π΅οΈββοΈ Proposed HIPAA Amendments Will Close Healthcare Security Gaps π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The changes to the healthcare privacy regulation with technical controls such as network segmentation, multifactor authentication, and encryption. The changes would strengthen cybersecurity protections for electronic health information and address evolving threats against healthcare entities.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Proposed HIPAA Amendments Will Close Healthcare Security Gaps
Changes to the healthcare privacy regulation, including technical controls for network segmentation, multifactor authentication, and encryption, would strengthen cybersecurity protections for electronic health information and address evolving threats againstβ¦
β€1
ποΈ Apple to Pay Siri Users $20 Per Device in Settlement Over Accidental Siri Privacy Violations ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Apple has agreed to pay 95 million to settle a proposed class action lawsuit that accused the iPhone maker of invading users' privacy using its voiceactivated Siri assistant. The development was first reported by Reuters. The settlement applies to U.S.based individuals current or former owners or purchasers of a Sirienabled device who had their confidential voice communications with the.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π1
π¦Ώ TotalAV VPN vs Surfshark: Which VPN Should You Choose? π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TotalAV combines a simple VPN with antivirus software, while Surfshark offers a standalone VPN with better features and faster speeds.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
TotalAV VPN vs Surfshark: Which VPN Should You Choose?
Compare TotalAV VPN and Surfshark to find the best fit for your online security needs. Discover more and make an informed choice today.
π1
ποΈ LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A proofofconcept PoC exploit has been released for a nowpatched security flaw impacting Windows Lightweight Directory Access Protocol LDAP that could trigger a denialofservice DoS condition. The outofbounds reads vulnerability is tracked as CVE202449113 CVSS score 7.5. It was addressed by Microsoft as part of Patch Tuesday updates for December 2024, alongside CVE202449112 .π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Critical Deadline: Update Old .NET Domains Before January 7, 2025 to Avoid Service Disruption ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Microsoft has announced that it's making an "unexpected change" to the way .NET installers and archives are distributed, requiring developers to update their production and DevOps infrastructure. "We expect that most users will not be directly affected, however, it is critical that you validate if you are affected and to watch for downtime or other kinds of breakage," Richard Lander, a program.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π US Confirms Russian GenAI Disinformation Op Targeted Election π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The US government has sanctioned Russian stateaffiliated entity CGE, which used a vast GenAI infrastructure to spread disinformation during the US Presidential election.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
US Confirms Russian GenAI Disinformation Op Targeted Election
The US government has sanctioned Russian state-affiliated entity CGE, which used a vast GenAI infrastructure to spread disinformation during the US Presidential election
π SentinelOne Pricing 2025: Core, Control, Complete, & Commercial Packages Comparison π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
SentinelOne is a wellknown player in the cybersecurity market offering a cuttingedge cybersecurity platform developed to safeguard endpoints, cloud environments, and workloads from various cyber threats. Using the capabilities of artificial intelligence AI and automation, the solution offers an integrated approach to endpoint security to prevent, detect, and respond to known and unknown threats. Here The post SentinelOne Pricing 2025 Core, Control, Complete, Commercial Packages Comparison appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
SentinelOne Pricing 2025: Core, Control, Complete, & Commercial Packages Comparison
Compare SentinelOne costs and features of Core, Control, Complete, and Commercial packages.
π Apple Agrees $95M Settlement Over Siri Privacy Violations π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Apple has agreed to a 95m settlement in a class action lawsuit alleging Siri privacy violations, with eligible users receiving up to 20 per Sirienabled device.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Apple Agrees $95M Settlement Over Siri Privacy Violations
Apple has agreed to a $95m settlement in a class action lawsuit alleging Siri privacy violations, with eligible users receiving up to $20 per Siri-enabled device
π1
π¦
CERT-In Issues Alert on WPForms Vulnerability That Can Disrupt Payment and Subscription Services π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Overview The Indian Computer Emergency Response Team CERTIn has issued an alert regarding a critical security vulnerability in the WPForms plugin for WordPress. The flaw, identified as CVE202411205, could allow attackers to bypass authorization controls and perform payment refunds and subscription cancellations on Stripepowered websites. This WPForms plugin vulnerability, affecting WPForms versions 1.8.4 through 1.9.2.1, leaves WordPress sites vulnerable to exploitation by authenticated users with lowerlevel permissions. The vulnerability was disclosed publicly on December 9, 2024, by Wordfence researchers, and a patch was made available in WPForms version 1.9.2.2. The flaw stems from the absence of a capability check in the wpformsisadminpage function. This function is resp...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
π’ Four years on, how's UK GDPR holding up? π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
While some SMBs are struggling, most have stepped up to the mark in terms of data governance policies.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Four years on, how's UK GDPR holding up?
