From bleepingcomputer.com
FCC orders telecoms to secure their networks after Salt Tyhpoon hacks
10 10
The Federal Communications Commission (FCC) has ordered U.S. telecommunications carriers to secure their networks following last year's Salt Typhoon security breaches.
#cysec #infosec #BleepingComputer #security
9h ago
From bleepingcomputer.com
Microsoft starts force upgrading Windows 11 22H2, 23H3 devices
9 9
Microsoft has started the forced rollout of Windows 11 24H2 to eligible, non-managed systems running the Home and Pro editions of Windows 11 22H2 and 23H2.
#cysec #forced #update #ceptbiro #security #cybersecurity #BleepingComputer #infosec #Windows11 #microsoft
10h ago
From bleepingcomputer.com
FTC orders GoDaddy to fix poor web hosting security practices
9 9
The Federal Trade Commission (FTC) will require web hosting giant GoDaddy to implement basic security protections, including HTTPS APIs and mandatory multi-factor authentication, to settle charges that it failed to secure its hosting services against attacks since 2018.
#News #tech #cysec #secops #privacy #business #Technology #BleepingComputer #godaddy #infosec
12h ago
From bleepingcomputer.com
LiteSpeed Cache bug exposes 6 million WordPress sites to takeover attacks
9 9
Yet, another critical severity vulnerability has been discovered in LiteSpeed Cache, a caching plugin for speeding up user browsing in over 6 million WordPress sites.
#cysec #litespeed #wordpress #prattohome #cybersecurity #infosec #BleepingComputer #security
on Sep 5
From bleepingcomputer.com
Otelier data breach exposes info, hotel reservations of millions
8 8
Hotel management platform Otelier suffered a data breach after threat actors breached its Amazon S3 cloud storage to steal millions of guests' personal information and reservations for well-known hotel brands like Marriott, Hilton, and Hyatt.
#cysec #infosec #BleepingComputer #security
5h ago
From bleepingcomputer.com
Russian military hackers linked to critical infrastructure attacks
8 8
The United States and its allies have linked a group of Russian hackers (tracked as Cadet Blizzard and Ember Bear) behind global critical infrastructure attacks to Unit 29155 of Russia's Main Directorate of the General Staff of the Armed Forces (also known as GRU).
#cysec #infosec #StopPutin #sendthef16s #ArmUkraineNow #BleepingComputer #security
on Sep 5
From bleepingcomputer.com
FTC cracks down on Genshin Impact gacha loot box practices
7 7
Genshin Impact developer Cognosphere (aka Hoyoverse) has agreed to a $20 million settlement with the U.S. Federal Trade Commission (FTC) over its gacha loot box monetization and is now banned from selling them to teens under the age of sixteen without parental consent.
#cysec #infosec #BleepingComputer #gaming #government
3h ago
From bleepingcomputer.com
Malicious PyPi package steals Discord auth tokens from devs
7 7
A malicious package named 'pycord-self' on the Python package index (PyPI) targets Discord developers to steal authentication tokens and plant a backdoor for remote control over the system.
#cysec #infosec #BleepingComputer #security
6h ago
From bleepingcomputer.com
Microsoft fixes Office 365 apps crashing on Windows Server systems
7 7
Microsoft has fixed a known issue that caused Microsoft 365 applications and Classic Outlook to crash on Windows Server 2016 or Windows Server 2019 systems.
#cysec #ceptbiro #security #cybersecurity #office365apps #BleepingComputer #windowsserversystems #infosec #microsoft
8h ago
From bleepingcomputer.com
Microsoft removes revenge porn from Bing search using new tool
7 7
Microsoft announced today that it has partnered with StopNCII to proactively remove harmful intimate images and videos from Bing using digital hashes people create from their sensitive media.
#cysec #infosec #prattohome #security #Technology #BleepingComputer #artificialintelligence
on Sep 5
From thehackernews.com
Veeam Releases Security Updates to Fix 18 Flaws, Including 5 Critical Issues
7 7
Veeam releases updates fixing 18 security flaws, including critical remote code execution vulnerabilities. Users urged to update software to prevent p
#it #cysec #privacy #hackernews #News #infosec #cybersecurity
on Sep 5
From bleepingcomputer.com
US sanctions Chinese firm, hacker behind telecom and Treasury hacks
6 6
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) has sanctioned Yin Kecheng, a Shanghai-based hacker for his role in the recent Treasury breach and a company associated with the Salt Typhoon threat group.
