What is PIPEDA? The Personal Information Protection and Electronic Documents Act (PIPEDA) is Canada’s main privacy law for businesses. It sets out the rules for how companies should collect, use, and share personal information in a way that respects individuals’…
Category: EN
German Police Shutter 47 Criminal Crypto Exchanges
Officers in Germany have shut down 47 cryptocurrency exchanges they accused of facilitating cybercrime This article has been indexed from www.infosecurity-magazine.com Read the original article: German Police Shutter 47 Criminal Crypto Exchanges
Phishing links with @ sign and the need for effective security awareness building, (Mon, Sep 23rd)
While going over a batch of phishing e-mails that were delivered to us here at the Internet Storm Center during the first half of September, I noticed one message which was somewhat unusual. Not because it was untypically sophisticated or…
Qualcomm ‘Offers To Buy Intel’
Mobile chip giant Qualcomm approached Intel with an acquisition offer in recent days, Wall Street Journal reports This article has been indexed from Silicon UK Read the original article: Qualcomm ‘Offers To Buy Intel’
FreeBSD RCE Vulnerability Let Attackers Execute Malicious Code
FreeBSD has disclosed a critical remote code execution (RCE) vulnerability affecting its bhyve hypervisor. This vulnerability, CVE-2024-41721, could allow attackers to execute malicious code on the host system. The advisory, which was announced on September 19, 2024, credits Synacktiv with…
macOS Sequoia Update Breaks Multiple Security Tools
Apple’s latest operating system update, macOS 15, also known as Sequoia, has disrupted the functionality of several prominent security tools. Users and developers have taken to social media and Mac-focused Slack channels to express their frustration over the issues caused…
A week in security (September 16 – September 22)
A list of topics we covered in the week of September 16 to September 22 of 2024 This article has been indexed from Malwarebytes Read the original article: A week in security (September 16 – September 22)
Privacy and API security: What’s at stake?
APIs (Application Programming Interface) have assumed an indispensable role in the digital space, facilitating seamless communication and data exchange between an array of software applications and services. They underpin our daily interactions, from ordering meals through food delivery apps to…
Move over, Cobalt Strike. Splinter’s the new post-exploit menace in town
No malware crew linked to this latest red-teaming tool yet Attackers are using Splinter, a new post-exploitation tool, to wreak havoc in victims’ IT environments after initial infiltration, utilizing capabilities such as executing Windows commands, stealing files, collecting cloud service…
New PondRAT Malware Hidden in Python Packages Targets Software Developers
Threat actors with ties to North Korea have been observed using poisoned Python packages as a way to deliver a new malware called PondRAT as part of an ongoing campaign. PondRAT, according to new findings from Palo Alto Networks Unit…
Google Chrome gets rid of Password menace
Passwords are essential for protecting online accounts from compromise, misuse, or deletion. However, remembering and entering them each time you log in can be quite a hassle. To streamline this process, Google has introduced a passwordless method using passkeys for…
Benefits of Data Protection and GDPR Compliance for Businesses
In today’s digital era, data protection and compliance with the General Data Protection Regulation (GDPR) are not just legal requirements; they are vital for business success. Here’s how businesses can benefit from prioritizing data protection and adhering to GDPR. 1.…
Hacktivist group Twelve is back and targets Russian entities
Hacktivist group Twelve is back and targets Russian entities to destroy critical assets and disrupt their operations. The hacktivist group Twelve has been active since at least April 2023, it was formed in the wake of the conflict between Russia…
Analysis of ENISA’s 2024 Threat Landscape Report: Key Takeaways and Implications
The European Union Agency for Cybersecurity (ENISA) has released its annual Threat Landscape report for 2024, providing crucial insights into the evolving cybersecurity challenges facing the EU. Here are the key takeaways: Prime Threats Remain Consistent Denial of Service (DDoS)…
Chinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR Malware
A suspected advanced persistent threat (APT) originating from China targeted a government organization in Taiwan, and possibly other countries in the Asia-Pacific (APAC) region, by exploiting a recently patched critical security flaw impacting OSGeo GeoServer GeoTools. The intrusion activity, which…
Tor browser anonymity cracked by German police: Cyber Security Today for Monday, September 23, 2024
Security Risks with Apple’s OS Update, Disney Ditches Slack, and GitHub Hack Alert In this episode of Cyber Security Today, host Jim Love discusses pressing issues in the cybersecurity landscape: Apple’s latest macOS update, Sequoia version 15, causing compatibility issues…
Certainly: Open-source offensive security toolkit
Certainly is an open-source offensive security toolkit designed to capture extensive traffic across various network protocols in bit-flip and typosquatting scenarios. Built-in protocols: DNS, HTTP(S), IMAP(S), SMTP(S). “The reason why we created Certainly was to simplify the process of capturing…
GameVN – 1,369,485 breached accounts
In May 2016, the Vietnamese gaming forum GameVN suffered a data breach that was later redistributed as part of a larger corpus of data. Data breached from the XenForo-based forum included 1.4M unique email addresses, usernames, IP addresses and salted…
Paid open-source maintainers spend more time on security
Paid maintainers are 55% more likely to implement critical security and maintenance practices than unpaid maintainers and are dedicating more time to implementing security practices like those included in industry standards like the OpenSSF Scorecard and the NIST Secure Software…
Offensive cyber operations are more than just attacks
In this Help Net Security interview, Christopher Jones, Chief Technology Officer and Chief Data Officer at Nightwing, talks about some key misconceptions and complexities surrounding offensive cyber operations. Many myths stem from a simplistic view of these operations, ranging from…