Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal DataA malicious Python package on the Python Package Index (PyPI) repository has been found to...
Day: March 26, 2023
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Cyber Security News FeedzyAuto The Hacker News
OpenAI Reveals Redis Bug Behind ChatGPT User Data Exposure Incident
OpenAI Reveals Redis Bug Behind ChatGPT User Data Exposure IncidentOpenAI on Friday disclosed that a bug in the Redis open source library was responsible for the...
Microsoft Warns of Stealthy Outlook Vulnerability Exploited by Russian Hackers
Microsoft Warns of Stealthy Outlook Vulnerability Exploited by Russian HackersMicrosoft on Friday shared guidance to help customers discover indicators of compromise (IoCs) associated with a recently...
0 - CT 0 - CT - Cybersecurity Tools - ANTI DDOS 0 - CT - SOC - CSIRT Operations - DDOS Attacks Cyber Security News FeedzyAuto The Hacker News
U.K. National Crime Agency Sets Up Fake DDoS-For-Hire Sites to Catch Cybercriminals
U.K. National Crime Agency Sets Up Fake DDoS-For-Hire Sites to Catch CybercriminalsIn what's a case of setting a thief to catch a thief, the U.K. National...
0 - CT 0 - CT - SOC - CSIRT Operations - Data Leak & Breach Incidents Notepad Cyber Security News FeedzyAuto FeedzyAutoTOP nakedsecurity
Google Pixel phones had a serious data leakage bug – here’s what to do!
Google Pixel phones had a serious data leakage bug – here’s what to do!What if the "safe" images you shared after carefully cropping them... had some...
0 - CT 0 - CT - SOC - CSIRT Operations - Data Leak & Breach Incidents Notepad Cyber Security News FeedzyAuto FeedzyAutoTOP nakedsecurity
Windows 11 also vulnerable to “aCropalypse” image data leakage
Windows 11 also vulnerable to “aCropalypse” image data leakageTurns out that the Windows 11 Snipping Tool has the same "aCropalypse" data leakage bug as Pixel phones....
S3 Ep127: When you chop someone out of a photo, but there they are anyway…
S3 Ep127: When you chop someone out of a photo, but there they are anyway…Listen now - latest episode. Full transcript inside.Read MoreNaked SecurityListen now -...
WooCommerce Payments plugin for WordPress has an admin-level hole – patch now!
WooCommerce Payments plugin for WordPress has an admin-level hole – patch now!Admin-level holes in websites are always a bad thing... and for "bad", read "worse" if...
Randall Munroe’s XKCD ‘Air Handler’
Randall Munroe’s XKCD ‘Air Handler’ via the comic artistry and dry wit of Randall Munroe, resident at XKCD! Permalink The post Randall Munroe’s XKCD ‘Air Handler’...
The Power of Open-Source Security: A Deep Dive
The Power of Open-Source Security: A Deep DiveOpen-source software (OSS) is increasingly becoming foundational to security strategies for cutting-edge security teams. In a recent webinar hosted...
The Cost of Tax Season Fraud: How Threat Actors Target Your Data and Money
The Cost of Tax Season Fraud: How Threat Actors Target Your Data and MoneyThe IRS identified a staggering $5.7 billion in tax fraud schemes last year,...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Cyber Security News Security Boulevard
USENIX Security ’22 – Yufei Chen, Xi’an Chao Shen, Cong Wang, Yang Zhang – ‘Teacher Model Fingerprinting Attacks Against Transfer Learning’
USENIX Security ’22 – Yufei Chen, Xi’an Chao Shen, Cong Wang, Yang Zhang – ‘Teacher Model Fingerprinting Attacks Against Transfer Learning’Our thanks to USENIX for publishing...
Trust Assurance: The Movement that’s Reviving GRC & Relationships
Trust Assurance: The Movement that’s Reviving GRC & RelationshipsIn business, we measure everything. Like the saying goes, “What gets measured gets done,” and most companies pay...
How to Distinguish Bot vs. Human Traffic
How to Distinguish Bot vs. Human TrafficNot so long ago, bots were considered a modern-day convenience. Understandably so, bots have the potential to make enterprises more...
