Android’s New Identity Check Feature Locks Device Settings Outside Trusted Locations

/in

Google has launched a new feature called Identity Check for supported Android devices that locks sensitive settings behind biometric authentication when outside of trusted locations.
“When you turn on Identity Check, your device will require explicit biometric authentication to access certain sensitive resources when you’re outside of trusted locations,” Google said in a post announcing the

The Hacker News – ​Read More

CISA Adds Five-Year-Old jQuery XSS Flaw to Exploited Vulnerabilities List

/in

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday placed a now-patched security flaw impacting the popular jQuery JavaScript library to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The medium-severity vulnerability is CVE-2020-11023 (CVSS score: 6.1/6.9), a nearly five-year-old cross-site scripting (XSS) bug that could be

The Hacker News – ​Read More

War Game Pits China Against Taiwan in All-Out Cyberwar

/in

At Black Hat and DEF CON, cybersecurity experts were asked to game out how Taiwan could protect its communications and power infrastructure in case of invasion by China.

darkreading – ​Read More

Tesla Gear Gets Hacked Multiple Times in Pwn2Own Contests

/in

The first team to successfully hack the electric vehicle maker’s charger won $50,000 for their ingenuity.

darkreading – ​Read More

CISA Calls For Action to Close the Software Understanding Gap

/in

Post Content

darkreading – ​Read More

OpenAI says it may store deleted Operator data for up to 90 days

/in

OpenAI says that it might store chats and associated screenshots from customers who use Operator, the company’s AI “agent” tool, for up to 90 days — even after a user manually deletes them. OpenAI has a similar deleted data retention policy for ChatGPT, its AI-powered chatbot platform. However, the retention period for ChatGPT is only […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Security News | TechCrunch – ​Read More

Chinese PlushDaemon APT Targets S. Korean IPany VPN with Backdoor

/in

Cybersecurity firm ESET uncovers PlushDaemon, a previously unknown APT group targeting South Korea, deploying a SlowStepper backdoor. This…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

Cloudflare CDN Bug Outs User Locations on Signal, Discord

/in

Attackers can use a zero- or one-click flaw to send a malicious image to targets — an image that can deanonymize a user within seconds, posing a threat to journalists, activists, hackers, and others whose locations are sensitive.

darkreading – ​Read More