May 8, 2024 at 12:08PM CISA director Jen Easterly stressed the need to improve software security to combat ransomware attacks in critical infrastructure. She urged collective efforts and highlighted the government’s role in pushing for more secure technology. Chris Krebs emphasized the potential levers to enhance technology security, including voluntary efforts, litigation, regulatory action, and … Read more
May 4, 2024 at 02:03PM Dating apps harvest excessive personal data from users, with poor privacy protection. Mozilla’s research flagged 22 out of 25 popular dating apps for privacy concerns. This includes gathering sensitive information like HIV status, and sharing user data for advertising. Many apps also plan to integrate AI, raising further privacy issues. … Read more
April 23, 2024 at 04:34AM A UK-based company, VISAV, fixed a bug in its Neighbourhood Alert platform following a report of a security issue. The bug had allowed unverified users to access personal data of registered members, including police officers and MPs. Once aware, the company promptly rectified the issue and reported itself to the … Read more
April 22, 2024 at 10:45AM SafeBreach security researcher Shmuel Cohen demonstrated how endpoint detection and response (EDR) solutions, such as Palo Alto Networks’ Cortex XDR, could be manipulated into malicious offensive tools. Cohen identified weaknesses, allowing an attacker to deploy ransomware, elevate privileges, and remain undetected. Palo Alto Networks addressed these issues with automatic content … Read more
April 18, 2024 at 05:57AM A global law enforcement operation disrupted the LabHost phishing platform, leading to the arrest of 37 suspects, including the original developer. LabHost, launched in 2021, offered phishing tools and infrastructure, with a popular feature called LabRat. The operation involved 19 countries and private sector partners and resulted in the seizure … Read more
April 18, 2024 at 04:03AM Cybercrime experts surveyed reveal expected leaders Russia, Ukraine, and China as top cybercrime-producing nations, along with surprising results. Based on the meeting notes, the clear takeaway is that the top cybercrime-producing nations, according to a survey of experts, include expected leaders Russia, Ukraine, and China, as well as some surprises. … Read more
April 12, 2024 at 04:31PM Google is discontinuing its VPN service for Google One subscribers and Pixel smartphone owners, with the VPN set to be taken offline later this year due to low demand. The service, introduced in 2020, will still be available to Pixel 7 and newer phone owners. The decision aligns with Google’s … Read more
April 11, 2024 at 10:20AM Apple has warned iPhone users in 92 countries of a “mercenary spyware attack” attempting to compromise their devices remotely. It advises taking immediate action, including enabling lockdown mode and updating software. These sophisticated attacks often target journalists, activists, and politicians. Apple is actively notifying and assisting users in response to … Read more
April 2, 2024 at 12:36AM Common Good Cyber is a global consortium that brings together nonprofit, private sector, and government organizations to support initiatives dedicated to securing the Internet infrastructure. Based on the meeting notes, it appears that Common Good Cyber is a global consortium that connects nonprofit, private sector, and government organizations. The consortium’s … Read more
March 28, 2024 at 04:15AM MIT study finds 98% of students willing to share friends’ emails for free pizza, highlighting privacy paradox. Telegram’s new P2PL feature offers free premium membership in exchange for using users’ phone numbers for OTP relay. Users cautioned about privacy risks, spam, unwanted contacts. Meta accused of intercepting Snapchat traffic for … Read more