As tool emerges to probe OS feature's SQLite-based store of user activities Asked to explore the data privacy issues arising from Microsoft Recall, the Windows maker's poorly received self-surveillance tool, Jaime Teevan, chief scientist and technical fellow at Microsoft Research, brushed aside concerns.... [...]
Beware of zero-click malware sliding into your DMs Miscreants exploited a zero-day in TikTok to compromised the accounts of CNN and other big names. The app maker has confirmed there was a cyberattack, and that it has scrambled to secure accounts and prevent any further exploitation.... [...]
Malware code potentially sold off, tweaked, back at it infecting victims RansomHub, a newish cyber-crime operation that has claimed to be behind the theft of data from Christie's auction house and others, is "very likely" some kind of rebrand of the Knight ransomware gang, according to threat hunters.... [...]
That backdoor's not meant to be there? Zyxel just released security fixes for two of its obsolete network-attached storage (NAS) devices after an intern at a security vendor reported critical flaws months ago.... [...]
Public officials allegedly bribed to allow extradition-dodging travel Four arrests were made this week as part of an international probe into two overlapping corruption schemes that allowed cybercrims on INTERPOL watch lists to travel freely without flagging any alerts.... [...]
Let customers interfere with other tenants? That's our cloud working by design, Redmond seems to say A vulnerability — or just Azure working as intended, depending on who you ask — in Microsoft's cloud potentially allows miscreants to wave away firewall rules and access other people's private web resources.... [...]
In the Navy, no, you cannot have an unauthorized WLAN. In the Navy, no, that's not a good plan The US Navy has cracked down on an illicit Wi-Fi network installed on a combat ship by demoting the senior enlisted leader who ordered it to be set up.... [...]
Meanwhile Mr Smith goes to Washington to testify before Congress The Pentagon is "doubling down" on its investment in Microsoft products despite the serious failings at the IT giant that put America's national security at risk, say two US senators.... [...]
Pathology lab provider targeted, affecting blood transfusions and surgeries Hospitals in London are struggling to deliver pathology services after a ransomware attack at a service partner downed some key systems.... [...]
Pathology lab provider targeted, affecting blood transfusions and surgeries Hospitals in London are struggling to deliver pathology services after a ransomware attack at a service partner downed some key systems.... [...]
Experts say auctioning the auctioneer’s data is unlikely to have been genuinely successful The cybercrims who claimed the attack on Christie's fancy themselves as auctioneers as well, after they allegedly sold off the company's data to the highest bidder instead of leaking everything on the dark web.... [...]
Privacy group seeks clarification of whether EU data protection law has been breached A privacy campaign group with a strong record in legal upheavals has asked the Austrian data protection authority to investigate Microsoft 365 Education to clarify if it breaches transparency provisions under GDPR.... [...]
Some of the biggest names in the game are hopping on the trend Malware miscreants are increasingly showing a penchant for abusing legitimate, commercial packer apps to evade detection.... [...]
Cloud storage giant lawyers up against infosec house Analysis Hudson Rock, citing legal pressure from Snowflake, has removed its online report that claimed miscreants broke into the cloud storage and analytics giant's underlying systems and stole data from potentially hundreds of customers including Ticketmaster and Santander Bank.... [...]
Aims to get CVE logjam cleared by the end of FY 24 Facing a growing backlog of reported flaws, NIST has extended a commercial contract with an outside consultancy to help it get on top of its National Vulnerability Database (NVD).... [...]
Turns out opting out actually works? Billions of records detailing people's personal information may soon be dumped online after being allegedly obtained from a Florida firm that handles background checks and other requests for folks' private info.... [...]
Featuring Tom Cruise deepfakes and multiple made-up terrorism threats Still throwing toys out the pram over its relationship with international sport, Russia is engaged in a multi-pronged disinformation campaign against the Olympic Games and host nation France that's intensifying as the opening ceremony approaches.... [...]
Also, free pianos are the latest internet scam bait, Cooler Master gets pwned, and some critical vulnerabilities Infosec in brief Cybersecurity software vendor Check Point is warning customers to update their software immediately in light of a zero day vulnerability under active exploitation.... [...]
How to strengthen cyber risk management for cyber physical systems (CPS) Webinar Can organizations ever scale back on the relentless task of identifying, prioritizing, and remediating vulnerabilities, and misconfigurations across their industrial and critical infrastructure environments?... [...]
The fusion of Lidar, radar, and cameras can be fooled by stuff from your kids' craft box A team of researchers from prominent universities – including SUNY Buffalo, Iowa State, UNC Charlotte, and Purdue – were able to turn an autonomous vehicle (AV) operated on the open sourced Apollo driving platform …
Use Baidu's platform to show how the fusion of Lidar, radar, and cameras can be fooled by stuff from your kids' craft box A team of researchers from prominent universities – including SUNY Buffalo, Iowa State, UNC Charlotte, and Purdue – were able to turn an autonomous vehicle (AV) operated on …
Who needs experts when you have an army of hand-picked super users telling you what you want to hear? Twitch has reportedly dismantled its Safety Advisory Council, and apparently plans to replace the panel with chosen "ambassadors."... [...]
Infosec house claims Ticketmaster, Santander hit via cloud storage Infosec analysts at Hudson Rock believe Snowflake was compromised by miscreants who used that intrusion to steal data on hundreds of millions of people from Ticketmaster, Santander, and potentially other customers of the cloud storage provider. Snowflake denies its security …
Similar cases have resulted in serious sanctions, and they were on a far smaller scale Serial tech and digital privacy critic Senator Ron Wyden (D-OR) laid into UnitedHealth Group's (UHG) CEO for appointing a CISO Wyden deemed "unqualified"– a decision he claims likely led to its ransomware catastrophe of …
Follows arrests and takedowns of recent days After the big dog revelations from the past week, the cops behind Operation Endgame are now calling for help in tracking down the brains behind the Emotet operation.... [...]