Recent Security News
-
FTC orders Intuit to stop pushing “free” software that isn’t really free
January 22, 2024 at 04:42PM The FTC ordered Intuit to stop promoting its software as “free” unless it’s truly free for all consumers, following a deceptive advertising campaign for TurboTax. The order prohibits misleading ads and requires clear disclosure of eligibility and terms for free products. Intuit is also barred from providing false information about…
-
North Korea’s ScarCruft Attackers Gear Up to Target Cybersecurity Pros
January 22, 2024 at 03:46PM ScarCruft, a North Korea-sponsored APT group, is preparing for targeted cyberattacks on threat intelligence professionals. They aim to steal nonpublic threat intel and enhance their offensive tactics. The innovative campaign involves using lure related to the Kimsuky APT group to target cybersecurity professionals, and the group is refining their malicious…
-
German IT Consultant Fined Thousands for Reporting Security Failing
January 22, 2024 at 03:31PM A security researcher in Germany was fined €3,000 for reporting a vulnerability in an e-commerce database that put customer information at risk. Modern Solution GmbH downplayed the data exposure, leading to a legal battle. Hendrik H. was initially vindicated by the District Court but was eventually fined and is planning…
-
Apple Ships iOS 17.3, Warns of WebKit Zero-Day Exploitation
January 22, 2024 at 03:24PM Apple has released iOS 17.3 and macOS Sonoma 14.3 updates to address 16 vulnerabilities including WebKit flaws exploited in zero-day attacks. Apple warns of code execution, denial-of-service, and data exposure threats and suspects recent exploitation. The updates also fix security issues in several other components. Apple hasn’t provided technical details…