VMware rolls out patch for a high-severity code execution vulnerability in the Fusion hypervisor.
The post VMware Patches High-Severity Code Execution Flaw in Fusion appeared first on SecurityWeek.
SecurityWeek – Read More
An old but persistent email scam known as “sextortion” has a new personalized touch: The missives, which claim that malware has captured webcam footage of recipients pleasuring themselves, now include a photo of the target’s home in a bid to make threats about publishing the videos more frightening and convincing.
This week, several readers reported receiving sextortion emails that addressed them by name and included images of their street or front yard that were apparently lifted from an online mapping application such as Google Maps.
The message purports to have been sent from a hacker who’s compromised your computer and used your webcam to record a video of you while you were watching porn. The missive threatens to release the video to all of your contacts unless you pay a Bitcoin ransom. In this case, the ransom demand is just shy of $2,000, payable by scanning a QR code embedded in the email.
Following a salutation that includes the recipient’s full name, the start of the message reads, “Is visiting [recipient’s street address] a more convenient way to contact if you don’t take action. Nice location btw.” Below that is the photo of the recipient’s street address.
A semi-redacted screenshot of a newish sextortion scam that includes a photo of the target’s front yard.
The message tells people they have 24 hours to pay up, or else their embarrassing videos will be released to all of their contacts, friends and family members.
“Don’t even think about replying to this, it’s pointless,” the message concludes. “I don’t make mistakes, [recipient’s name]. If I notice that you’ve shared or discussed this email with someone else, your shitty video will instantly start getting sent to your contacts.”
The remaining sections of the two-page sextortion message (which arrives as a PDF attachment) are fairly formulaic and include thematic elements seen in most previous sextortion waves. Those include claims that the extortionist has installed malware on your computer (in this case the scammer claims the spyware is called “Pegasus,” and that they are watching everything you do on your machine.
Previous innovations in sextortion customization involved sending emails that included at least one password they had previously used at an account online that was tied to their email address.
Sextortion — even semi-automated scams like this one with no actual physical leverage to backstop the extortion demand — is a serious crime that can lead to devastating consequences for victims. Sextortion occurs when someone threatens to distribute your private and sensitive material if you don’t provide them with images of a sexual nature, sexual favors, or money.
According to the FBI, here are some things you can do to avoid becoming a victim:
-Never send compromising images of yourself to anyone, no matter who they are — or who they say they are.
-Don’t open attachments from people you don’t know, and be wary of opening attachments even from those you do know.
-Turn off [and/or cover] any web cameras when you are not using them.
The FBI says in many sextortion cases, the perpetrator is an adult pretending to be a teenager, and you are just one of the many victims being targeted by the same person. If you believe you’re a victim of sextortion, or know someone else who is, the FBI wants to hear from you: Contact your local FBI office (or toll-free at 1-800-CALL-FBI).
Krebs on Security – Read More
Miami, New York, Paris, Worldwide, 3rd September 2024, CyberNewsWire
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Three men plead guilty to running OTP Agency, a website that enabled criminals to bypass banking security and…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
Malware authors have iterated on one of the premier encryptors on the market, building something even bigger and better.
darkreading – Read More
Included in the purge are static apps, those with limited functionality and content, and apps that crash, freeze, and don’t offer an “engaging user experience,’’ the company said.
Security | TechRepublic – Read More
A corrupted hard drive no longer need lead to the loss of all your data. Today there are cloud services: mail is stored in Gmail, files in Dropbox, notes in Apple Notes, and so on. But even with cloud services there’s no doing without backup. Instead of corrupted drives, they present other surprises: for example, they might shutter, hike subscription prices, lose your data, or use it to train AI. And if your internet ever goes down, online-only data is useless.
So as not to be caught off guard by sudden unavailability or policy changes, always back up your data on your own computer and protect it against ransomware. And backups need to be both readable and usable without proprietary software. They should be able to either be exported to common standard formats (PDF, HTML), or migrated to a “backup” app that works offline and without a subscription.
