NIST is seeking public feedback on the draft guidelines, which can be submitted via email until October 7. The goal is to promote sensible password practices that enhance security without burdening users or compromising their online identity.
Cyware News – Latest Cyber News – Read More
A watering hole attack targeted Kurdish websites, distributing malicious APKs and spyware, compromising 25 sites for over a year. French cybersecurity firm Sekoia uncovered the campaign called SilentSelfie, delivering various info-stealers.
Cyware News – Latest Cyber News – Read More
The Irish Data Protection Commission (DPC) has fined Meta €91 million ($101.56 million) as part of a probe into a security lapse in March 2019, when the company disclosed that it had mistakenly stored users’ passwords in plaintext in its systems.
The investigation, launched by the DPC the next month, found that the social media giant violated four different articles under the European Union’s
The Hacker News – Read More
Gavin Newsom vetoed a landmark bill SB 1047 aimed at establishing first-in-the-nation safety measures for large artificial intelligence models.
The post California Governor Vetoes Bill to Create First-in-Nation AI Safety Measures appeared first on SecurityWeek.
SecurityWeek – Read More
Plus: The US Justice Department indicts three Iranians over Trump campaign hack, EU regulators fine Meta $100 million for a password security lapse, and the Tor Project enters a new phase.
Security Latest – Read More
Cybersecurity researchers have discovered a malicious Android app on the Google Play Store that enabled the threat actors behind it to steal approximately $70,000 in cryptocurrency from victims over a period of nearly five months.
The dodgy app, identified by Check Point, masqueraded as the legitimate WalletConnect open-source protocol to trick unsuspecting users into downloading it.
“Fake
The Hacker News – Read More
HPE has released patches for three critical security vulnerabilities in Aruba’s networking access points, which could allow attackers to run code on the systems by sending specially crafted packets to UDP port 8211.
Cyware News – Latest Cyber News – Read More
The most severe issue is a stack-based buffer overflow vulnerability (CVE-2024-34026) that allows an attacker to execute remote code. Users are advised to update to the latest version of OpenPLC to protect against these security risks.
Cyware News – Latest Cyber News – Read More
The vulnerabilities could be exploited to remotely control Kia vehicles equipped with remote hardware in under 30 seconds, exposing the sensitive personal information of car owners.
Cyware News – Latest Cyber News – Read More
The Brazilian-targeted threat BBTok has a complex infection chain that starts with an email containing an ISO image. The malware compiles C# code directly on the infected machine and uses the AppDomain Manager Injection technique.
Cyware News – Latest Cyber News – Read More