91Articles
8Categories
2023-08-07Date
🚨 CISA KEV 1[−]
7 Aug KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2017-18368 Zyxel P660HN-T1A Routers Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber a…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 14[−]
7 AugResearchers Uncover New High-Severity Vulnerability in PaperCut SoftwareTracked as CVE-2023-39143 (CVSS score: 8.4), the flaw impacts PaperCut NG/MF prior to version 22.1.3. It has been described as a combination of a path traversal and file upload vulnerability.THEHACKERNEWS.COM
7 AugIBM SDK, Java Technology Flaw Lets Remote Attacker Execute ArbitraryIBM has discovered a vulnerability in the IBM SDK, Java Technology Edition, that allows threat actors to execute arbitrary code on the system due to unsafe deserialization. This vulnerability exists in the Object Request Broker (ORB) and is given a CVE ID: CVE-2022-40609. ORB is …GBHACKERS.COM
7 AugChromium: CVE-2023-4068 Type Confusion in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
7 AugChromium: CVE-2023-4069 Type Confusion in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
7 AugChromium: CVE-2023-4070 Type Confusion in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
7 AugChromium: CVE-2023-4071 Heap buffer overflow in VisualsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
7 AugChromium: CVE-2023-4072 Out of bounds read and write in WebGLThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
7 AugChromium: CVE-2023-4073 Out of bounds memory access in ANGLEThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
7 AugChromium: CVE-2023-4074 Use after free in Blink Task SchedulingThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
7 AugChromium: CVE-2023-4075 Use after free in CastThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
7 AugChromium: CVE-2023-4076 Use after free in WebRTCThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
7 AugChromium: CVE-2023-4077 Insufficient data validation in ExtensionsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
7 AugChromium: CVE-2023-4078 Inappropriate implementation in ExtensionsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 17[−]
7 AugAssess multi-cloud security with the open-source CNAPPgoat projectErmetic released CNAPPgoat, an open-source project that allows organizations to test their cloud security skills, processes, tools, and posture in interactive sandbox environments that are easy to deploy and destroy. It is available on GitHub.HELPNETSECURITY.COM
7 AugEnhancing Security Operations Using Wazuh: Open Source XDR and SIEMIn today's interconnected world, evolving security solutions to meet growing demand is more critical than ever. Collaboration across multiple solutions for intelligence gathering and information sharing is indispensable. The idea of multiple-source intelligence gathering stems fr…THEHACKERNEWS.COM
7 AugMicrosoft Signing Key Stolen by ChineseA bunch of networks, including US Government networks , have been hacked by the Chinese. The hackers used forged authentication tokens to access user email, using a stolen Microsoft Azure account consumer signing key. Congress wants answers . The phrase “ negligent security…SCHNEIER.COM
7 AugData Theft Extortion Attacks Rise 25 Percent in Just One Quarter and Take Top Attack SpotA recap of Q2 from Cisco Talos’ incident response services provides insight into exactly what kinds of attacks are being seen in the field, and what kinds of attacks you need to be protecting against.KNOWBE4.COM
7 AugReptile Rootkit Targets Linux Systems in South KoreaReptile, an open-source kernel module rootkit, designed to target Linux systems was found on GitHub. Unlike typical rootkit malware, Reptile not only conceals its presence but also offers a reverse shell, granting threat actors control over compromised systems. I t is crucial to …CYWARE.COM
7 AugVPNs remain a risky gamble for remote accessA new Zscaler report stresses the need for organizations to reevaluate their security posture and migrate to a zero-trust architecture due to the increasing threat of cybercriminals exploiting VPN vulnerabilities.HELPNETSECURITY.COM
7 AugGitHub Warns of Social Engineering Campaign Targeting Employees in the Technology IndustryA few weeks ago, GitHub posted on their blog a recent security alert that should have any organization in the tech industry worried.KNOWBE4.COM
