Top

Category: Security


Cloud security, Security

Break-in at ‘third-party cloud platform’ leaked 110M customer records, says AT&T

July 12, 2024

Via: The Register

AT&T has admitted that cyberattackers grabbed a load of its data for the second time this year, and if you think the first haul was big you haven’t seen anything: This one includes data on “nearly all” AT&T wireless customers […]


Privacy protection, Security

Privacy expert put away for 9 years after ‘grotesque’ cyberstalking campaign

July 11, 2024

Via: The Register

A scumbag who used to work as a privacy consultant has been put behind bars for nine years for a “grotesque” cyberstalking campaign against more than a dozen victims. Sumit Garg, 33, of Seattle, was indicted [PDF] in March 2021 […]


Access control, Security

Google removes enrollment barrier for prospective Advanced Protection Program users

July 10, 2024

Via: Help Net Security

Google has removed a potential obstacle for high-risk users who want to enroll in the company’s Advanced Protection Program (APP): they can now do it just by setting a passkey. Users already enrolled in APP have been provided the option […]


Access control, Security

Selfie-based authentication raises eyebrows among infosec experts

July 8, 2024

Via: The Register

The use of selfies to verify identity online is an emerging trend in some parts of the world since the pandemic forced more business to go digital. Some banks – and even governments – have begun requiring live images over […]


Network security, Security

Ensuring Data Security in Global Talent Outsourcing: Strategies for Mitigating Risks

July 3, 2024

Via: SecureWorld

Organizations increasingly rely on global talent outsourcing to bolster their cybersecurity capabilities. By tapping into a vast pool of skilled professionals worldwide, companies can address skill shortages, optimize costs, and gain access to specialized expertise. However, this trend also introduces […]


Network security, Security

Popular VPN ditches credential logins for Android

July 3, 2024

Via: TechRadar

If you’re an Android user, there’s good news for you: you no longer need to create an account to use Proton VPN – one of the best VPN services on the market. After a successful beta version launched earlier in […]


Network security, Security

Nasty regreSSHion bug in OpenSSH puts roughly 700K Linux boxes at risk

July 1, 2024

Via: The Register

Glibc-based Linux systems are vulnerable to a new bug (CVE-2024-6387) in OpenSSH’s server (sshd) and should upgrade to the latest version. Infosec researchers at Qualys published their findings today, revealing that sshd is vulnerable to a race condition that could […]


Network security, Security

Polyfill.io claims reveal new cracks in supply chain, but how deep do they go?

July 1, 2024

Via: The Register

Libraries. Hushed temples to the civilizing power of knowledge, or launchpads of global destruction? Yep, another word tech has borrowed and debased. Code libraries are essential for adding just the right standard tested functionality to a project. They’re also a […]


Network security, Security

Meta, Microsoft SQL Server make strange bedfellows on a couch of cyber-pain

June 24, 2024

Via: The Register

When two stories from opposite ends of the IT universe boil down to the same thing, sound the klaxons. At the uber-fashionable AI end of tech, Meta has grudgingly complied with a ruling not to feed European social media crap […]


Cloud security, Security

Oracle Ads have had it: $2B operation shuts down after dwindling to $300M

June 14, 2024

Via: The Register

Oracle Advertising is shutting down, CEO Safra Catz said during the database goliath’s fiscal 2024 Q4 earnings call with Wall Street this week. “…in Q4, we decided to exit the advertising business, which had declined to about $300 million in […]


Privacy protection, Security

The legal and ethical implications of sharing the web with bots

June 11, 2024

Via: TechRadar

Bots have rapidly evolved over the years, and with the new era of Artificial Intelligence (AI), they continue progressing. A report shows that in 2022, 47.4% of all internet traffic came from bots. This is a 5.1% increase over the […]


Access control, Security

Snowflake tells customers to enable MFA as investigations continue

June 10, 2024

Via: The Register

Cloud data analytics platform Snowflake said it is going to begin forcing customers to implement multi-factor authentication to prevent more intrusions. The move comes in response to an incident discovered late last month by analysts at Hudson Rock, which saw […]


Network security, Security

26% of organizations lack any form of IT security training

June 7, 2024

Via: Help Net Security

26% of organizations don’t provide IT security training to end-users, according to Hornetsecurity. The Hornetsecurity survey, which compiled feedback from industry professionals worldwide, also reveals that 8% of organizations offer adaptive training that evolves based on the results of regular […]


Cloud security, Security

The growing dichotomy of AI-powered code in cloud-native security

June 3, 2024

Via: CSO Online

AI-generated code promises to reshape cloud-native application development practices, offering unparalleled efficiency gains and fostering innovation at unprecedented levels. However, amidst the allure of newfound technology lies a profound duality—the stark contrast between the benefits of AI-driven software development and […]


Network security, Security

Take two APIs and call me in the morning: How healthcare research can cure cyber crime

May 28, 2024

Via: The Register

Some ideas work better than others. Take DARPA, the US Defense Advanced Research Projects Agency. Launched by US President Dwight Eisenhower in 1957 response to Sputnik, its job is to create and test concepts that may be useful in thwarting […]


Privacy protection, Security

Windows Recall — a ‘privacy nightmare’?

May 24, 2024

Via: Computerworld

Windows Recall, the new feature that records a user’s screen at regular intervals, has been labelled a “privacy nightmare” due to potential data privacy and security risks. Microsoft announced the generative AI-based tool on Monday; it records “snapshots” of a […]


Privacy protection, Security

EU probes Meta over its provisions for protecting children

May 16, 2024

Via: The Register

The European Commission has opened formal proceedings to assess whether Meta, the provider of Facebook and Instagram, may have breached the Digital Services Act (DSA) in areas linked to the protection of minors. The action follows a separate probe into […]


Network security, Security

Improving cyber defense with open source SIEM and XDR

May 15, 2024

Via: The Register

A cyber defense strategy outlines policies, procedures, and technologies to prevent, detect, and respond to cyber attacks. This helps avoid financial loss, reputational damage, and legal repercussions. Developing a cyber defense strategy involves evaluating business risks, implementing security controls and […]


Privacy protection, Security

Google, Apple gear to raise tracking tag stalker alarm

May 14, 2024

Via: The Register

Google and Apple are rolling out an anti-stalking feature for Android 6.0+ and iOS 17.5 that will issue an alert if some scumbag is using a gadget like an AirTag or similar to clandestinely track the user. Basically, if someone […]


Application security, Security

97% of security leaders have increased SaaS security budgets

May 3, 2024

Via: Help Net Security

58% of the organizations were affected by a SaaS security incident in the last 18 months, according to Valence Security’s 2024 State of SaaS Security Report. Likely, as a result, 96% security leaders have made SaaS security a top priority […]