News
-
"US Police Deployed Obscure Smartphone Tracking Tool With No Warrants"Researchers at the Associated Press (AP) discovered that various law enforcement agencies in Southern California and North Carolina have deployed an obscure cellphone tracking tool dubbed "Fog Reveal," sometimes without search warrants. The…
-
"CVSS Vulnerability Scores Can Be Misleading: Security Researchers"During a new study, security researchers at Flashpoint analyzed 11,860 vulnerabilities in the first six months of 2022. The researchers stated that vulnerability management systems based on the Common Vulnerability Scoring System (CVSS) v2 scoring…
-
"Neopets Hackers Had Network Access for 18 Months"Neopets, a game that lets players create and care for virtual pets inside a fantasy world, has released an "Important Announcement" urging its members to update their passwords and confirming that the company's IT systems were compromised. The…
-
"Ghost Data Increases Enterprise Business Risk"Security researchers at Cyera stated that cloud sprawl is a big issue for organizations, with business teams using cloud systems and services on their own, often without IT oversight. That leads to cloud data sprawl as data is scattered across…
-
"Threat Actor Phishing PyPI Users Identified"A previously unknown group dubbed "JuiceLedger" has been identified as the threat actor behind a recent phishing campaign specifically targeting users of the Python Package Index (PyPI). The threat actor first appeared earlier this year and is focused on…
-
"Researcher Unveils Smart Lock Hack for Fingerprint Theft"A paper recently published by James Cook University Singapore describes how an attacker could covertly harvest fingerprints using off-the-shelf hardware through a smart lock hack technique called droplock. According to author and senior cybersecurity…
-
"Google Chrome Bug Lets Sites Silently Overwrite System Clipboard Content"A security flaw in Google Chrome and Chromium-based alternatives could allow malicious web pages to overwrite clipboard content without user consent or interaction simply by visiting them. According to developer Jeff Johnson, the clipboard poisoning…
-
"Health-ISAC Provides Zero Trust Security Guidance to Healthcare CISOs"The Health Information Sharing and Analysis Center (Health-ISAC) published a guide to help healthcare CISOs better understand and implement zero trust security strategies. Identity and Access Management (IAM), cloud security gateways, data and network…
-
"Privacy-Preserving Camera Captures Only the Objects You Want"Digital cameras are present in embedded in smartphones, smart eyewear, security surveillance systems, autonomous vehicles, facial recognition technologies, and more. As the volume of image data captured by cameras has increased, so have concerns about…
-
"NCSC and Federal Partners Focus on Countering Risk in Digital Spaces During National Insider Threat Awareness Month 2022"The National Counterintelligence and Security Center (NCSC), the National Insider Threat Task Force (NITTF), the Office of the Under Secretary of Defense Intelligence and Security, the Defense Counterintelligence and Security Agency (DCSA), and the…
-
"NSA, CISA, ODNI Release Software Supply Chain Guidance for Developers"The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and the Office of the Director of National Intelligence (ODNI) have released the guide, "Securing the Software Supply Chain for Developers." The guidance is…
-
"Apple Releases Update for iOS 12 to Patch Exploited Vulnerability"Apple has recently released an iOS 12 update for older iPhone and iPad devices, patching a vulnerability that was reportedly exploited by threat actors. According to Apple, the flaw would allow the processing of maliciously crafted web content,…