Proton launches free, privacy-focused Google Docs alternative

July 3, 2024 at 06:53AM Proton unveiled ‘Docs in Proton Drive,’ an encrypted web-based document collaboration tool. The Swiss company, known for privacy-focused services, including Proton VPN and Proton Mail, transitioned to a non-profit organization. Proton Docs offers end-to-end encryption, secure image embedding, open-source code, and real-time collaboration. It integrates seamlessly with other Proton products, … Read more

Meta’s ‘Pay or Consent’ Approach Faces E.U. Competition Rules Scrutiny

July 2, 2024 at 02:08AM Meta’s ad-free subscription plan in the EU faces scrutiny for allegedly breaching competition rules. The European Commission claims the “pay or consent” model violates the Digital Markets Act by not offering an equivalent non-personalized alternative. Meta’s stance could lead to hefty fines and ongoing discussions with regulators. Grindr also faces … Read more

Papua New Guinea Sets High Bar in Data Security

July 1, 2024 at 07:08PM In a time of sophisticated cyber threats, protecting sensitive data is standard. Papua New Guinea (PNG) stands out by embracing proactive cybersecurity measures, including a comprehensive National Data Protection and Governance Policy. PNG’s strategy emphasizes responsible data sharing, establishes clear guidelines, and aligns with international standards, demonstrating its commitment to … Read more

Meet Brain Cipher — The new ransomware behind Indonesia’s data center attack

June 29, 2024 at 11:02AM Brain Cipher, a new ransomware operation, has targeted organizations globally. In a recent high-profile attack on Indonesia’s temporary National Data Center, over 200 government agencies were disrupted. The ransomware demanded $8 million in Monero cryptocurrency and threatened to leak allegedly stolen data. Brain Cipher also launched a data leak site … Read more

Unlock the future of security

June 28, 2024 at 11:05AM Join the exclusive webinar “The New Meaning of Identity Security” by industry experts on July 17 at 9am PT / 12pm ET / 5 pm BST. Discover innovative strategies, best practices, and real-world case studies to enhance your organization’s security posture. Register now to stay ahead of the curve and … Read more

New SnailLoad Attack Exploits Network Latency to Spy on Users’ Web Activities

June 28, 2024 at 06:45AM Security researchers from Graz University of Technology have revealed a new side-channel attack, SnailLoad, capable of remotely inferring a user’s web activity. By exploiting network latency, the attack allows attackers to deduce websites visited or videos watched without needing to be in physical proximity to the victim’s Wi-Fi connection. Additionally, … Read more

Your Phone’s 5G Connection is Vulnerable to Bypass, DoS Attacks

June 27, 2024 at 01:13PM Wireless service providers prioritize uptime and lag time, sometimes compromising security. This can enable attackers to exploit vulnerabilities, resulting in data theft and other serious consequences. Based on the meeting notes, the key takeaway is that wireless service providers prioritize uptime and lag time, sometimes at the expense of security, … Read more

Neiman Marcus Customers Impacted by Snowflake Data Breach

June 26, 2024 at 01:41PM Neiman Marcus confirmed data theft affecting 65,000 customers through attacks on Snowflake. “Sp1d3r” sold personal data for $150,000. Over 70 million transactions, 50 million emails, and 12 million gift card numbers were for sale. UNC5537 accessed accounts using valid credentials due to lack of multifactor authentication, impacting 165 organizations. Strengthening … Read more

New MOVEit Transfer Vulnerability Under Active Exploitation – Patch ASAP!

June 26, 2024 at 11:21AM A critical security flaw CVE-2024-5806 impacting Progress Software MOVEit Transfer enables attackers to bypass SFTP authentication, with exploitation attempts already reported. Researchers emphasize risks and urge immediate action, including patching and restricting server access. The flaw affects numerous systems worldwide, making prompt updates essential. CISA also disclosed a recent cybersecurity … Read more

P2Pinfect Worm Now Dropping Ransomware on Redis Servers

June 26, 2024 at 08:08AM The P2Pinfect worm, originally targeting Redis servers, has been modified to include ransomware and cryptocurrency mining payloads. This new update poses a heightened threat to Redis servers. This update was reported by SecurityWeek. Based on the meeting notes, the key takeaways are: – The P2Pinfect worm, previously targeting Redis servers, … Read more