0 - CT 0 - CT - Cybersecurity Vendors - Microsoft 0 - CT - Vulnerabilities Database Notepad - CVEs Cyber Security News Security Boulevard
Microsoft Outlook Remote Hash Vulnerability (CVE-2023-23397)
Microsoft Outlook Remote Hash Vulnerability (CVE-2023-23397)The post Microsoft Outlook Remote Hash Vulnerability (CVE-2023-23397) appeared first on Fidelis Cybersecurity. The post Microsoft Outlook Remote Hash Vulnerability (CVE-2023-23397)...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Cyber Security News Security Boulevard
USENIX Security ’22 – Xudong Pan, Mi Zhang, Beina Sheng, Jiaming Zhu, Min Yang – ‘Hidden Trigger Backdoor Attack On NLP Models Via Linguistic Style Manipulation’
USENIX Security ’22 – Xudong Pan, Mi Zhang, Beina Sheng, Jiaming Zhu, Min Yang – ‘Hidden Trigger Backdoor Attack On NLP Models Via Linguistic Style Manipulation’Our...
Linking Lit’s Lightweight Web Components And WebR For Vanilla JS Reactivity
Linking Lit’s Lightweight Web Components And WebR For Vanilla JS ReactivitySee it live before reading! This is a Lit + WebR reproduction of the OG Shiny...
Putin to staffers: Throw out your iPhones, or ‘give it to the kids’
Putin to staffers: Throw out your iPhones, or 'give it to the kids'April Fools should use Russian or Chinese tech instead, Kremlin advises Advisors and staff...
Ex-Meta security staffer accuses Greece of spying on her phone
Ex-Meta security staffer accuses Greece of spying on her phoneBeware of Greeks bearing GIFs Meta's former security policy manager, who split her time between the US...
0 - CT 0 - CT - Cybersecurity Architecture - Cloud Security 0 - CT - Cybersecurity Vendors - Microsoft Cyber Security News The Register
You just gonna take that AWS? Let Microsoft school your users on cloud security?
You just gonna take that AWS? Let Microsoft school your users on cloud security?And Google Cloud is next Microsoft has torn the wraps off its multi-cloud...
0 - CT 0 - CT - SOC - CSIRT Operations - Data Leak & Breach Incidents Notepad Cyber Security News The Register
BreachForums shuts down … but the RaidForums cybercrime universe will likely spawn a trilogy
BreachForums shuts down ... but the RaidForums cybercrime universe will likely spawn a trilogyAdmins decide reviving crime-mart is dangerous, hint at new chapter BreachForums has reportedly...
Xi, Putin declare intent to rule the world of AI, infosec
Xi, Putin declare intent to rule the world of AI, infosec'Technological sovereignty is the key to sustainability' states Russian despot Russian president Vladimir Putin and his...
India’s absurd infosec reporting rules get just 15 followers
India's absurd infosec reporting rules get just 15 followersCERT-In was told its six-hour notification requirement was a bad idea – now it knows just how bad...
Unknown actors deploy malware to steal data in occupied regions of Ukraine
Unknown actors deploy malware to steal data in occupied regions of UkraineIf this is Kyiv's work, Russia can Crimea river A cyber espionage campaign targeting organizations...
German political parties accused of microtargeting voters on Facebook
German political parties accused of microtargeting voters on FacebookCountry's super strong data rights under magnifying glass after half a dozen complaints filed Remember the Who Targets...
Journalist hurt by exploding USB bomb drive
Journalist hurt by exploding USB bomb driveNow that's a flash bang Police in Ecuador are investigating attacks on media organizations across the country after a journalist...
0 - CT 0 - CT - Cybersecurity Vendors - Cisco 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Cyber Security News The Register
Cisco kindly reveals proof of concept attacks for flaws in rival Netgear’s kit
Cisco kindly reveals proof of concept attacks for flaws in rival Netgear's kitMaybe this is deserved given the problem's in a hidden telnet service Public proof-of-concept...
0 - CT 0 - CT - SOC - CSIRT Operations - Data Leak & Breach Incidents Notepad Cyber Security News The Register
South Korea fines McDonald’s for data leak from raw SMB share
South Korea fines McDonald's for data leak from raw SMB shareBritish American Tobacco, Samsung, also burgered up their infosec South Korea's Personal Information Protection Commission has...
B-List celebs including Lindsay Lohan fined after crypto shill probe
B-List celebs including Lindsay Lohan fined after crypto shill probeDidn't disclose payments as mastermind pumped up value of tokens with fake trades Eight very B-list celebrities...
Bogus ChatGPT extension steals Facebook cookies
Bogus ChatGPT extension steals Facebook cookiesAll aboard the chatbot hype train! Next stop: Fraud Google has removed a ChatGPT extension from the Chrome store that steals...