-
"PyPI Repository Under Attack: User Sign-Ups and Package Uploads Temporarily Halted"The maintainers of Python Package Index (PyPI), the official third-party software repository for the Python programming language, have disabled, until further notice, the ability for users to register and upload new packages. The volume of malicious…
-
"Android Phones Are Vulnerable to Fingerprint Brute-Force Attacks"A team of researchers from Tencent Labs and Zhejiang University has presented a new attack dubbed 'BrutePrint,' which brute-forces fingerprints on modern smartphones to circumvent user authentication and seize control of the device. Performing brute-…
-
"Malicious Links and Misaddressed Emails Slip Past Security Controls"
According to Armorblox, most organizations use six or more communication tools across channels, with email remaining the most vulnerable channel to attacks (38 percent). Multiple-channel attacks are picking up momentum and gaining frequency, according to…
-
"3 Common Initial Attack Vectors Account for Most Ransomware Campaigns"Most ransomware attackers use one of three primary vectors to infiltrate networks and gain access to organizations' critical systems and data. According to researchers, the most significant vector for successful ransomware attacks in 2022 was the…
-
"Ask the Expert: How New Research Can Help Protect Private Data"As an associate professor in the Department of Computer Science and Engineering at Michigan State University, Dr. Borzoo Bonakdarpour works to prevent the exposure of private information. Well-publicized instances of individuals being hacked due to…
-
"Tech Mandated by Online Safety Bill 'Could Turn Phones Into Surveillance Tools'"According to new research from Imperial College London, the technology mandated by the UK's Online Safety Bill could be used to transform millions of phones into facial recognition tools. Client-Side Scanning (CSS) was examined in regard to its potential…
-
"NATO Member Websites Targeted by Pro-Russian Hackers"
The pro-Russian hacking group UserSec has announced the start of a new cyber campaign targeting and defacing the websites of North Atlantic Treaty Organization (NATO) member countries. On their official UserSec Telegram channel, the group posted an…
-
-
"Congress Looks to Expand CISA’s Role, Adding Responsibilities For Satellites And Open Source Software"Lawmakers recently passed a series of bills to give the Cybersecurity and Infrastructure Security Agency (CISA) new responsibilities when it comes to safeguarding open source software, protecting U.S. critical infrastructure, and expanding the…
-
"KeePass 2.X Master Password Dumper Allows Retrieving the KeePass Master Password"
KeePass 2.X Master Password Dumper is a proof-of-concept (PoC) tool developed by the security researcher Vdohney that retrieves the master password for KeePass. The tool exploits the unpatched vulnerability in KeePass, tracked as CVE-2023-32784, to…
-
"Dark Web ChatGPT Unleashed: Meet DarkBERT"
The snowball effect caused by Large Language Models (LLMs) such as ChatGPT is still in the early stages. Combined with the open-sourcing of other Generative Pre-Trained Transformer (GPT) models, the number of Artificial Intelligence (AI)-based…
-
"FTC to Crack Down on Biometric Tech, Health App Data Privacy Violations"The Federal Trade Commission (FTC) plans to update its Health Breach Notification Rule (HBNR) to clarify language regarding security breaches, user consent, and other functions, which will result in stricter enforcement for developers of consumer-driven…
News