πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
26.8K subscribers
89.8K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
πŸ–‹οΈ Automated Threats Pose Increasing Risk to the Travel Industry πŸ–‹οΈ

As the travel industry rebounds postpandemic, it is increasingly targeted by automated threats, with the sector experiencing nearly 21 of all bot attack requests last year. Thats according to research from Imperva, a Thales company. In their 2024 Bad Bot Report, Imperva finds that bad bots accounted for 44.5 of the industrys web traffic in 2023a significant jump from 37.4 in 2022. .

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ Alert: HotPage Adware Disguised as Ad Blocker Installs Malicious Kernel Driver πŸ–‹οΈ

Cybersecurity researchers have shed light on an adware module that purports to block ads and malicious websites, while stealthily offloading a kernel driver component that grants attackers the ability to run arbitrary code with elevated permissions on Windows hosts. The malware, dubbed HotPage, gets its name from the eponymous installer "HotPage.exe", according to new findings from ESET. The.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ AI Remains a Wild Card in the War Against Disinformation πŸ•΅οΈβ€β™‚οΈ

Digital literacy and protective measures will be key to detecting disinformation and deepfakes as AI is used to shape public opinion and erode trust in the democratic processes, as well as identify nefarious content.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Sizable Chunk of SEC Charges Against SolarWinds Tossed Out of Court πŸ•΅οΈβ€β™‚οΈ

Judge dismisses claims against SolarWinds for actions taken after its systems had been breached, but allows the case to proceed for alleged misstatements prior to the incident.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ US Data Breach Victim Numbers Increase by 1,000%, Literally πŸ•΅οΈβ€β™‚οΈ

Though the number of victims has risen, the actual number of breaches has gone down, as fewer, bigger breaches affect more individuals.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ High-Severity Cisco Bug Grants Attackers Password Access πŸ•΅οΈβ€β™‚οΈ

The vulnerability was given the highest CVSS score possible, though few details have been released due to its severity.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ 20 Million Trusted Domains Vulnerable to Email Hosting Exploits πŸ•΅οΈβ€β™‚οΈ

Three newly discovered SMTP smuggling attack techniques can exploit misconfigurations and design decisions made by at least 50 emailhosting providers.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Microsoft-Signed Chinese Adware Opens the Door to Kernel Privileges πŸ•΅οΈβ€β™‚οΈ

An official stamp of approval might give the impression that a purported "HotPage" adtech tool is not, in fact, a dangerous kernellevel malware but that's just subterfuge.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” SAP AI Core Flaws Expose Sensitive Customer Data and Keys πŸ“”

All SAP AI Core vulnerabilities were reported to SAP by Wiz and have since been fixed.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” HotPage Malware Hijacks Browsers With Signed Microsoft Driver πŸ“”

HotPage manipulates browser traffic by hooking into networkbased Windows API functions.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Chainalysis Launches Public-Private Plans to Crack Down on Crypto Scams πŸ“”

Crypto accounts tied to scammers associated with 162m in crypto losses have been closed as part of Operation Spincaster.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Nearly 13 Million Australians Affected by MediSecure Attack πŸ“”

MediSecure revealed that the personal and health data of approximately 12.9 million Australians has been affected by the May 2024 attack.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ”₯1
🌊 UnderDefense MAXI Secures 7 Badges as a High Performer and Best Support in G2 Reports 🌊

UnderDefense MAXI is on fire!  UnderDefense MAXI has garnered an impressive 7 badges in the G2 Summer 2024 Reports, a remarkable achievement given that the platform was publicly launched less than a year ago.  We are grateful to our partners for their support, and our exceptional team for creating the product that helps security The post UnderDefense MAXI Secures 7 Badges as a High Performer and Best Support in G2 Reports appeared first on UnderDefense.

πŸ“– Read more.

πŸ”— Via "UnderDefense"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ‘1
πŸ“’ Half of Australia’s population was exposed in the MediSecure breach, but victims might never know if they’re affected πŸ“’

Financial difficulties at MediSecure mean it doesnt have the resources to establish exactly who was impacted in a recent breach and what data was stolen.

πŸ“– Read more.

πŸ”— Via "ITPro"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ Safeguard Personal and Corporate Identities with Identity Intelligence πŸ–‹οΈ

Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgills threat experts. Each story shines a light on underground activities, the threat actors involved, and why you should care, along with what you can do to mitigate risk.  In the current cyber threat landscape, the protection of personal and corporate identities has become vital.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ Pro-Houthi Group Targets Yemen Aid Organizations with Android Spyware πŸ–‹οΈ

A suspected proHouthi threat group targeted at least three humanitarian organizations in Yemen with Android spyware designed to harvest sensitive information. These attacks, attributed to an activity cluster codenamed OilAlpha, entail a new set of malicious mobile apps that come with their own supporting infrastructure, Recorded Future's Insikt Group said. Targets of the ongoing campaign.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ‘1
πŸ–‹οΈ APT41 Infiltrates Networks in Italy, Spain, Taiwan, Turkey, and the U.K. πŸ–‹οΈ

Several organizations operating within global shipping and logistics, media and entertainment, technology, and automotive sectors in Italy, Spain, Taiwan, Thailand, Turkey, and the U.K. have become the target of a "sustained campaign" by the prolific Chinabased APT41 hacking group. "APT41 successfully infiltrated and maintained prolonged, unauthorized access to numerous victims' networks since.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ Summary of "AI Leaders Spill Their Secrets" Webinar πŸ–‹οΈ

Event Overview The "AI Leaders Spill Their Secrets" webinar, hosted by Sigma Computing, featured prominent AI experts sharing their experiences and strategies for success in the AI industry. The panel included Michael Ward from Sardine, Damon Bryan from Hyperfinity, and Stephen Hillian from Astronomer, moderated by Zalak Trivedi, Sigma Computing's Product Manager. Key Speakers and Their.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ SolarWinds Patches 11 Critical Flaws in Access Rights Manager Software πŸ–‹οΈ

SolarWinds has addressed a set of critical security flaws impacting its Access Rights Manager ARM software that could be exploited to access sensitive information or execute arbitrary code. Of the 11 vulnerabilities, seven are rated Critical in severity and carry a CVSS score of 9.6 out of 10.0. The remaining four weaknesses have been rated High in severity, with each of them having a CVSS.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ WazirX Cryptocurrency Exchange Loses $230 Million in Major Security Breach πŸ–‹οΈ

Indian cryptocurrency exchange WazirX has confirmed that it was the target of a security breach that led to the theft of 230 million in cryptocurrency assets. "A cyber attack occurred in one of our multisignature wallets involving a loss of funds exceeding 230 million," the company said in a statement. "This wallet was operated utilizing the services of Liminal's digital asset custody and.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity