OpenAI, the maker of ChatGPT, has been accused of a series of data protection breaches in a GDPR complaint filed by a privacy researcher. The complaint argues that OpenAI infringes EU privacy rules in areas such as lawful basis, transparency,…
Preparing for the Future: Understanding Identity’s Role in Data Security
By Gal Helemski, Co-Founder and CTO/CPO at PlainID “Data is the lifeblood of an organization.” Becoming somewhat of a platitude in the security space, it’s challenging to believe every organization truly upholds this sentiment. Yes, data is used to generate…
Hackers infiltrate servers of Japanese Government Cybersecurity Agency
In a concerning turn of events, the servers of Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) fell victim to a cyberattack by a hacking group, highlighting the vulnerability of even the most secure digital entities. NISC…
Why is .US Being Used to Phish So Many of Us?
Domain names ending in “.US” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. This is noteworthy because .US is overseen by the U.S. government, which is frequently the…
Smishing Triad: China-Based Fraud Network Exposed
Resecurity explained the “Smishing Triad” campaign exclusively utilizes iMessages This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Smishing Triad: China-Based Fraud Network Exposed
Dive into the Deep Sea: A View of the Subsea Cable Ecosystem
The European Union Agency for Cybersecurity (ENISA) publishes a report on the subsea cable ecosystem and highlights today’s major cybersecurity challenges. This article has been indexed from News items Read the original article: Dive into the Deep Sea: A View…
Threat Actors Targeting Microsoft SQL Servers to Deploy FreeWorld Ransomware
Threat actors are exploiting poorly secured Microsoft SQL (MS SQL) servers to deliver Cobalt Strike and a ransomware strain called FreeWorld. Cybersecurity firm Securonix, which has dubbed the campaign DB#JAMMER, said it stands out for the way the toolset and…
Esteemed Cybersecurity PR Agency Turns 28
Today, award-winning cybersecurity PR agency, Eskenzi PR, turns 28. The agency, founded in 1995 by Yvonne Eskenzi and Neil Stinchcombe, has worked with some of the largest names in the cybersecurity industry and helped many organisations through sales, acquisitions and…
OpenAI’s GPTBot Faces Media Backlash in France Over Data Collection Fears
A new level of tension has been created between the press and giants within the artificial intelligence industry. The OpenAI robot that runs on websites to suck up content and train its AI models, including the famous ChatGPT conversational…
GhostSec: Hacktivist Breach Iranian Surveillance Software
Hacking group GhostSec confirmed that they have taken down Fanap Behnama – Iran’s privacy-invading software – and also mentioned details of its surveillance capabilities. Apparently, GhostSec exposed 20GB of data that involved source code relating to face recognition and motion…
Flight Data Issues Trigger UK Air Traffic Control Failure
A significant air traffic control malfunction resulted in extensive flight disruptions, leaving numerous passengers stranded both domestically and internationally. The root cause of this disruption was attributed to issues with the reception of flight data. Martin Rolfe, the CEO…
Open-Source Malware SapphireStealer Expands
Cisco Talos said SapphireStealer has evolved significantly, resulting in multiple variants This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Open-Source Malware SapphireStealer Expands
New Study Reveals Airbnb as a Haven for Cybercrime
Cybercriminals have been increasingly using the Airbnb network for illicit activities. A new research by cybersecurity experts at SlashNext uncovered the methods employed by these malicious actors to hack user accounts and benefit from stolen data. Due to its…
How To Check Office Files for Macros Using Java
The Microsoft OpenXML files we use on a day-to-day basis are conveniently designed to be accessed and manipulated programmatically. We can jump into any OpenXML file structure in a variety of capacities (usually via specialized programming libraries or APIs) to…
If you like your Flipper Zero, then you’ll love this
If you’re enjoying exploring the world around you with you Flipper Zero pentesting multi-tool, this is the perfect next step. This article has been indexed from Latest stories for ZDNET in Security Read the original article: If you like your…
UNRAVELING EternalBlue: inside the WannaCry’s enabler
WannaCry and NotPetya, probably two most damaging cyberattacks in recent history, were both only made possible because of EternalBlue. Here is how the NSA-developed cyber monster works, and how you should defend against it. What is the EternalBlue vulnerability? EternalBlue…
The best security keys of 2023: Expert tested and reviewed
The top security keys on the market can help secure your online accounts from hackers and phishing attacks. This article has been indexed from Latest stories for ZDNET in Security Read the original article: The best security keys of 2023:…
Lidl recalls Paw Patrol snacks after website on packaging displayed porn
Supermarket giant Lidl has issued a recall of Paw Patrol snacks after the website listed on the products’ packaging began displaying explicit content unsuitable for children. Lidl, which operates more than 12,000 stores globally, is urging shoppers in the United…
Proposed SEC Cybersecurity Rule Will Put Unnecessary Strain on CISOs
The Security and Exchange Commission’s Proposed Rule for Public Companies (PPRC) is ambiguous. This article has been indexed from Dark Reading Read the original article: Proposed SEC Cybersecurity Rule Will Put Unnecessary Strain on CISOs
Researchers released a free decryptor for the Key Group ransomware
Researchers released a free decryptor for the Key Group ransomware that allows victims to recover their data without paying a ransom. Threat intelligence firm EclecticIQ released a free decryption tool for the Key Group ransomware (aka keygroup777) that allows victims…
A Conversation with OmniIndex’s James Stanbridge on Diversity, Equity and Inclusion in Tech Recruitment
We know that the cybersecurity industry has a skills gap and talent shortage. We also know that hiring from a larger, more diverse talent pool may be a good place to start. But how does diversity, equity and inclusion feed…
Sourcegraph’s Website Breached by Threat Actors
Popular AI-powered coding platform Sourcegraph reveals that its website was breached this week due to a leaked site-admin access token. The token leaked online on July 14th, but it took until the 28th of August for an attacker to use…
Massive attack
Defeating a DDoS swarm Webinar Any organization can lose service, revenue, and reputation as a result. If you are particularly unlucky, a DDoS attack can defenestrate your network defences. You may find yourself facing an cyber criminal who wants to…
Sophisticated Cyber-Espionage Group Earth Estries Exposed
Trend Micro noted that “Earth Estries” employed advanced tactics to infiltrate networks This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Sophisticated Cyber-Espionage Group Earth Estries Exposed