Source: www.securityweek.com – Author: Eduard Kovacs Apple on Thursday released security updates for its operating systems to patch dozens of vulnerabilities that could expose iPhones and...
Day: May 19, 2023
Investors Make $6M Bet on Manifest for SBOM Management Technology – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ryan Naraine Manifest, an early stage startup building technology to help businesses generate, collect, and operationalize software bill of materials (SBOMs), has...
RSAC Fireside Chat: Upgrading containment to counter Putin’s weaponizing of ransomware – Source: www.lastwatchdog.com
Source: www.lastwatchdog.com – Author: bacohido By Byron V. Acohido The ransomware plague endures — and has arisen as a potent weapon in geopolitical conflicts. Related: The...
KeePass Flaw Exposes Master Passwords – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 A vulnerability has been discovered in the KeePass password management software (v2.X), allowing an attacker to dump the master password from...
CommonMagic Malware Implants Linked to New CloudWizard Framework – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 The CommonMagic malware implant has been associated with a previously unknown advanced persistent threat campaign linked to the Russo-Ukrainian conflict and...
Experts Warn of Voice Cloning-as-a-Service – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 Security experts are warning of surging threat actor interest in voice cloning-as-a-service (VCaaS) offerings on the dark web, designed to streamline...
Luxottica confirms 2021 data breach after info of 70M leaks online – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Luxottica has confirmed one of its partners suffered a data breach in 2021 that exposed the personal information of 70...
Cybercrime gang pre-infects millions of Android devices with malware – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas A large cybercrime enterprise tracked as the “Lemon Group” has reportedly pre-installed malware known as ‘Guerilla’ on almost 9 million...
KeePass exploit helps retrieve cleartext master password, fix coming soon – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas The popular KeePass password manager is vulnerable to extracting the master password from the application’s memory, allowing attackers who compromise...
Apple fixes three new zero-days exploited to hack iPhones, Macs – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Sergiu Gatlan Apple has addressed three new zero-day vulnerabilities exploited in attacks to hack into iPhones, Macs, and iPads. “Apple is aware...
Lemon Gang Pre-Infects 9 Million Android Devices With Malware – Source: heimdalsecurity.com
Source: heimdalsecurity.com – Author: Cristian Neagu Nearly 9 million Android-based smartphones, watches, TVs, and TV boxes have been infected with the “Guerrilla” malware, pre-installed on the...
Application Control 101: Definition, Features, Benefits, and Best Practices – Source: heimdalsecurity.com
Source: heimdalsecurity.com – Author: Mihaela Marian Application control is part and parcel of the larger cybersecurity landscape of access control, as outlined by the National Institute...
IOTW: Location data of two million customers exposed in Toyota data breach
A cloud misconfiguration in car manufacturer Toyota’s servers may have leaked sensitive information belonging to more than two million customers. The cloud misconfiguration meant that sensitive...
LockBit Leaks 1.5TB of Data Stolen From Indonesia’s BSI Bank – Source: www.govinfosecurity.com
Source: www.govinfosecurity.com – Author: 1 Finance & Banking , Fraud Management & Cybercrime , Industry Specific Bank Syariah Indonesia Says Service Interruptions Were Maintenance Jayant Chakravarti...
Live Webinar | The Evolution of Software Supply Chain Attacks – Source: www.govinfosecurity.com
Source: www.govinfosecurity.com – Author: 1 Brian Fox Co-founder and CTO, Sonatype Co-founder and CTO, Brian Fox is a Governing Board member for the Opensource Security Foundation,...
Ukraine’s Cyber Defense Success: Top Takeaways – Source: www.govinfosecurity.com
Source: www.govinfosecurity.com – Author: 1 Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime Experts Highlight the Importance of Preparation, Partnerships, Resilience Mathew J. Schwartz (euroinfosec)...
