Apple has released emergency updates to backport security patches released on Friday, addressing two actively exploited zero-day flaws also affecting older iPhones, iPads, and Macs. “Apple...
Day: April 10, 2023
Windows 11 changing Print Screen to open Snipping Tool by default
Microsoft is testing changes to how the print screen button works in Windows 11, causing it to open the Windows Snipping Tool rather than copying a...
KFC, Pizza Hut owner discloses data breach after ransomware attack
Yum! Brands, the brand owner of the KFC, Pizza Hut, and Taco Bell fast food chains, is now sending data breach notification letters to an undisclosed...
CISA orders govt agencies to update iPhones, Macs by May 1st
The Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies to patch two security vulnerabilities actively exploited in the wild to hack iPhones, Macs, and iPads....
SD Worx shuts down UK payroll, HR services after cyberattack
Belgian HR and payroll giant SD Worx has suffered a cyberattack causing them to shut down all IT systems for its UK and Ireland services. SD...
Top Tech Talent Warns of AI’s Threat to Human Existence in Open Letter
More than 1,000 of technology’s top talent names — including Twitter CEO Elon Musk, Apple co-founder Steve Wozniak, and politician Andrew Yang — have signed an...
Five New Actively Exploited Vulnerabilities Added by CISA to its KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added five new actively exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. Three of the added vulnerabilities...
Dutch Government to Adopt RPKI on All Its Networks for Safety Reasons
The Government of the Netherlands announced last week its intention to implement the Resource Public Key Infrastructure (RPKI) standard on all its networks. The measure is...
LLMs and Phishing
LLMs and Phishing Here’s an experiment being run by undergraduate computer science students everywhere: Ask ChatGPT to generate phishing emails, and test whether these are better...
Samsung employees unwittingly leaked company secret data by using ChatGPT
Samsung employees have unwittingly leaked top secret data by providing them to the popular chatbot service ChatGPT. Samsung employees have shared internal documents, including meeting notes...
Researchers disclose critical sandbox escape bug in vm2 sandbox library
The development team behind the vm2 JavaScript sandbox library addressed a critical Remote Code Execution vulnerability. The developers behind the vm2 JavaScript sandbox module have addressed...
Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition
Privacy Overview This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as...
Estonian National charged with helping Russia acquire U.S. hacking tools and electronics
Andrey Shevlyakov, an Estonian national, was charged in the US with conspiracy and other charges related to acquiring U.S.-made electronics on behalf of the Russian government...
Apple Issues Emergency Fix for Spyware-Style Zero Days
Cybercrime , Endpoint Security , Fraud Management & Cybercrime Apple Recommends Immediate Updating Due to Extensive List of Affected Devices Prajeet Nair (@prajeetspeaks) • April 8,...
EMEA Webinar | What You Don’t Know Can Hurt You: Open Source License Compliance and M&A Activity
Sam Quakenbush Senior Director – Field Innovation & Strategy, Mend Sam Quakenbush has spent the past 10 years working for cyber security companies covering various domains...
Just Who Exactly Should Take Responsibility for Application Security?
Application Security & Online Fraud , Fraud Management & Cybercrime , Security Operations Carol Hilderbrand • March 23, 2023 Recent high-profile software supply chain...
Look Beyond TikTok: Massive Data Collection Is the Real Risk
Fraud Management & Cybercrime , Social Media All Social Media Apps Collect Information on a Scale That Facilitates Surveillance Mathew J. Schwartz (euroinfosec) • March 29,...
Law Enforcement Lures Cybercriminals With Fake DDoS Services
Cybercrime , DDoS Protection , Fraud Management & Cybercrime ‘We’re Running Stresser/Booter Distributed Denial-of-Service Sites,’ Cops Caution Mathew J. Schwartz (euroinfosec) • April 6, 2023 ...
The Persisting Risks Posed by Legacy Medical Devices
Recently enacted U.S. legislation requiring vendors to design cybersecurity into medical devices is a good first step, but healthcare delivery organizations for many years to come...
Showing Evidence of ‘Recognized Security Practices’
3rd Party Risk Management , Business Continuity Management / Disaster Recovery , Critical Infrastructure Security Robert Booker, Chief Strategy Officer of HITRUST, on Providing Proof to...
Aité-Novarica’s Cybersecurity Impact Award
This episode covers the highlights of Aite-Novarica’s first-ever Cybersecurity Impact Award and announces that Radiant Logic was chosen as the winner for 2022. In this episode,...
LIVE Webinar | Moving from Alerts to Action: An Agency Exclusive SOAR Discussion
DevSecOps , Next-Generation Technologies & Secure Development Presented by Palo Alto Networks 60 minutes Security alerts have more than doubled in the...
Researchers Find Flaws in Japanese Word Processor Ichitaro
Endpoint Security JustSystems, Maker of Ichitaro, Says No Attacks Have Been Spotted Jayant Chakravarti (@JayJay_Tech) • April 7, 2023 Image: Shutterstock Security researchers uncovered...
Microsoft PowerToys adds Windows Registry preview feature
Microsoft PowerToys, a set of free utilities for Windows 10 users, has introduced a new feature allowing users to preview registry file contents before importing them....
All Dutch govt networks to use RPKI to prevent BGP hijacking
The Dutch government will upgrade the security of its internet routing by adopting before the end of 2024 the Resource Public Key Infrastructure (RPKI) standard. RPKI,...