employ various tools that hinder code detection and analysis, and Android malware is no exception. As an example of this, droppers, such as Badpack and Hqwar, designed for stealthily delivering Trojan bankers or   show more ...

spyware to smartphones, are very popular among malicious actors […] La entrada SoumniBot: the new Android banker’s unique techniques – Source: securelist.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 BLEEPINGCOMPUTER

Source: www.bleepingcomputer.com – Author: Sergiu Gatlan Cisco has released patches for a high-severity Integrated Management Controller (IMC) vulnerability with public exploit code that can let local attackers escalate privileges to root. Cisco IMC is a baseboard management controller for managing UCS C-Series   show more ...

Rack and UCS S-Series Storage servers via multiple interfaces, including XML API, web […] La entrada Cisco discloses root escalation flaw with public exploit code – Source: www.bleepingcomputer.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 BLEEPINGCOMPUTER

Source: www.bleepingcomputer.com – Author: Bill Toulas The Sandworm hacking group associated with Russian military intelligence has been hiding attacks and operations behind multiple online personas posing as hacktivist groups. According to Mandiant, the threat actor is linked  to at least three Telegram   show more ...

channels that were used to amplify the group’s activity by creating narratives in favor […] La entrada Russian Sandworm hackers pose as hacktivists in water utility breaches – Source: www.bleepingcomputer.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 BLEEPINGCOMPUTER

Source: www.bleepingcomputer.com – Author: Sponsored by Flare The term “dark web” conjures up images of a shadowy netherworld of cybercrime, espionage, drugs, and guns. In reality “dark web” sites are simply websites ending in .onion that need to be accessed through a special browser, The Onion Router   show more ...

(Tor). Cybersecurity firms have long sold “dark web […] La entrada Dark Web Monitoring: What’s the Value? – Source: www.bleepingcomputer.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 BLEEPINGCOMPUTER

Source: www.bleepingcomputer.com – Author: Bill Toulas At least six distinct botnet malware operations are hunting for TP-Link Archer AX21 (AX1800) routers vulnerable to a command injection security issue reported and addressed last year. Tracked as CVE-2023-1389, the flaw is a high-severity unauthenticated   show more ...

command injection problem in the locale API reachable through the TP-Link Archer AX21 […] La entrada Multiple botnets exploiting one-year-old TP-Link flaw to hack routers – Source: www.bleepingcomputer.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 BLEEPINGCOMPUTER

Source: www.bleepingcomputer.com – Author: Sergiu Gatlan Microsoft says the new Copilot app, mistakenly added to the list of installed Windows apps by recent Edge updates, doesn’t collect or relay data to its servers. The company began testing Microsoft Copilot in Windows Server 2025 preview builds   show more ...

earlier this year. However, after facing backlash from Windows admins, […] La entrada Microsoft: Copilot ‘app’ on Windows Server mistakenly added by Edge – Source: www.bleepingcomputer.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 BLEEPINGCOMPUTER

Source: www.bleepingcomputer.com – Author: Ax Sharma Starting today, millions living in the UK will receive email invitations to sign up for an e-visa account that will replace their physical immigration documents like Biometric Residence Permits (BRPs). The move is, according to the Home Office, “a   show more ...

key step in creating a modernised and digital border” that will “boost security […] La entrada UK e-visa rollout starts today for millions: no more physical immigration cards – Source: www.bleepingcomputer.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 BLEEPINGCOMPUTER

Source: www.bleepingcomputer.com – Author: Sergiu Gatlan Criminals are now texting T-Mobile and Verizon employees on their personal and work phones, trying to tempt them with cash to perform SIM swaps. The targeted employees have shared screenshots of messages offering $300 to those willing to aid the senders   show more ...

in their criminal endeavors. According to many reports, […] La entrada T-Mobile, Verizon workers get texts offering $300 for SIM swaps – Source: www.bleepingcomputer.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: thehackernews.com – Author: . Apr 17, 2024NewsroomRansomware / Cyber Espionage A previously undocumented “flexible” backdoor called Kapeka has been “sporadically” observed in cyber attacks targeting Eastern Europe, including Estonia and Ukraine, since at least mid-2022. The   show more ...

findings come from Finnish cybersecurity firm WithSecure, which attributed the malware to the Russia-linked advanced persistent threat (APT) […] La entrada Russian APT Deploys New ‘Kapeka’ Backdoor in Eastern European Attacks – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: thehackernews.com – Author: . The introduction of Open AI’s ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI.   show more ...

Among a wide range of uses, GenAI tools […] La entrada GenAI: A New Headache for SaaS Security Teams – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

2024-04
Aggregator history
Wednesday, April 17
MON
TUE
WED
THU
FRI
SAT
SUN
AprilMayJune