LIVE Webinar | Inside The State of Data Security: The Hard Truths – Source: www.govinfosecurity.com
Source: www.govinfosecurity.com – Author: 1 Steven Stone Head of Rubrik Zero Labs, Rubrik Steven Stone leads Rubrik’s new data threat research unit to uncover real-world intrusions...
Cryptohack Roundup: Uranium Finance, LayerZero, MiCA – Source: www.govinfosecurity.com
Source: www.govinfosecurity.com – Author: 1 Blockchain & Cryptocurrency , Cryptocurrency Fraud , Fraud Management & Cybercrime Also: Ledger Faces Backlash on Seed Phrase Recovery Solution Rashmi...
LIVE Webinar | Hackers Don’t Back Down, So You Need to Back Up: Data Security’s Hardest Truths – Source: www.govinfosecurity.com
Source: www.govinfosecurity.com – Author: 1 Steven Stone Head of Rubrik Zero Labs, Rubrik Steven Stone leads Rubrik’s new data threat research unit to uncover real-world intrusions...
Breach Roundup: Philadelphia Inquirer – Source: www.govinfosecurity.com
Source: www.govinfosecurity.com – Author: 1 Breach Notification , Fraud Management & Cybercrime , Incident & Breach Response Also: Swiss Multinational ABB, Lacroix, US DOT and Qilin...
French Privacy Watchdog Pledges Additional AI Oversight – Source: www.govinfosecurity.com
Source: www.govinfosecurity.com – Author: 1 General Data Protection Regulation (GDPR) , Governance & Risk Management , Privacy CNIL Says ‘Privacy-Friendly’ AI Systems Are a Must Akshaya...
Accessibility should be a cybersecurity priority, says UK NCSC – Source: www.csoonline.com
Source: www.csoonline.com – Author: Cybersecurity training, controls, and requirements that are inaccessible, especially to those with disabilities, can make businesses less secure and more vulnerable to...
Critical remote code execution flaws patched in Cisco small business switches – Source: www.csoonline.com
Source: www.csoonline.com – Author: Some of the vulnerabilities could lead to complete compromise of the device as a proof of concept is publicly available. Cisco patched...
OX Security adds ChatGPT plugin for AppSec – Source: www.csoonline.com
Source: www.csoonline.com – Author: OX-GPT plugin promises natural-language security analysis for application security teams. OX Security, an application security vendor, now has a plugin for ChatGPT,...
Organizations reporting cyber resilience are hardly resilient: Study – Source: www.csoonline.com
Source: www.csoonline.com – Author: The study commissioned by Immersive Labs finds majority of cyber resilient companies lack tools to assess their resilience. While most organizations have...
5 useful search engines for internet‑connected devices and services – Source: www.welivesecurity.com
Source: www.welivesecurity.com – Author: Camilo Gutiérrez Amaya A roundup of some of the handiest tools that security professionals can use to search for and monitor devices...
Meet “AI”, your new colleague: could it expose your company’s secrets? – Source: www.welivesecurity.com
Source: www.welivesecurity.com – Author: Roman Cuprik Before rushing to embrace the LLM-powered hire, make sure your organization has safeguards in place to avoid putting its business...
Proofpoint Joins Joint Cyber Defense Collaborative – Source: www.proofpoint.com
Source: www.proofpoint.com – Author: 1 Public-private partnership will facilitate a holistic and synchronized approach to threat prevention, detection, and response SUNNYVALE, Calif., May 17, 2023 –...
Apple’s secret is out: 3 zero-days fixed, so be sure to patch now! – Source: nakedsecurity.sophos.com
Source: nakedsecurity.sophos.com – Author: Paul Ducklin Remember that zipped-lipped but super-fast update that Apple pushed out three weeks ago, on 2023-05-01? That update was the very...
S3 Ep135: Sysadmin by day, extortionist by night – Source: nakedsecurity.sophos.com
Source: nakedsecurity.sophos.com – Author: Paul Ducklin DOUG. Inside jobs, facial recognition, and the “S” in “IoT” still stands for “security”. All that, and more, on the Naked...