Commanders in the field persuaded to give up, let their guard down, run around and desert their posts Australia’s Signals Directorate, the signals intelligence organization, has revealed it employed zero-click attacks on devices used by fighters for Islamic State of…
Virtual claims raise alarms among insurance carriers and customers
As the digital revolution changes the claims process, both carriers and customers are increasingly concerned about data privacy, according to LexisNexis Risk Solutions. More than 60% of consumers have concerns over the security of their personally identifiable information when they…
A new wave of sophisticated digital fraud hits Europe
Forced verification and deepfake cases multiply at alarming rates in the UK and continental Europe, according to Sumsub. In Germany alone, forced verification grew by 1500% as a proportion of all fraud cases, from 0.3% in the full year 2022…
Toyota admits to yet another cloud leak
Also, hackers publish RaidForum user data, Google’s $180k Chrome bug bounty, and this week’s vulnerabilities infosec in brief Japanese automaker Toyota is again apologizing for spilling customer records online due to a misconfigured cloud environment – the same explanation it…
Katie Boswell on AI security and women’s rise in cybersecurity
Katie Boswell spent years on the front lines securing the most critical national infrastructure in energy and life sciences. Yet, earlier in her career, she was told that senior leadership was not for her if she planned on becoming a…
Meet TeamT5, the Taiwanese infosec outfit taking on Beijing and defeating its smears
Living in the eye of the geopolitical storm is not easy, but is good for business In late September 2021, staff at Taiwanese threat intelligence company TeamT5 noticed something very nasty: a fake news report accusing it of conducting phishing…
IT Security News Weekly Summary – Week 22
IT Security News Daily Summary 2023-06-04 Friday Squid Blogging: Squid Chromolithographs The Unintended Consequences of Netflix’s Password Sharing Ban Security Affairs newsletter Round 422 by Pierluigi Paganini – International edition Music Streaming Royalties To Be Examined by The UK Government…
IT Security News Daily Summary 2023-06-04
Friday Squid Blogging: Squid Chromolithographs The Unintended Consequences of Netflix’s Password Sharing Ban Security Affairs newsletter Round 422 by Pierluigi Paganini – International edition Music Streaming Royalties To Be Examined by The UK Government Which Country Ranked the Highest in…
Friday Squid Blogging: Squid Chromolithographs
Beautiful illustrations. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. EDITED TO ADD (6/4): Slashdot thread. This article has been…
The Unintended Consequences of Netflix’s Password Sharing Ban
Netflix’s recent ban on password sharing may have initially appeared as a step forward for cybersecurity. However, emerging data suggest that this policy change has led some users to explore alternative streaming options on the Dark Web. In addition to…
Security Affairs newsletter Round 422 by Pierluigi Paganini – International edition
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Xplain…
Music Streaming Royalties To Be Examined by The UK Government
Since the early days of the music industry, musicians, writers, and other creatives have spoken out about the unfairness of royalty share payments. This is when their works are played on Spotify and Apple Music. There will be a…
Which Country Ranked the Highest in the Global National Privacy Test?
Apparently, it has turned out that what is known to be the world’s smallest country has also been named the most literate in terms of cybersecurity: Vatican City. As per the National Privacy Test carried out by one of the…
Government and Military Institutions Under Persistent Attacks by Dark Pink Hackers
In 2023, the Dark Pink APT cyber group has been spotted targeting government, military, and education organisations in Indonesia, Brunei, and Vietnam. The threat group has been active since at least mid-2021, primarily targeting companies in the Asia-Pacific region,…
What B2C Service Providers can Learn From Netflix’s Accidental Model
Netflix made a policy error last month that might provide consumers with long-term security benefits. For other business-to-consumer (B2C) firms wishing to enhance client account security, this unintentional pro-customer safety action may serve as a lesson. On May 23,…
Most Important Web Server Penetration Testing Checklist
Web server pentesting is performed under 3 significant categories: Identity, Analyse, and Report Vulnerabilities such as authentication weakness, configuration errors, and protocol Relation vulnerabilities. 1. “Conduct a serial of methodical and Repeatable tests “ is the best way to test the web…
Cybersecurity Crisis: Anonymous Sudan Demands $3 Million from SAS Airlines
Scandinavian Airlines (SAS) is currently facing a severe cybersecurity threat as the hacktivist group Anonymous Sudan continues its relentless distributed denial-of-service (DDoS) attacks. The group recently raised its ransom demand from an initial $3,500 to a staggering $3 million. These…
Confidential computing: From root of trust to actual trust
This article is the fourth in a six-part series where we present various use cases for confidential computing—a set of technologies designed to protect data in use, like memory encryption, and what needs to be done to get the technologies’…
Xplain hack impacted the Swiss cantonal police and Fedpol
Several Swiss cantonal police, the army, customs and the Federal Office of Police (Fedpol) were impacted by the attack against IT firm Xplain. Swiss police launched an investigation into the cyber attack that hit the Bernese IT company Xplain, which provides…
Zyxel published guidance for protecting devices from ongoing attacks
Zyxel has published guidance for protecting firewall and VPN devices from the ongoing attacks recently discovered. Zyxel has published guidance for protecting firewall and VPN devices from ongoing attacks exploiting CVE-2023-28771, CVE-2023-33009, and CVE-2023-33010 vulnerabilities. “Simultaneously, Zyxel has been urging users to…
Week in review: MOVEit Transfer critical zero-day vulnerability, Kali Linux 2023.2 released
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: MOVEit Transfer zero-day attacks: The latest info Progress Software has updated the security advisory and confirmed that the vulnerability (still without a CVE number) is…
Cyber Security Management System (CSMS) for the Automotive Industry
KeePass password manager update improves security
Dominik Reichl, the lead developer of the KeePass password manager, has released KeePass 2.54 to the public. The new version of the application improves security in several meaningful ways, and it addresses […] Thank you for being a Ghacks reader.…
IT Security News Daily Summary 2023-06-03
Insider Q&A: Artificial Intelligence and Cybersecurity In Military Tech SAS Airlines Faces $3 Million Ransom Demand After DDoS Attacks Kimsuky APT poses as journalists and broadcast writers in its attacks Harvard Pilgrim Health Care Hit by Ransomware Attack Upsurge in…
Insider Q&A: Artificial Intelligence and Cybersecurity In Military Tech
Shift5 founder Josh Lospinoso discusses AI and how software vulnerabilities in weapons systems are a major threat to the U.S. military. The post Insider Q&A: Artificial Intelligence and Cybersecurity In Military Tech appeared first on SecurityWeek. This article has been…
SAS Airlines Faces $3 Million Ransom Demand After DDoS Attacks
Scandinavian Airlines (SAS) has recently become the target of a series of Distributed Denial of Service (DDoS) attacks, resulting in a $3 million ransom demand from a hacker group called Anonymous Sudan. This incident highlights the increasing sophistication and…
Kimsuky APT poses as journalists and broadcast writers in its attacks
North Korea-linked APT group Kimsuky is posing as journalists to gather intelligence, a joint advisory from NSA and FBI warns. A joint advisory from the FBI, the U.S. Department of State, the National Security Agency (NSA), South Korea’s National Intelligence Service…