On Thursday, Apple urgently issued security patches for iOS, iPadOS, macOS, and watchOS. These updates were released in response to the exploitation of two previously unknown vulnerabilities in the wild. These flaws were utilized to deploy NSO Group’s Pegasus spyware,…
U.K. and U.S. Sanction 11 Russia-based Trickbot Cybercrime Gang Members
The U.K. and U.S. governments on Thursday sanctioned 11 individuals who are alleged to be part of the notorious Russia-based TrickBot cybercrime gang. “Russia has long been a safe haven for cybercriminals, including the TrickBot group,” the U.S. Treasury Department said,…
China Unleashes AI-Powered Image Generation For Influence Operations
The findings come from a new report released by Microsoft Threat Analysis Center on Thursday This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: China Unleashes AI-Powered Image Generation For Influence Operations
Polish Senate says use of government spyware is illegal in the country
A special commission within Poland’s Senate concluded that the government’s use of spyware, like the one made by NSO Group, is illegal. The commission announced on Thursday the conclusion of its 18-month investigation into allegations that the Polish government used…
6 stages of the ransomware lifecycle
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Security Resources and Information from TechTarget Read the original article: 6 stages of the ransomware lifecycle
Trickbot, Conti Sanctions Affect Top Cybercrime Brass
US Treasury officials said the sanctions move is part of its effort to combat Russian state-sponsored cybercrime. This article has been indexed from Dark Reading Read the original article: Trickbot, Conti Sanctions Affect Top Cybercrime Brass
Kenya Initiates Public Sector Digital Skills Training, No Mention of Cybersecurity
Training will cover cloud skills and working in a paperless environment, but any mention of a cybersecurity element is conspicuously lacking. This article has been indexed from Dark Reading Read the original article: Kenya Initiates Public Sector Digital Skills Training,…
Biometrics in law enforcement
How biometrics can help to make our world a safer place We’ve recently been exploring biometric technologies on this blog and how they have become a part of our everyday lives, helping us to move, travel and pay more seamlessly.…
The SEC demands more transparency about Cybersecurity incidents in public companies
The Securities and Exchange Commission (SEC) has introduced a new rule for public companies that requires them to be more transparent about cybersecurity incidents. The new rule requires companies to disclose any material cybersecurity incidents within four business days of…
Cyber-criminals Exploit GPUs in Graphic Design Software
Cisco Talos reported that the campaign has been active since at least November 2021 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Cyber-criminals Exploit GPUs in Graphic Design Software
UK Military Data Breach via Outdated Windows 7 System
A Windows 7 machine belonging to a high-security fencing company was the stunning weak link in a shocking cybersecurity incident that exposed vital military data. This hack not only underlines the need for organizations, including those that don’t seem to…
Dallas Ransomware Attack: Hackers Steal 800K City Files
Hackers who targeted the City of Dallas in the alleged ransomware attack have stolen nearly 1.2 terabytes of data, which equals a sum of 819,000 files, reports City officials. City’s Chief Information Officer Bill Zielinski describes that the threat actors…
Tesla data breach lawsuit and Johnson and Johnson data breach details
About three weeks ago, Tesla found itself in the throes of a data breach when two former employees allegedly exposed the company’s confidential information to external parties. In a recent development, a former Tesla staff member has initiated legal action…
Google TAG Exposes North Korean Campaign Targeting Researchers
The team has discovered the exploitation of at least one zero-day flaw in the last few weeks This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Google TAG Exposes North Korean Campaign Targeting Researchers
How to Protect Your Personal Financial Information from Data Brokers
In today’s digital age, personal information is a hot commodity. Data brokers buy and sell this information, often without our knowledge or consent. This can include sensitive financial information, which can be used for identity theft or other fraudulent activities.…
UK’s Nuclear Submarine Base Faces Unprecedented Threats: Russia Implicated in Shocking Incidents
A Russian-linked group of hackers, which has reportedly obtained hundreds of pages of information about critical sites such as HMNB Clyde, which houses the UK’s nuclear weapons arsenal, is believed to have targeted the nuclear weapons arsenal at the…
Apple And ARM Sign Long-Term Chip Deal
Apple has struck a deal with ARM through 2040 and “beyond,” to allow iPhone giant access to the British chip designs This article has been indexed from Silicon UK Read the original article: Apple And ARM Sign Long-Term Chip Deal
Cisco BroadWorks Is Affected by a Critical-Severity Vulnerability
The Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform are both affected by a serious vulnerability that might allow remote attackers to counterfeit credentials and bypass authentication. Cisco BroadWorks is a cloud communication services platform used by…
In Other News: LastPass Vault Hacking, Russia Targets Ukraine Energy Facility, NXP Breach
Noteworthy stories that might have slipped under the radar: LastPass vault hacking, Russia targets energy facility in Ukraine, NXP data breach. The post In Other News: LastPass Vault Hacking, Russia Targets Ukraine Energy Facility, NXP Breach appeared first on SecurityWeek.…
New Phishing Campaign Launched via Google Looker Studio
Check Point has observed a wave of phishing attacks launched via Google Looker Studio to steal credentials and funds from intended victims. The post New Phishing Campaign Launched via Google Looker Studio appeared first on SecurityWeek. This article has been…
Cisco ASA Zero-Day Exploited in Akira Ransomware Attacks
Cisco is warning of a zero-day vulnerability in Cisco ASA and FTD that can be exploited remotely, without authentication, in brute force attacks. The post Cisco ASA Zero-Day Exploited in Akira Ransomware Attacks appeared first on SecurityWeek. This article has…
Emerging threats: Adapting cyber defense to the changing landscape
As we step further into 2023, the digital world presents us with new cybersecurity challenges that can’t be ignored. Ransomware continues to evolve with smarter tactics. Cloud security, once deemed robust, faces fresh vulnerabilities as more businesses transition online. And…
PallyCon DRM License Cipher protects users against software-level DRM vulnerabilities
PallyCon has introduced a new feature called PallyCon DRM License Cipher, designed to address vulnerabilities in software-level DRM solutions. In today’s digital era, the protection of digital content is more crucial than ever. Digital Rights Management (DRM) systems stand as…
Warning: RocketMQ Vulnerability Actively Exploited by Threat Actors
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a new critical-severity vulnerability to its KEV catalog. The issue is tracked as CVE-2023-33246 and it affects Apache’s RocketMQ distributed messaging and streaming platform. Exploiting the vulnerability is possible without authentication…