Source: securityboulevard.com – Author: Richi Jennings Thinly veiled attempt to track you and make more ad money. Google’s proposed new web protocol has the effect of...
Author: Richi Jennings
‘China’ Azure Breach: MUCH Worse Than Microsoft Said – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Satya and Pooh, Sitting in a Tree, K.I.S.S.I.N.G. The nasty hack ‘by China’ I covered 11 days ago is even...
Biden Admin. Adds ‘Mercenary Spyware’ Firms to Ban List – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings European cousins Intellexa and Cytrox essentially banned by Commerce Dept. The U.S. Commerce Department now has a “presumption of denial”...
EU-US data transfers back in hotseat: Security of user data adds to privacy concerns – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings The Europeans say a new agreement with the U.S. means it’s OK to transfer data westwards again. Two previous decisions had...
StackRot: Linux Bug so bad Linus Dives Into Code to Fix It – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Torvalds feels the pressure, fixes lazy locks. A critical vulnerability in the Linux kernel caused Linus Torvalds (pictured) to get...
Contec SolarView: Critical Bug Unpatched After 14 MONTHS – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings 9.8 CVSS known since May 2022—but still exploitable on 400+ net-connected OT/ICS/SCADA systems. An “easily exploited, yet critical” vulnerability in...
Fortinet Bug: RUN — Don’t Walk — to Patch Critical RCE – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Or just get it off the internet, stat. Fortinet FortiOS security devices have yet another nasty bug. Is your shop...
Here’s MITRE’s top-25 CWE list — with your old vulnerability category favorites – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings MITRE has published this year’s list of vulnerability categories. The list of the top 25 types from the Common Weakness Enumeration (CWE) system...
‘Wagner Mercenary’ Hackers Destroy Russian Satellite Comms – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Dozor-Teleport hack, vandalism and data breach. But is it a Ukrainian false flag op? Russian satellite communications provider Dozor-Teleport has...
Ironic: LetMeSpy Spyware Hackers Were Hacked (by Hackers) – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Content warning: Abuse, stalking, controlling behavior. LetMeSpy is a hacking tool used for stalking and spying on spouses, although its...
GDPR FAIL: US Firm ‘Profiles Half the World’ — it’s Max Schrems Again – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings NYOB accuses TeleSign, Proximus and BICS of misusing phone users’ private data. A web of U.S. and Belgian companies secretly...
Microsoft Repeatedly Burned in ‘Layer 7’ DDoS – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Time and again this month, “Russian” hackers bring down Microsoft clouds. Microsoft confirms that a group pretending to be hacktivists...
Reddit Ransomware Raid Redux: BlackCat/ALPHV Demands $4.5M – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings John-Oliver-pics protest won’t change Reddit policy, but will ransom demand work? The BlackCat ransomware crew wants Reddit to pay up,...
CISA Warning: MOVEit Has Yet Another Zero-Day SQL Injection RCE Bug – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Hundreds of government agencies and companies breached in US alone. Now there’s a third SQLi flaw in MOVEit—and it’s being...
Your Personal Data Sold to US Intelligence Agencies – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Warrant not needed if info bought from brokers. An 18-month-old secret report—recently declassified—“raises significant issues related to privacy and civil...
What a Mess: Barracuda Swaps Countless Appliances — Malware Can’t be Removed – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Patching alone won’t cut it. Barracuda Networks is on the hook to exchange thousands of email security appliances. An unknown...
Pics AND it Didn’t Happen: Sex Deepfake FBI Alert – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Sextortionists stealing your innocent pictures to make AI nudes. The Federal Bureau of Investigation is warning of an uptick in...
Chrome Extensions Warning — Millions of Users Infected – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Perhaps as many as 87 million victims—maybe more. Google is under fire yet again for the lax way it manages...
‘Predator’ — Nasty Android Spyware Revealed – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Intellexa’s ‘mercenary spyware’ chains five unpatched bugs. Malware used by nation-states to target journalists, activists and opposition pols has been...
COSMICENERGY: ‘Russian’ Threat to Power Grids ICS/OT – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Shouty name—dangerous game. Red-team tool ripe for misuse. Researchers have discovered new malware that disrupts electricity grids. The sophisticated threat,...
‘BrutePrint’ Unlocks Android Phones — Chinese Researchers – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Or, at least, older phones. Researchers have found a brace of zero days that allow them to unlock Android phones...
PyPI paused as automated attack overwhelms admins – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings PyPI came under attack from bots at the weekend. Bad actors were trying to submit malicious packages with names similar to...
Facebook Fined $1.3B — Zuckerberg Furious in GDPR Fight – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings No legal way to move Europeans’ data to the US since 2015. Cloud industry better take note. Europe has finally...
Google Chrome 3rd Party Cookies Crumbling — Finally! – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Privacy Sandbox inching towards reality. But concerns remain. Google’s plan to kill the third party cookie is moving forward. Remember...
TSA Facial Recognition Pilot Flies Solo at U.S. Airports – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Prepare to have your face scanned at airport security. Although facial verification might be a better way to describe it....
Knives Out for TikTok as Journo Reveals her Spy Story – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings FT’s Criddle claims ByteDance spied on her—because she wrote damaging stories about TikTok. A technology reporter says she was “surveilled”...
Dallas Reels from Royal Ransomware Raid – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings Police, 911, courts and other city services staggering to recover. The city of Dallas is still partially paralyzed from Monday’s...
SolarWinds hack: Did DoJ know 6 months earlier? – Source: securityboulevard.com
Source: securityboulevard.com – Author: Richi Jennings What did the U.S. Justice Department know about the SolarWinds fiasco? How early did it find out? And who did it...