There is no universal recipe here: each online service has its own procedure. Today we look at backing up data in Notion — a knowledge base and note-taking app.
Notion lets you export data in one of three formats: PDF, HTML or Markdown+CSV. You can export a single note, a group of notes, or even an entire database. But only business and enterprise subscribers can do a full export to PDF format.
For most apps, we recommend exporting to HTML format, as it’s free, saves all types of data, and can be viewed in any browser with no special software required.
You can do the exporting on a desktop computer or mobile device. For small amounts of data, a ZIP-archive download is immediate; for large amounts, you receive a download link by email — which arrives with some delay.
To export several notes or a subpage, press the advanced menu icon (•••), select Export, specify HTML as the export format, and include subpages and all types of content (Everything).
An entire workspace can be exported from the desktop app or web interface. Go to the settings, and under Workspace → Settings, click Export all workspace content. In addition to the above settings, be sure to enable Create folder for subpages.
Only workspace administrators have this export option. For teamspaces, the export won’t include other users’ personal (hidden) pages created within the teamspace.
Having unzipped the archive on your computer to a separate folder, you can open the index.html file in it with any browser and freely navigate through your notes.
To not only view saved notes but also be able to edit them without Notion, you have to migrate your data to another, similar app that works offline or on a server under your control. The list of possible alternatives to Notion warrants a long read all of its own, so here we’ll limit ourselves to just two apps that Notion users often recommend as a substitute.
Obsidian is an app for structured data storage that can work entirely offline, free of charge. There’s a paid service — Obsidian Sync — for synchronizing multiple devices, but users manage without it by placing the storage (vault) in an iCloud folder, or by using third-party plugins for synchronization with SFTP, Amazon S3, Dropbox or other services.
To migrate data from Notion to Obsidian:
Perform a full export of the Notion workspace as per the above instructions.
Install Obsidian and the official import plugin.
Create a vault in Obsidian for the migrated data.
Activate the installed plugin under Settings → Community plugins in Obsidian.
Start the import via the button on the vertical command bar on the left.
Select Notion (.zip) as the import file format, and in the dialog, specify the ZIP file downloaded during export.
Enable Save parent pages in subfolders.
Press Import.
Wait for the import to finish.
For very large databases, you may encounter problems with importing embedded ZIP files, in which case see the help page on the Obsidian website.
AFFiNE is an open-source app offering a workspace with fully merged docs, whiteboards and databases, replacing, the developers say, both Notion and Miro. The business model is based on paid plans and AI assistants, but the app can work offline and even function as a standalone server wholly on your own infrastructure.
Content export from Notion is built right into the AFFiNE desktop app, so the procedure is quite straightforward:
Perform a full export from Notion.
Unzip the file to a separate folder on your computer.
Install AFFiNE and create a workspace.
Run the import by going to All pages → New Page → More options → Import page.
Choose import from markdown files, and select the html file from the unpacked folder.
Visit the AFFiNE website for a video guide to importing from Notion.
And remember to protect local backups of your important data against stealers and ransomware with the help of Kaspersky Premium.
Kaspersky official blog – Read More
Dutch agency said a database with billions of photos of faces amounted to serious violations of GDPR.
The post Clearview AI Fined $33.7 Million by Dutch Data Protection Watchdog Over ‘Illegal Database’ of Faces appeared first on SecurityWeek.
SecurityWeek – Read More
Cybersecurity researchers have unpacked the inner workings of a new ransomware variant called Cicada3301 that shares similarities with the now-defunct BlackCat (aka ALPHV) operation.
“It appears that Cicada3301 ransomware primarily targets small to medium-sized businesses (SMBs), likely through opportunistic attacks that exploit vulnerabilities as the initial access vector,” cybersecurity
The Hacker News – Read More
Security researchers have identified six vulnerabilities, including a race condition in the Bluetooth RFCOMM protocol driver that can crash the system, a race condition in the Bluetooth subsystem, and a double-free error in the net/mlx5e module.
Cyware News – Latest Cyber News – Read More