7 AugC-Suite, Rank-And-File at Odds Over Security’s RoleA disconnect is brewing between how C-suite executives and cybersecurity workers perceive security’s role, according to a Cloud Security Alliance report released last week. The study by Expel surveyed 1,000 IT and security professionals in May.CYBERSECURITYDIVE.COM
7 AugNew PaperCut Vulnerability Allows Remote Code ExecutionA new vulnerability in the PaperCut MF/NG print management software can be exploited for unauthenticated, remote code execution. The post New PaperCut Vulnerability Allows Remote Code Execution appeared first on SecurityWeek .SECURITYWEEK.COM
7 AugMicrosoft Addresses Azure AD Flaw Following Criticism from Tenable’s CEOAfter being criticized as “grossly irresponsible” and “blatantly negligent” by the CEO of Tenable, Microsoft addressed a vulnerability in the Power Platform Custom Connectors feature that allowed unauthenticated attackers access to cross-tenant apps and sensitiv…GBHACKERS.COM
7 AugNew Malware Campaign Targets Inexperienced Cyber Criminals with OpenBullet ConfigsA new malware campaign has been observed making use of malicious OpenBullet configuration files to target inexperienced cyber criminals with the goal of delivering a remote access trojan (RAT) capable of stealing sensitive information. Bot mitigation company Kasada said the activ…THEHACKERNEWS.COM
7 AugSpanish Police Arrest 3 Behind Payment Card FraudCybercrime Group Defrauded Nearly 200,000 Euros Spanish police estimate that a group that mainly targeted ATMs of Spanish national banks using cloned payment cards had fraudulently pocketed nearly 196,000 euros. Authorities arrested three members of the group Sunday in the Spanis…DATABREACHTODAY.CO.UK
7 AugNew SkidMap Malware Attacking Wide Range of Linux DistributionsAccording to recent reports, there have been instances of threat actors using malware called “SkidMap” to exploit vulnerable Redis systems. Earlier versions of SkidMap were used to surreptitiously mine cryptocurrency and create false network traffic and CPU usage by l…GBHACKERS.COM
7 AugCl0p Ransomware Gang Revises its Extortion StrategyMOVEit-hijacker Cl0p ransomware gang has changed its extortion tactics and is now using torrents to distribute data stolen in the MOVEit Transfer breaches. Previously, the group utilized Tor data leak sites, but this method was slow and easier to shut down. Through torrents, crim…CYWARE.COM
7 AugCritical Bugs Found in PaperCut Allow RCEVulnerability Could Allow Attackers to Read, Delete or Upload Arbitrary Files A recently identified security vulnerability in PaperCut print management software holds the potential for high-severity outcomes and could let unauthorized hackers run code remotely. The software is us…DATABREACHTODAY.CO.UK
7 AugNigerian Man Admits to $1.3M Business Email Compromise ScamScammers Used Malware and Spoofed Domain Name to Trick UK Financial Services Firm A Nigerian national has pleaded guilty to participating in a business email compromise scheme that stole $1.25 million from a Boston investment firm. Perpetrators used malware to intercept an employ…DATABREACHTODAY.CO.UK
7 AugNews Alert: GhangorCloud selected to demo Deep AI-based capabilities at India’s G20 SummitSan Jose, Calif., Aug. 7, 2023 – GhangorCloud, a leading provider of Deep AI-based information security and data privacy compliance enforcement solutions, is pleased to announce it has been selected upon nomination by the US Department of Commerce, as one … (more…)LASTWATCHDOG.COM
📢 SECURITY ADVISORIES 6[−]
7 AugWhite House Pushes Cybersecurity Defense for K-12 SchoolsEducators Gird For Fresh Ransomware Attacks as Students Set to Return to School The Biden administration says it wants to get ahead of ransomware attacks against schools before K-12 education soon resumes for the fall. "We must take cyberattacks on our schools just seriously as w…DATABREACHTODAY.CO.UK
7 AugBroad SBOM Adoption Takes Root as Businesses Watch Their Supply ChainsThree-quarters of enterprises in the U.S. and U.K. have implemented software bills of materials since the Biden administration issued an executive order to bolster cybersecurity in 2021, according to a report Sonatype released Thursday.CYBERSECURITYDIVE.COM
