A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Bug…
Tag: EN
Week in review: VMware patches critical vulnerability, 1Password affected by Okta breach
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: GOAD: Vulnerable Active Directory environment for practicing attack techniques Game of Active Directory (GOAD) is a free pentesting lab. It provides a vulnerable Active Directory…
MemeChat – 4,348,570 breached accounts
In mid-2022, "the ultimate hub of memes" MemeChat suffered a data breach that exposed 7.4M records. Alleged to be due to a misconfigured Elasticsearch instance, the data contained 4.3M unique email addresses alongside usernames. This article has been indexed from…
Roundcube Webmail servers under attack – Week in security with Tony Anscombe
The zero-day exploit deployed by the Winter Vivern APT group only requires that the target views a specially crafted message in a web browser This article has been indexed from WeLiveSecurity Read the original article: Roundcube Webmail servers under attack…
iLeakage Attack: Protecting Your Digital Security
The iLeakage exploit is a new issue that security researchers have discovered for Apple users. This clever hack may reveal private data, including passwords and emails, and it targets Macs and iPhones. It’s critical to comprehend how this attack operates…
Study Asks Facebook Users How Much They Think Their Data Is Worth
The post Study Asks Facebook Users How Much They Think Their Data Is Worth appeared first on Facecrooks. Facebook makes billions of dollars off collecting your personal information and using it to target advertising. However, the users who provide that…
DEF CON 31 – Policy Panel: International Cyber Policy 101
Many thanks to DEF CON 31 for publishing their terrific DefCon Conference 31 presenters content. Originating from the conference events at Caesars Forum, Flamingo, Harrah’s and Linq in Las Vegas, Nevada; via the organizations YouTube channel. Permalink The post DEF…
Update now! Apple patches a raft of vulnerabilities
Categories: Exploits and vulnerabilities Categories: News Tags: iLeakage Tags: side-channel Tags: Safari Tags: CVE-2023-40413 Tags: CVE-2023-40416 Tags: CVE-2023-40423 Tags: CVE-2023-42487 Tags: CVE-2023-42841 Tags: CVE-2023-41982 Tags: CVE-2023-41997 Tags: CVE-2023-41988 Tags: CVE-2023-40447 Tags: CVE-2023-42852 Tags: CVE-2023-32434 Tags: CVE-2023-41989 Tags: CVE-2023-38403 Tags: CVE-2023-42856…
Octo Tempest cybercriminal group is “a growing concern”—Microsoft
Categories: News Categories: Ransomware Tags: ALPHV Tags: Octo Tempest Tags: RaaS Tags: LOTL Tags: social engineering Tags: SIM swapping A group of cybercriminals known for advanced social engineering attacks has joined one of the biggest ransomware groups as an affiliate.…
Rorschach Ransomware Gang Targets Chilean Telecom Giant GTD
Chile’s Grupo GTD has issued a warning that a hack has disrupted its Infrastructure as a Service (IaaS) infrastructure. Grupo GTD is a telecommunications firm based in Chile, Spain, Columbia, and Peru which offers services throughout Latin America. The…
Passkeys vs Passwords: The Future of Online Authentication
In the realm of online security, a shift is underway as passkeys gain traction among tech giants like Apple, Google, Microsoft, and Amazon. These innovative authentication methods offer a more seamless login experience and bolster cybersecurity against threats like…
AI-Generated Phishing Emails: A Growing Threat
The effectiveness of phishing emails created by artificial intelligence (AI) is quickly catching up to that of emails created by humans, according to disturbing new research. With artificial intelligence advancing so quickly, there is concern that there may be a…
From China To WikiLeaks: Censored Texts Survive In Bitcoin And Ethereum
Bitcoin is described by individuals in varied way, some say it is digital money currency, a digital store of value and a platform for data that is immune to censorship. Fundamentally, anyone can access and upload data, thanks to technology;…
D-LINK SQL Injection Vulnerability Let Attacker Gain Admin Privileges
A security flaw called SQL injection has been uncovered in the D-Link DAR-7000 device. SQL injection is a malicious attack that exploits vulnerabilities in web applications to inject malicious SQL statements and gain unauthorized access to the database. This technique…
October 2023 Web Server Survey
In the October 2023 survey we received responses from 1,093,294,946 sites across 267,962,271 domains and 12,371,536 web-facing computers. This reflects an increase of 8.3 million sites, 13.2 million domains, and 96,682 web-facing computers. The largest gains this month came from…
This Cryptomining Tool Is Stealing Secrets
Plus: Details emerge of a US government social media-scanning tool that flags “derogatory” speech, and researchers find vulnerabilities in the global mobile communications network. This article has been indexed from Security Latest Read the original article: This Cryptomining Tool Is…
Certain online games use dark designs to collect player data
The privacy policies and practices of online games contain dark design patterns which could be deceptive, misleading, or coercive to users, according to a new study. This article has been indexed from Hacking News — ScienceDaily Read the original article:…
Evolving Data Landscape: Rethinking the Privacy-Security Dichotomy in A Data-Centric World
By Ani Chaudhuri, CEO, Dasera The EU-US Data Privacy Framework is a product of years of painstaking negotiation, a well-intended attempt to tread the tightrope between national security and personal […] The post Evolving Data Landscape: Rethinking the Privacy-Security Dichotomy…
Bug hunters earned $1,038,250 for 58 unique 0-days at Pwn2Own Toronto 2023
The Pwn2Own Toronto 2023 hacking competition is over, bug hunters earned $1,038,500 for 58 zero-day exploits. The Pwn2Own Toronto 2023 hacking competition is over, the organizers awarded $1,038,250 for 58 unique 0-days. The Team Viettel (@vcslab) won the Master of…
Researchers Uncover Wiretapping of XMPP-Based Instant Messaging Service
New findings have shed light on what’s said to be a lawful attempt to covertly intercept traffic originating from jabber[.]ru (aka xmpp[.]ru), an XMPP-based instant messaging service, via servers hosted on Hetzner and Linode (a subsidiary of Akamai) in Germany. “The…