News
-
"Google, Microsoft Can Get Your Passwords via Web Browser's Spellcheck"Extended spellcheck features in Google Chrome and Microsoft Edge web browsers send form data to Google and Microsoft, including Personally Identifiable Information (PII) and, in some cases, passwords. While this is a known and intended feature of these…
-
"Brussels Intends to Propose Guidelines For Connected Devices' Cybersecurity"The European Commission wants to ensure that commonly connected appliances are less vulnerable to cyberattacks by requiring manufacturers to improve security throughout their entire product lifecycles. The Cyber Resilience Act, which was recently…
-
"Europol and Bitdefender Release Free Decryptor for LockerGoga Ransomware"Bitdefender, a Romanian cybersecurity firm, has made a decryptor for the LockerGoga ransomware available in collaboration with Europol, the No More Ransom project, and Zürich law enforcement authorities. LockerGoga, discovered in January 2019, made…
-
"Protecting Privacy – And Safety – In Encrypted Messaging"Cornell Tech researchers have created a mechanism for maintaining anonymity in encrypted messaging while also blocking unwanted or abusive messages. The group's paper titled, "Orca: Blocklisting in Sender-Anonymous Messaging," was presented at the 31st…
-
"'Digital Mask' Could Protect Patients' Privacy in Medical Records"Using three-dimensional (3D) reconstruction and deep learning algorithms, a team led by scientists from Cambridge and China was able to erase identifiable features from facial images while keeping disease-relevant features required for diagnosis. Facial…
-
"Securing 5G Open RAN Architecture From Cybersecurity Risks"Through the Enduring Security Framework (ESF), the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have published a paper titled, "Open Radio Access Network Security Considerations," which assesses the…
-
"Three Questions About Quantum Computing and Secure Communications"The Biden administration recently published a National Security Memorandum on quantum computing, which warns of the potential dangers of developing quantum computers capable of breaking much of the public-key cryptography used on digital systems.…
-
"North Korean Hackers Spreading Trojanized Versions of PuTTY Client Application"A threat with a North Korean connection has been discovered using a novel spear phishing method involving trojanized versions of the PuTTY SSH and telnet client. Mandiant researchers attributed the new campaign to an emerging threat cluster tracked as…
-
"Vulnerabilities in Aircraft Wireless Network Devices Expose Users to Hacking"Thomas Knudsen and Samy Younsi of Necrum Security Labs discovered two vulnerabilities in Wireless Local Area Network (WLAN) devices commonly used on aircraft. The vulnerabilities were found in the FLEXLAN FXA2000 and FXA3000 series devices from CONTEC Co…
-
"Akamai Stopped New Record-Breaking DDoS Attack in Europe"The cybersecurity and cloud services company Akamai stopped a new record-breaking Distributed Denial-of-Service (DDoS) attack on September 12. DDoS attacks overwhelm servers with fake requests and garbage traffic, rendering them unavailable to legitimate…
-
"School Messaging App Apologizes for 'Inappropriate Image' Sent After Cyberattack"Seesaw is an app used by 10 million teachers, students, and parents across the US. The company released a statement saying it suffered a credential stuffing attack that allowed a malicious actor to send an explicit message using their service. Credential…
-
"Uber Confirms Hack in the Latest Access and Identity Nightmare for Corporate America"Uber confirmed that it had been hacked in what appears to be a damaging compromise of both internal systems and the company's accounts for multiple third-party services. After gaining access to an employee's work account and posting messages advertising…