7 AugRussian Hackers Overwhelm Spanish Sites With DDoS AttacksBanks, telecoms providers, media, and tourism companies are thought to have been affected by the attacks, which followed a trip by Prime Minister Pedro Sanchez to Kyiv in which he expressed his government’s support for Ukraine.INFOSECURITY-MAGAZINE.COM
7 AugCISA Unveils Cybersecurity Strategic Plan for Next 3 YearsCISA has unveiled its Cybersecurity Strategic Plan for the next 3 years, focusing on addressing immediate threats, hardening the terrain, and driving security. The post CISA Unveils Cybersecurity Strategic Plan for Next 3 Years appeared first on SecurityWeek .SECURITYWEEK.COM
7 AugUS ‘Lagging Behind’ on Border Gateway Protocol Security Practices, CISA and FCC Chiefs SayThe U.S. government is lagging behind other countries in instituting more stringent cybersecurity measures governing the Border Gateway Protocol (BGP) – a set of technical rules responsible for routing data efficiently.THERECORD.MEDIA
🔥 INCIDENT REPORTING 13[−]
7 AugCyber Security Today, August 7, 2023 - Ransomware attack hits US hospitals, a Canadian insurer is sideswiped by MOVEit hacks, and moreThis episode reports on the latest victims of MOVEit hacks, data thefts at Colorado's Department of Higher Education, and moreCYBERSECURITYTODAY.LIBSYN.COM
7 AugCyberattacks on Governments and Public Services Were Way up This Spring, Research ShowsCyberattacks on governments and public entities worldwide surged by 40% from March to May compared to the previous quarter, according to researchers at the cybersecurity firm BlackBerry.THERECORD.MEDIA
7 AugColorado Department of Higher Education Discloses Ransomware Attack, Data BreachColorado Department of Higher Education targeted in a ransomware attack that resulted in a data breach impacting many students and teachers. The post Colorado Department of Higher Education Discloses Ransomware Attack, Data Breach appeared first on SecurityWeek .SECURITYWEEK.COM
7 AugUK Sounds Warning Over Targeted Healthcare AttackA targeted cyberattack against Britain's national healthcare system could lead to larger-scale disruption causing the organization several years to recover, the U.K. government warns.BANKINFOSECURITY.COM
7 AugColorado Department of Higher Education Warns of Massive Data BreachThe Colorado Department of Higher Education (CDHE) discloses a massive data breach impacting students, past students, and teachers after suffering a ransomware attack in June.BLEEPINGCOMPUTER.COM
7 AugUS hospital network hit with ransomware attack16 hospitals across the United States have been hit with ransomwareCSHUB.COM
7 AugClop Ransomware Now Uses Torrents to Leak Data and Evade TakedownsAccording to security researcher Dominic Alvieri, who first spotted this new tactic, torrents have been created for twenty victims, including Aon, K & L Gates, Putnam, Delaware Life, Zurich Brazil, and Heidelberg.BLEEPINGCOMPUTER.COM
7 AugNorth Korean hackers 'ScarCruft' breached Russian missile makerThe North Korean state-sponsored hacking group ScarCruft has been linked to a cyberattack on the IT infrastructure and email server for NPO Mashinostroyeniya, a Russian space rocket designer and intercontinental ballistic missile engineering organization. [...]BLEEPINGCOMPUTER.COM
7 AugColorado Warns Ransomware Attack Caused Massive Data BreachInformation From 2004 to 2020 Exposed for High School Students, Teachers and Others Colorado's Department of Higher Education is warning that it suffered a ransomware attack in June, in which attackers stole personal data on current and past students and teachers, dating from 200…DATABREACHTODAY.CO.UK
7 AugHackers increasingly abuse Cloudflare Tunnels for stealthy connectionsHackers are increasingly abusing the legitimate Cloudflare Tunnels feature to create stealthy HTTPS connections from compromised devices, bypass firewalls, and maintain long-term persistence. [...]BLEEPINGCOMPUTER.COM
7 AugAuthorities Warn Health Sector of Attacks by Rhysida GroupNew Ransomware Group Branches Out, Hits Multiple Hospitals, Provider Networks Authorities are sounding the alarm about double-extortion attacks against healthcare and public health sector organizations by a relatively new ransomware-as-a-service group, Rhysida, which until recent…DATABREACHTODAY.CO.UK
