Google Chrome’s uBlock Origin Purge Has Begun
Plus: The alleged SEC X account hacker gets charged, Kroger wriggles out of a face recognition scandal, and Microsoft deals with missing customer security logs.
Security Latest – Read More
Acronym Overdose – Navigating the Complex Data Security Landscape
In the modern enterprise, data security is often discussed using a complex lexicon of acronyms—DLP, DDR, DSPM, and many others. While these acronyms represent critical frameworks, architectures, and tools for protecting sensitive information, they can also overwhelm those trying to piece together an effective security strategy. This article aims to demystify some of the most important acronyms
The Hacker News – Read More
Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks
A nascent threat actor known as Crypt Ghouls has been linked to a set of cyber attacks targeting Russian businesses and government agencies with ransomware with the twin goals of disrupting business operations and financial gain.
“The group under review has a toolkit that includes utilities such as Mimikatz, XenAllPasswordPro, PingCastle, Localtonet, resocks, AnyDesk, PsExec, and others,”
The Hacker News – Read More
The Disinformation Warning Coming From the Edge of Europe
Moldova is facing a tide of disinformation unprecedented in complexity and aggression, the head of a new center meant to combat it tells WIRED. And platforms like Facebook, TikTok, Telegram and YouTube could do more.
Security Latest – Read More
Southeast Asia reiterates pledge to collaborate amid growing cyber threats in AI era
ASEAN member states now have a physical CERT facility located in Singapore to exchange threat intel and best practices.
Latest stories for ZDNET in Security – Read More
MacOS Safari ‘HM Surf’ Exploit Exposes Camera, Mic, Browser Data
Microsoft researchers toyed with app permissions to uncover CVE-2024-44133, using it to access sensitive user data. Adware merchants may have as well.
darkreading – Read More
Time to Get Strict With DMARC
Adoption of the email authentication and policy specification remains low, and only about a tenth of DMARC-enabled domains enforce policies. Everyone is waiting for major email providers to get strict.
darkreading – Read More
CISOs: Throwing Cash at Tools Isn’t Helping Detect Breaches
A survey shows three-quarters of CISOs are drowning in threat detections put out by a sprawling stack of tools, yet still lack the basic visibility necessary to identify breaches.
darkreading – Read More
ESET-Branded Wiper Attack Targets Israel; Firm Denies Compromise
The security firm is denying an assessment that its systems were compromised in Israel by pro-Palestinian cyberattackers, but acknowledged an attack on one of its partners.
darkreading – Read More
Vulnerabilities, AI Compete for Software Developers’ Attention
This year, the majority of developers have adopted AI assistants to help with coding and improve code output, but most are also creating more vulnerabilities that take longer to remediate.
darkreading – Read More