#cysec #infosec #BleepingComputer #legal #security
8h ago
From bleepingcomputer.com
Apache fixes critical OFBiz remote code execution vulnerability
6 6
Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers.
#cysec #infosec #BleepingComputer #security
on Sep 5
From thehackernews.com
Apache OFBiz Update Fixes High-Severity Flaw Leading to Remote Code Execution
4 4
Apache OFBiz vulnerability CVE-2024-45195 patched, preventing unauthenticated remote code execution on Linux and Windows.
#News #cysec #privacy #hackernews #infosec #cybersecurity
on Sep 6
From thehackernews.com
Critical Security Flaw Found in LiteSpeed Cache Plugin for WordPress
3 3
WordPress LiteSpeed Cache plugin vulnerability could allow unauthenticated account takeover. Update now to fix the issue.
#it #News #cysec #infosec #hackernews #cybersecurity
on Sep 6
From darkreading.com
Has the TikTok Ban Already Backfired on US Cybersecurity?
2 2
The Supreme Court has affirmed TikTok's ban in the US, which has its users in revolt and is creating a whole new set of national cybersecurity concerns.
3h ago
From thecyberwire.com
2 2
The FBI warns agents of hacked call and text logs. The US Treasury sanctions entities tied to North Korea’s fake IT worker operations. Russian hacking group Star Blizzard attempted to infiltrate WhatsApp accounts of nonprofits supporting Ukraine. Yubico discloses a critical vulnerability in its...
#News #cysec #infosec #cyberwire #cybersecurity
3h ago
From darkreading.com
Employees Enter Sensitive Data Into GenAI Prompts Too Often
2 2
The propensity for users to enter customer data, source code, employee benefits information, financial data, and more into ChatGPT, Copilot, and others is racking up real risk for enterprises.
4h ago
From darkreading.com
US Sanctions Chinese Hacker for Treasury Breach
2 2
The cyber actor played a role in the Treasury breach as well as attacks on critical infrastructure, linked to China-backed advanced persistent threat (APT) group Salt Typhoon.
4h ago
From darkreading.com
15K Fortinet Device Configs Leaked to the Dark Web
2 2
The stolen firewall data is thorough but more than 2 years old now, meaning that most organizations following even basic security practices face minimal risk, hopefully.
4h ago
From thecyberwire.com
US Treasury sanctions entities tied to North Korea's fake IT worker operations.
2 2
Biden Administration won't enforce TikTok ban. Russia's Star Blizzard targets WhatsApp accounts.
#News #cysec #infosec #cyberwire #cybersecurity
8h ago
From thecyberwire.com
Zuckerberg, TikTok, and Treadmills That Sniff
2 2
Welcome back to The FAIK Files! When tech gets weird, we're here to help make sense of it all. This week, we’re tackling: -Meta’s latest moves—from layoffs to fact-checker cuts and a "Community Notes" pivot. -The TikTok vs. U.S. showdown, its ripple effects, and why users are flocking to...
#cysec #infosec #cyberwire #HumanFactors #cybersecurity
9h ago
From darkreading.com
Using Behavioral Insights to Counter LLM-Enabled Hacking
2 2
As LLMs broaden access to hacking and diversify attack strategies, understanding the thought processes behind these innovations will be vital for bolstering IT defenses.
10h ago
From csoonline.com
DORA-Umsetzung hält Banken-CISOs auf Trab
2 2
Die Frist für die Umsetzung der EU-Verordnung DORA ist abgelaufen. Doch wie weit sind die Finanzdienstleister?
#cso #cysec #cybersecurity #artificialintelligence
11h ago
From csoonline.com
Poor patching regime is opening businesses to serious problems
2 2
About 70% of organizations did not regularly patch flaws in their internet-facing systems, according to an S&P Global Ratings report.
#cso #cysec #security #cybersecurity #vulnerabilities
13h ago
From csoonline.com
EU’s DORA could further strain cybersecurity skills gap
2 2
As the EU’s Digital Operational Resilience Act comes into force, financial sector firms, especially smaller ones, may face resources constraints, adding pressure on security talent markets.
#cso #cysec #security #compliance #regulation #cybersecurity #financialservicesindustry
19h ago
From csoonline.com
2 2
Kein Cyberangriff ohne Payload. Doch was genau meint der Begriff, welche Arten gibt es und wie lassen sich böswillige Nutzlasten erkennen und bekämpfen?