7 AugColorado warns hackers stole 16 years of public school data in ransomware attackColorado’s state government has warned students and teachers that hackers may have accessed their personal information — dating as far back as 2004. In a notice on its website, the Colorado Department of Higher Education (CDHE) confirmed it experienced a ransomware incident…TECHCRUNCH.COM
7 AugTargetCompany Ransomware Abuses FUD Obfuscator PackersIn this entry, we detail our analysis of how the TargetCompany ransomware abused an iteration of fully undetectable (FUD) obfuscator engine BatCloak to infect vulnerable systems.TRENDMICRO.COM
🕵️ THREAT INTELLIGENCE 22[−]
7 AugISC Stormcast For Monday, August 7th, 2023 https://isc.sans.edu/podcastdetail/8604, (Mon, Aug 7th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
7 AugWelcome to the New Have I Been Pwned Domain Search Subscription ServicePresently sponsored by: Secure your assets, identity and online accounts with our award-winning ID theft protection. Get started with Aura today. This is a big one. A massive one. It's the culmination of a solid 7 months of work that finally, as of now, is live. The full bac…TROYHUNT.COM
7 AugResearch Jailbreak Tesla’s Software-Locked Features Worth up to $15,000Tesla has a reputation for having highly integrated and technologically advanced car computers, which can be used for everything from basic entertainment to completely autonomous driving. BlackHat brief on an attack against modern AMD-based infotainment systems (MCU-Z) found on a…GBHACKERS.COM
7 AugReptile Rootkit: Advanced Linux Malware Targeting South Korean Systems"Unlike other rootkit malware that typically only provide concealment capabilities, Reptile goes a step further by offering a reverse shell, allowing threat actors to easily take control of systems," ASEC said in a report published last week.THEHACKERNEWS.COM
7 AugNew 'Deep Learning Attack' Deciphers Laptop Keystrokes with 95% AccuracyA group of academics has devised a "deep learning-based acoustic side-channel attack" that can be used to classify laptop keystrokes that are recorded using a nearby phone with 95% accuracy. "When trained on keystrokes recorded using the video conferencing software Zoom, an accur…THEHACKERNEWS.COM
7 AugNew SkidMap Redis Malware Variant Targeting Vulnerable Redis ServersVulnerable Redis services have been targeted by a "new, improved, dangerous" variant of a malware called SkidMap that's engineered to target a wide range of Linux distributions. "The malicious nature of this malware is to adapt to the system on which it is executed," Trustwave se…THEHACKERNEWS.COM
7 Aug[New Product] Supercharge Your Anti-Phishing Defense with KnowBe4’s PhishER Plus!Staying one step ahead of cybercriminals is absolutely vital in today’s threat landscape. That's why we're thrilled to introduce PhishER Plus, a revolutionary product from KnowBe4 that takes your anti-phishing defense to a whole new level.KNOWBE4.COM
7 AugVendor Email Compromise Attacks Use the Same Playbook for Multiple AttacksSeeking very large paydays, Vendor Email Compromise (VEC) threat actors are finding out what works and repurposing their content and processes to increase chances of seeing a massive payout.KNOWBE4.COM
7 AugPhishing Attacks Continue to Use Attachments as HTML Files Containing Java DominateAs traditional phishing attack attachment types like Office documents dwindle in use, threat actors look for new effective ways to use email as a delivery medium to launch an attack.KNOWBE4.COM
7 AugFraud Masquerades as Anti-FraudMany of us have received a phone call or other notification from a credit card company telling us that they’ve detected suspicious activity on our card. Was it us? Did we just spend $500 at that big box store up the road? No? Thank you; there’ll be no charge. Or, if that was you,…KNOWBE4.COM
7 AugNorth Korean Hackers Targets Russian Missile Engineering FirmTwo different North Korean nation-state actors have been linked to a cyber intrusion against the major Russian missile engineering company NPO Mashinostroyeniya. Cybersecurity firm SentinelOne said it identified "two instances of North Korea related compromise of sensitive intern…THEHACKERNEWS.COM
