News
-
"Facebook (Meta) To Settle Cambridge Analytica Data Leak for $725M"Facebook (Meta) has agreed to pay $725 million to settle a 2018 class-action lawsuit over the Cambridge Analytica data leak. The proposed settlement is the highest ever reached in a US data privacy class-action, according to the plaintiffs' lawyers. The…
-
"Microsoft Fined $64 Million by France Over Cookies Used in Bing Searches"In an effort to enforce Europe's stricter data protection law, France's privacy authority fined Microsoft $64 million for not providing clear enough instructions for users to reject cookies used for Internet advertisements. CNIL, France's digital privacy…
-
"North Korean Hackers Targeted Nearly 1,000 South Korean Foreign Policy Experts"South Korean authorities believe North Korean hackers working for the government have recently targeted at least 892 foreign policy experts in the country. The authorities noted that the efforts focused on members of think tanks and academics,…
-
"DPRK Hackers Steal NFTs Using Phishing Websites"Hackers from the Democratic People's Republic of Korea (DPRK) created hundreds of phishing websites that imitate popular Non-Fungible Token (NFT) platforms and Decentralized Finance (DeFi) marketplaces. According to the blockchain security firm SlowMist…
-
"Linux Fixes Maximum-Severity Kernel Vulnerability"A kernel-level security vulnerability that affects Server Message Block (SMB) servers has been addressed by a Linux update. The Remote Code Execution (RCE) bug allowed unauthenticated users to execute kernel-level code and was assigned the highest…
-
"Critical Vulnerability in Premium Gift Cards WordPress Plugin Exploited in Attacks"Security researchers that are a part of Defiant’s Wordfence team have discovered a critical-severity vulnerability in the YITH WooCommerce Gift Cards premium WordPress plugin. This vulnerability is currently being exploited in attacks. The…
-
"Container Verification Bug Allows Malicious Images to Cloud Up Kubernetes"A security flaw rated high in severity was found in the Kyverno admission controller for container images that could enable threat actors to import malicious code into cloud-based production systems. The admission controller Kyverno provides a signature…
-
"Enterprises Waste Money on Identity Tools They Don't Use"According to One Identity, misguided company investments in numerous identity tools are insufficient in defending against the current threat landscape. Ninety-six percent of businesses use several identity management technologies, with 41 percent using…
-
"Hacker Claims to Be Selling Twitter Data of 400 Million Users"A threat actor named Ryushi claims to be selling the public and private information of 400 million Twitter users scraped in 2021 via a now-patched Application Programming Interface (API) flaw. They are selling the alleged data dump on the Breached…
-
"GuLoader Malware Utilizing New Techniques to Evade Security Software"CrowdStrike researchers have uncovered a vast array of strategies used by the powerful malware downloader GuLoader to circumvent security protection. Researchers Sarang Sonawane and Donato Onofri of CrowdStrike said in a technical write-up that a new…
-
"Software Bills of Material Face Long Road to Adoption"There are few areas of consensus within the community of cybersecurity specialists and researchers. One of the few exceptions is the requirement for more widespread usage of Software Bills of Materials (SBOMs), a tool that lists a software's components.…
-
"Metaverse Security Concerns Coming Into Focus as Businesses Plan For 'Virtual Reality' Futures"The metaverse refers to Internet-connected Virtual Reality (VR). This technology will be accessible to anyone, and numerous businesses will likely use it to introduce their products and services. A new analysis conducted by Tenable examines the risks…