While some SMBs are struggling, most have stepped up to the mark in terms of data governance policies
π’ Healthcare data breaches are out of control β here's how the US plans to beef up security standards π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Changes to HIPAA security rules will require organizations to implement MFA, network segmentation, and more.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Healthcare data breaches are out of control β here's how the US plans to beef up security standards
Changes to HIPAA security rules will require organizations to implement MFA, network segmentation, and more
π΅οΈββοΈ Why Small Businesses Can't Rely Solely on AI to Combat Threats π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The growing complexity of cyber threats, paired with limited resources, makes it essential for companies to adopt a more comprehensive approach that combines human vigilance with AI's capabilities.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Why Small Business Can't Rely Solely on AI to Combat Threats
The growing complexity of cyber threats, paired with limited resources, makes it essential for companies to adopt a more comprehensive approach that combines human vigilance with AI's capabilities.
π΅οΈββοΈ Chrome Extension Compromises Highlight Software Supply Challenges π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The Christmas Eve compromise of datasecurity firm Cyberhaven's Chrome extension spotlights the challenges in shoring up thirdparty software supply chains.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Chrome Compromises Highlight Software Supply Challenges
A browser-extension compromise underscores the challenges in protecting companies from rogue browser add-ons and in shoring up software supply chains.
π¦Ώ This Trusted App Helps Sluggish PCs Work Faster π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
CCleaner speeds up sluggish PCs by clearing junk files, fixing registry issues, and optimizing performance.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
This Trusted App Helps Sluggish PCs Work Faster
CCleaner speeds up sluggish PCs by clearing junk files, fixing registry issues, and optimizing performance.
π§ Router reality check: 86% of default passwords have never been changed π§
π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Misconfigurations remain a popular compromise point and routers are leading the way. According to recent survey data, 86 of respondents have never changed their router admin password, and 52 have never adjusted any factory settings. This puts attackers in the perfect position to compromise enterprise networks. Why put the time and effort into creating phishing The post Router reality check 86 of default passwords have never been changed appeared first on Security Intelligence.π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Security Intelligence
Router reality check: 86% of default passwords have never been changed
The rising risk of router attacks, paired with a growing list of unreasonable expectations, creates complex challenges for security teams.
ποΈ New AI Jailbreak Method 'Bad Likert Judge' Boosts Attack Success Rates by Over 60% ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have shed light on a new jailbreak technique that could be used to get past a large language model's LLM safety guardrails and produce potentially harmful or malicious responses. The multiturn aka manyshot attack strategy has been codenamed Bad Likert Judge by Palo Alto Networks Unit 42 researchers Yongzhe Huang, Yang Ji, Wenjun Hu, Jay Chen, Akshata Rao, and.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Atos Group Denies Space Bears' Ransomware Attack Claims π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Atos Group has denied the ransomware group Space Bears' claims of compromising its database, calling the allegations unfounded.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Atos Group Denies Space Bears' Ransomware Attack Claims
Atos Group has denied the ransomware group Space Bears' claims of compromising its database, calling the allegations unfounded
π Crypto Boss Extradited to Face $40bn Fraud Charges π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Former Terraform CEO Do Hyeong Kwon is now in the US facing federal fraud charges.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Crypto Boss Extradited to Face $40bn Fraud Charges
Former Terraform CEO Do Hyeong Kwon is now in the US facing federal fraud charges
π DDoS Disrupts Japanese Mobile Giant Docomo π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Docomo has revealed a DDoS attack on Thursday took down key services.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
DDoS Disrupts Japanese Mobile Giant Docomo
Docomo has revealed a DDoS attack on Thursday took down key services
π Web3 Attacks Result in $2.3Bn in Cryptocurrency Losses π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The amount of crypto stolen in the Web3 ecosystem rose by 31.6 compared to 2023, with phishing the most costly attack vector.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Web3 Attacks Result in $2.3Bn in Cryptocurrency Losses
The amount of crypto stolen in the Web3 ecosystem rose by 31.6% compared to 2023, with phishing the most costly attack vector
π¦
Cyble Research Reports Critical Vulnerabilities Exposing Routers, Firewalls, and Web Servers π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Overview Cyble Research Intelligence Labs CRIL has released its latest Weekly Vulnerability Insights report, offering a detailed overview of the critical vulnerabilities discovered between December 25, 2024, and December 31, 2024. The report highlights key security threats and vulnerabilities, including the addition of a major exploit to the Cybersecurity and Infrastructure Security Agency CISA Known Exploited Vulnerabilities KEV catalog. The identified vulnerabilities have exposed a range of systems to active exploitation, with attackers leveraging flaws to compromise routers, firewalls, and web servers. During the reporting period, CISA incorporated CVE20243393, a highseverity vulnerability in Palo Alto Networks PANOS, into its KEV catalog. This flaw, which affects the PANOS ...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Cyble Weekly Vulnerability Insights Shares New Vulnerabilities
Cyble's Weekly Vulnerability Insights report highlights critical flaws in PAN-OS, D-Link, and other systems, exposing multiple security risks.