Oct 07, 2024The Hacker NewsPassword Security / Data Security The interest in passwordless authentication has increased due to the rise of hybrid work environments and widespread digitization. This has led to a greater need for reliable data security and user-friendly… Read More "Webinar on MFA, Passwords, and the Shift to Passwordless"
E.U. Court Limits Meta’s Use of Personal Facebook Data for Targeted Ads
Oct 07, 2024Ravie LakshmananData Privacy / Advertising Europe’s top court has ruled that Meta Platforms must restrict the use of personal data harvested from Facebook for serving targeted ads even when users consent to their information being used for advertising… Read More "E.U. Court Limits Meta’s Use of Personal Facebook Data for Targeted Ads"
Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability
Oct 05, 2024Ravie LakshmananData Privacy / Mobile Security Apple has released iOS and iPadOS updates to address two security issues, one of which could have allowed a user’s passwords to be read out aloud by its VoiceOver assistive technology. The… Read More "Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability"
WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks
Oct 04, 2024Ravie LakshmananWebsite Security / Vulnerability A new high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable malicious actors to execute arbitrary JavaScript code under certain conditions. The flaw, tracked as CVE-2024-47374… Read More "WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks"
U.S. and Microsoft Seize 107 Russian Domains in Major Cyber Fraud Crackdown
Oct 04, 2024Ravie LakshmananPhishing Attack / Cybercrime Microsoft and the U.S. Department of Justice (DoJ) on Thursday announced the seizure of 107 internet domains used by state-sponsored threat actors with ties to Russia to facilitate computer fraud and abuse in… Read More "U.S. and Microsoft Seize 107 Russian Domains in Major Cyber Fraud Crackdown"
Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors
Cloudflare has disclosed that it mitigated a record-breaking distributed denial-of-service (DDoS) attack that peaked at 3.8 terabits per second (Tbps) and lasted 65 seconds. The web infrastructure and security company said it fended off “over one hundred hyper-volumetric L3/4 DDoS… Read More "Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors"
How to Get Going with CTEM When You Don’t Know Where to Start
Continuous Threat Exposure Management (CTEM) is a strategic framework that helps organizations continuously assess and manage cyber risk. It breaks down the complex task of managing security threats into five distinct stages: Scoping, Discovery, Prioritization, Validation, and Mobilization. Each of… Read More "How to Get Going with CTEM When You Don’t Know Where to Start"
North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks
Oct 03, 2024Ravie LakshmananCyber Espionage / Threat Intelligence Threat actors with ties to North Korea have been observed delivering a previously undocumented backdoor and remote access trojan (RAT) called VeilShell as part of a campaign targeting Cambodia and likely other… Read More "North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks"
The Secret Weakness Execs Are Overlooking: Non-Human Identities
For years, securing a company’s systems was synonymous with securing its “perimeter.” There was what was safe “inside” and the unsafe outside world. We built sturdy firewalls and deployed sophisticated detection systems, confident that keeping the barbarians outside the walls… Read More "The Secret Weakness Execs Are Overlooking: Non-Human Identities"
Android 14 Adds New Security Features to Block 2G Exploits and Baseband Attacks
Oct 03, 2024Ravie LakshmananMobile Security / Technology Google has revealed the various security guardrails that have been incorporated into its latest Pixel devices to counter the rising threat posed by baseband security attacks. The cellular baseband (i.e., modem) refers to… Read More "Android 14 Adds New Security Features to Block 2G Exploits and Baseband Attacks"