7 AugNorth Korean Hackers Targeted Russian Missile DeveloperA sanctioned Russian missile maker appears to have been targeted by two important North Korean hacking groups. The post North Korean Hackers Targeted Russian Missile Developer appeared first on SecurityWeek .SECURITYWEEK.COM
7 AugAI researchers claim 93% accuracy in detecting keystrokes over Zoom audioMitigating factors include typing style, multi-case passwords, uncommon laptops.ARSTECHNICA.COM
7 AugCyberinsurance Firm Resilience Raises $100 Million to Expand Its Cyber Risk PlatformResilience Cyber Insurance Solutions has raised $100 million through a Series D funding round to support global expansion of its cyber risk platform that was launched earlier this year. The post Cyberinsurance Firm Resilience Raises $100 Million to Expand Its Cyber Risk Platform …SECURITYWEEK.COM
7 AugAdopting guidance from the US National Cybersecurity Strategy to secure the Internet of ThingsMicrosoft is invested in helping partners create Internet of Things solutions with strong security products that support the March 2023 United States National Cybersecurity Strategy. The post Adopting guidance from the US National Cybersecurity Strategy to secure the Internet of …MICROSOFT.COM
7 AugMicrosoft AI Red Team building future of safer AIWe’re sharing best practices from our team so others can benefit from Microsoft’s learnings. These best practices can help security teams proactively hunt for failures in AI systems, define a defense-in-depth approach, and create a plan to evolve and grow your security posture as…MICROSOFT.COM
7 AugKeep your sensitive data secure by using Encrypted Forms 2.0 from JotformGraham Cluley Security News is sponsored this week by the folks at Jotform. Thanks to the great team there for their support! What is form encryption, and why is it important? Whether you’re a pro with forms or just a newbie, it might be helpful to get an understanding of form en…GRAHAMCLULEY.COM
7 AugGUEST ESSAY: Why any sudden influx of spam emails is an indicator of a likely security issueWe all get spam emails, and while it’s annoying, it’s not usually anything to worry about. However, getting a huge influx of spam at once is a warning sign. People suddenly getting a lot of spam emails may be the … (more…)LASTWATCHDOG.COM
7 AugBlack Hat Fireside Chat: Horizon3.ai makes a strong case for continuous, self-service pentestingLAS VEGAS — Penetration testing, traditionally, gave businesses a nice, pretty picture of their network security posture — at a given point in time. Related: Going on the security offensive Such snapshots proved useful for building audit trails, particularly for ̷…LASTWATCHDOG.COM
7 AugDatabases beware: Abusing Microsoft SQL Server with SQLReconOver the course of my career, I’ve had the privileged opportunity to peek behind the veil of some of the largest organizations in the world. In my experience, most industry verticals rely on enterprise Windows networks. In fact, I can count on one hand the number of times I…SECURITYINTELLIGENCE.COM
7 AugThe evolution of security analyst experienceCloud computing and IT modernization have created a more complex threat landscape, and security analysts are struggling to keep up. Security operations centers (SOC) are in need of an upgrade. The proliferation of cloud and hybrid environments simply creates more to protect, said…SECURITYINTELLIGENCE.COM
7 AugAI researchers claim 93% accuracy in detecting keystrokes over Zoom audioMitigating factors include typing style, multi-case passwords, uncommon laptops.ARSTECHNICA.COM
🌐 CYBER THREAT LANDSCAPE 5[−]
7 AugFake VMware vConnector Package on PyPI Targets IT ProsA malicious package that mimics the VMware vSphere connector module ‘vConnector’ was uploaded on the Python Package Index (PyPI) under the name ‘VMConnect,’ targeting IT professionals.BLEEPINGCOMPUTER.COM
7 AugHacktivists Fund Their Operations Using Common Cybercrime TacticsKELA notes that although hacktivism appears to be about causing service disruption through DDoS attacks or reputation damage via data leaks, the modus operandi of these threat groups encompasses a broader scope of activities.BLEEPINGCOMPUTER.COM
