News
-
"Microsoft Patches Azure Cross-Tenant Data Access Flaw"Microsoft has recently silently fixed an important-severity security flaw in its Azure Container Service (ACS) after an external researcher warned that a buggy feature allowed cross-tenant network bypass attacks. The vulnerability effectively…
-
"Military Branches Losing Expensive Cyber Talent to the Private Sector, Watchdog Says"According to a report released by the Government Accountability Office (GAO), the Department of Defense (DOD) spends hundreds of thousands of dollars training military personnel to complete advanced cyber courses, but not all armed forces have…
-
"Even the FBI Says You Should Use an Ad Blocker"The FBI issued a warning that cybercriminals are using Internet ads in search results to steal or extort money from victims. In a pre-holiday public service announcement, the FBI stated that cybercriminals are purchasing ads to spoof real brands such as…
-
"President Biden Signs Quantum Cybersecurity Preparedness Act into Law"US President Joe Biden has recently signed the Quantum Computing Cybersecurity Preparedness Act into law. The law is designed to secure the federal government systems and data against the threat of quantum-enabled data breaches ahead of "Q Day,"…
-
"Cisco Talos Report: Threat Actors Use Known Excel Vulnerability"Some cybercriminals have traditionally targeted Microsoft Office files, specifically Excel and Word documents. Attackers have used embedded Visual Basic for Applications (VBA) macros to infect computers with various types of malware for cybercrime and…
-
"Google Expands Open-Source Software Portfolio With New Privacy Capabilities"Google has announced two open-source solutions to help organizations more easily process user data in accordance with privacy requirements. The first technology is called Magritte, which blurs items in videos, such as license plates. The other is a new…
-
"Vice Society Ransomware Gang Is Using a Custom Locker"Researchers from SentinelOne found that the Vice Society ransomware group has begun custom ransomware involving a powerful encryption strategy, which utilizes the NTRUEncrypt and ChaCha20-Poly1305 algorithms. Since June 2021, Vice Society ransomware has…
-
"Study Finds AI Assistants Help Developers Produce Code That's More Likely to Be Buggy"Stanford University computer scientists have discovered that programmers who accept assistance from Artificial Intelligence (AI) tools such as GitHub Copilot write less secure code than those who do not. In a paper titled, "Do Users Write More Insecure…
-
"BetMGM Confirms Breach as Hackers Offer to Sell Data of 1.5 Million Customers"MGM Resorts-owned online sports betting company BetMGM recently confirmed that it suffered a data breach the same day hackers offered to sell a database containing the information of 1.5 million BetMGM customers. BetMGM said, “patron records were…
-
"Killnet Targeted US Healthcare Sector Organization"The US Department of Health and Human Services Cybersecurity Coordination Center (HC3) says that the pro-Russian threat actor group Killnet has tried to achieve its political goals by targeting American hospitals and healthcare groups. After Russia…
-
"Threat Predictions for 2023: From Hacktivism to Cyberwar"Trellix forecasts an increase in geopolitically motivated attacks across Asia and Europe in 2023, as well as hacktivism spurred by tensions between competing political parties and vulnerabilities in core software supply chains. In cybersecurity,…
-
"Google WordPress Plug-in Bug Allows AWS Metadata Theft"A Server-Side Request Forgery (SSRF) vulnerability in the Google Web Stories plugin for WordPress could be exploited to obtain Amazon Web Services (AWS) metadata from sites hosted on the AWS server. This metadata may contain sensitive data such as…