#cso #cysec #cybersecurity #riskmanagement
21h ago
From darkreading.com
Russian APT Phishes Kazakh Gov't for Strategic Intel
2 2
A highly targeted cyber-intelligence campaign adds fuel to the increasingly complex relationship between the two former Soviet states.
21h ago
From csoonline.com
Millions of tunneling hosts are vulnerable to spoofing, DDoS attacks, say researchers
2 2
The solution: Use IPsec and similar security protocols to protect against exploitation by threat actors.
#cso #cysec #cybersecurity #authentication #vulnerabilities #internetsecurity
21h ago
From thecyberwire.com
U.S. rains on Russia’s fake news parade.
2 2
The DOJ disrupts Russia’s Doppelganger. NSA boasts over 1,000 public and private partners. The FBI warns of North Korean operatives launching “complex and elaborate” social engineering attacks. Iran pays the ransom to sure up their banking system. Cisco has disclosed two critical vulnerabilities...
#News #cysec #infosec #cyberwire #cybersecurity
on Sep 5
From darkreading.com
Biden Files Charges Against Russian Election Meddlers
2 2
Working with the Treasury and Justice departments, the president has sanctioned anti-democratic Russian adversaries.
on Sep 5
From thecyberwire.com
UK pivots on its AI strategy by significantly cutting funding investments.
2 2
Research finds that China is growing its social media influence operations ahead of the US election.
#News #cysec #infosec #cyberwire #cybersecurity
on Sep 5
From cybersecurity-insiders.com
Microsoft exposes WhatsApp Spear Phishing Campaign of Star Blizzard - Cybersecurity Insiders
1 1
AI is evolving at a rapid pace, and the uptake of Generative AI (GenAI) is revolutionising the way humans interact and leverage this technology. GenAI is
#cysec #infosec #insiders #cybersecurity
10h ago
From cybersecurity-insiders.com
State of Network Threat Detection 2024 Report - Cybersecurity Insiders
1 1
AI is evolving at a rapid pace, and the uptake of Generative AI (GenAI) is revolutionising the way humans interact and leverage this technology. GenAI is
#cysec #infosec #insiders #cybersecurity
16h ago
From cybersecurity-insiders.com
How Video-Based Training Drives Compliance in Cybersecurity Policies - Cybersecurity Insiders
1 1
AI is evolving at a rapid pace, and the uptake of Generative AI (GenAI) is revolutionising the way humans interact and leverage this technology. GenAI is
#cysec #infosec #insiders #cybersecurity
19h ago
From cybersecurity-insiders.com
NSA issues warning to iPhone users on data security - Cybersecurity Insiders
1 1
AI is evolving at a rapid pace, and the uptake of Generative AI (GenAI) is revolutionising the way humans interact and leverage this technology. GenAI is
#cysec #infosec #insiders #cybersecurity
19h ago
From cybersecurity-insiders.com
1 1
AI is evolving at a rapid pace, and the uptake of Generative AI (GenAI) is revolutionising the way humans interact and leverage this technology. GenAI is
#cysec #infosec #insiders #cybersecurity
on Sep 6
From cybersecurity-insiders.com
Identity verification: The key to the security of sporting events - Cybersecurity Insiders
1 1
AI is evolving at a rapid pace, and the uptake of Generative AI (GenAI) is revolutionising the way humans interact and leverage this technology. GenAI is
#cysec #infosec #insiders #cybersecurity
on Sep 6
From darkreading.com
What is the Shared Fate Model?
1 1
New threats, an overburdened workforce, and regulatory pressures mean cloud service providers need a more resilient model than the shared responsibility framework. That's where "shared fate" comes in.
on Sep 6
From darkreading.com
Malvertising Campaign Phishes Lowe's Employees
1 1
Retail employees are being duped into divulging their credentials by typosquatting malvertisements.
on Sep 5
From csoonline.com
Boost security and control at every stage of the cloud application lifecycle
1 1
From complexity to proficiency: How CNAPP transforms cloud security across the application lifecycle.
on Sep 5
From darkreading.com
China's 'Earth Lusca' Propagates Multiplatform Backdoor
1 1
The malware, KTLVdoor, has already been found on more than 50 command-and-control servers and enables full control of any environment it compromises.
on Sep 5
From darkreading.com
Chinese 'Tropic Trooper' APT Targets Mideast Governments
1 1
In the past, the group has targeted different sectors in East and Southeast Asia, but recently has pivoted its focus to the Middle East, specifically to entities that publish human rights studies.
on Sep 5