7 AugNew SkidMap Redis Malware Variant Targets Vulnerable Redis ServersVulnerable Redis services have been targeted by a "new, improved, dangerous" variant of a malware called SkidMap that's engineered to target a wide range of Linux distributions.THEHACKERNEWS.COM
7 AugSpyware Maker Letmespy Shuts Down After Hacker Deletes Server DataIn a notice on its website in both English and Polish, LetMeSpy confirmed the “permanent shutdown” of the spyware service and that it would cease operations by the end of August.TECHCRUNCH.COM
7 AugLatest Batloader Campaigns Use Pyarmor Pro for EvasionIn June 2023, Trend Micro observed an upgrade to the evasion techniques used by the Batloader initial access malware, which we’ve covered in previous blog entries.TRENDMICRO.COM
📡 INFOSEC NEWS 13[−]
7 AugFBI Alert: Crypto Scammers are Masquerading as NFT DevelopersThe U.S. Federal Bureau of Investigation (FBI) is warning about cyber crooks masquerading as legitimate non-fungible token (NFT) developers to steal cryptocurrency and other digital assets from unsuspecting users. In these fraudulent schemes, criminals either obtain direct access…THEHACKERNEWS.COM
7 AugNYC Couple Pleads Guilty to Money Laundering in $3.6 Billion Bitfinex HackA married couple from New York City has pleaded guilty to money laundering charges in connection with the 2016 hack of cryptocurrency stock exchange Bitfinex, resulting in the theft of about 120,000 bitcoin.THEHACKERNEWS.COM
7 AugNew Acoustic Attack Steals Data From Keystrokes With 95% AccuracyA team of researchers from British universities has trained a deep learning model that can steal data from keyboard keystrokes recorded using a microphone with an accuracy of 95%.BLEEPINGCOMPUTER.COM
7 AugSophosAI at DEF CON: Orchestrating large-scale scams using text, audio and image generative AIAI Village talk highlights how generative can be used to automate the creation of fraud campaigns, generating hundreds of fraudulent sites.SOPHOS.COM
7 AugMulti-Modal Data Protection With AI’s HelpMulti-modal monitoring through AI enables the identification of both data and conversation types, enhancing the ability to detect and prevent data leakage or any unauthorized activities.HELPNETSECURITY.COM
7 AugGoogle Play apps with 2.5M installs load ads when screen's offThe Google Play store was infiltrated by 43 Android applications with 2.5 million installs that secretly displayed advertisements while a phone's screen was off, running down a device's battery. [...]BLEEPINGCOMPUTER.COM
7 AugHands on with Windows 11's new modern File ExplorerWith the introduction of Windows 11 23H2, Microsoft has modernized File Explorer on Windows 11, bringing a fresher look and feel to the system's integral file management tool. [...]BLEEPINGCOMPUTER.COM
7 AugUpdate: Researchers scanning the Internet, (Mon, Aug 7th)We have been tracking researchers scanning the Internet for open ports or vulnerabilities for a few years. These groups often show up in our "top 10" lists. We do not make any general recommendations to block these IPs but we want to give you the information you need to make this…ISC.SANS.EDU
7 AugMicrosoft Bug Bounty Program Year in Review: $13.8M in RewardsWe are thrilled to share the results of our collaboration with over 345 security researchers from +45 countries around the world in the past 12 months. Together, we have discovered and fixed more than a thousand potential security issues before they impacted our customers. In rec…MSRC.MICROSOFT.COM
7 AugScam websites offering jobs | Kaspersky official blogHow and with what criminals lure people looking for a part-time job on the Internet, and what needs to be done in order not to become their victim.KASPERSKY.COM
7 AugTime is money, and online game scammers have lots of itGamers and cybersecurity professionals have something in common – the ever-terrible presence of hacking, scams, and data theft – but how and why would anyone want to target gamers?WELIVESECURITY.COM
7 AugMicrosoft Bug Bounty Program Year in Review: $13.8M in RewardsWe are thrilled to share the results of our collaboration with over 345 security researchers from +45 countries around the world in the past 12 months. Together, we have discovered and fixed more than a thousand potential security issues before they impacted our customers. In rec…MSRC.MICROSOFT.COM