Despite the progress in improving cybersecurity posture, the United States still faces various threats, including ransomware attacks, cyberattacks on critical infrastructure, and the growing use of artificial intelligence in malicious activities.
Cyware News – Latest Cyber News – Read More
The two vulnerabilities, an SQL injection flaw (CVE-2024-26026) and an OData injection vulnerability (CVE-2024-21793), could allow attackers to gain admin control and create hidden rogue accounts on managed assets.
Cyware News – Latest Cyber News – Read More
Zscaler says its customer, production and corporate environments are not impacted after a notorious hacker offers to sell access.
The post Zscaler Investigates Hacking Claims After Data Offered for Sale appeared first on SecurityWeek.
SecurityWeek – Read More
For the 346th episode of the Kaspersky Transatlantic Cable Podcast, Jag and I dive into a handful of stories that tie back to disinformation, privacy, people persisting, before ending with the WTF story of the week (and perhaps year).
We kick things off discussing WhatsApp and encryption, but more importantly how the app’s boss understands that it is being used – even in countries where there are bans on the popular messenger app. From there, we jump into the story from last week that impacts users of DropBox. After covering what it is, we discuss some safety measures that can be used by people using the service.
For our third story, we dive into the world of TikTok. While the US ban may be top of mind, we are actually crossing the world to discuss a recent phenomenon on the app that ties back to North Korea. It isn’t a hack, but rather an odd case of a propaganda song from the country going viral on the popular platform. Who would have thought that disinformation could go viral? But hey, I guess the beat slaps (as the kids say).
After that bit of head scratching, we head back to the US where recent research has shown that phishing sites impersonating the USPS are getting almost as much traffic as the real site. To close things out, we dive into AI and porn. More specifically, a new app being advertised on PornHub that allows anyone with the app to see any person neked, with the help of AI and without consent.
If you liked what you heard, please consider subscribing.
Tens of millions secretly use WhatsApp despite bans
Dropbox says hackers stole customer data, auth secrets from eSignature service
Why North Korea’s latest propaganda bop is a huge TikTok hit
US Post Office phishing sites get as much traffic as the real one
Pornhub’s Nonconsensual ‘Nudify’ Ad
Kaspersky official blog – Read More
Two security vulnerabilities have been discovered in F5 Next Central Manager that could be exploited by a threat actor to seize control of the devices and create hidden rogue administrator accounts for persistence.
The remotely exploitable flaws “can give attackers full administrative control of the device, and subsequently allow attackers to create accounts on any F5 assets managed by the Next
The Hacker News – Read More
An attacker accessed personal information of over 225,000 active, reserve, and former UK military members from third-party payroll processing system.
darkreading – Read More
Iran follows in Russia’s disinformation footsteps but with a different, more economical, and potentially higher-impact model.
darkreading – Read More
Post Content
darkreading – Read More
Post Content
darkreading – Read More
Post Content
darkreading – Read More