Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability

/in

Apple has released iOS and iPadOS updates to address two security issues, one of which could have allowed a user’s passwords to be read out aloud by its VoiceOver assistive technology.
The vulnerability, tracked as CVE-2024-44204, has been described as a logic problem in the new Passwords app impacting a slew of iPhones and iPads. Security researcher Bistrit Daha has been credited with

The Hacker News – ​Read More

MITRE Launches AI Incident Sharing Initiative

/in

The collaboration with industry partners will improve collective AI defenses. Trusted contributors receive protected and anonymized data on real-world AI incidents.

darkreading – ​Read More

How open-source LLMs enable security teams to stay ahead of evolving threats

/in

Open-source LLMs are revolutionizing cybersecurity, serving as a strong catalyst for increasing innovation.Read More

Security News | VentureBeat – ​Read More

Setting Up Your Network Security? Avoid These 4 Mistakes

/in

Learn how to execute the fundamentals, harden your defenses, and protect your business’s network security with no high-tech software.

Security | TechRepublic – ​Read More

Why MFA alone won’t protect you in the age of adversarial AI

/in

While MFA is still critical in identity verification, experts say it should be just a small piece of the authentication process. Read More

Security News | VentureBeat – ​Read More

Microsoft, DOJ Dismantle Russian Hacker Group Star Blizzard

/in

The successful disruption of notorious Russian hacker group Star Blizzard’s operations arrives one month out from the US presidential election — one of the APT’s prime targets.

darkreading – ​Read More

iPhone ‘VoiceOver’ Feature Could Read Passwords Aloud

/in

CVE-2024-44204 is one of two new Apple iOS security vulnerabilities that showcase an unexpected coming together of privacy snafus and accessibility features.

darkreading – ​Read More

Insider Threat Damage Balloons as Visibility Gaps Widen

/in

A growing number of organizations are taking longer to get back on their feet after an attack, and they’re paying high price tags to do so — up to $2M or more.

darkreading – ​Read More

DoJ, Microsoft Seize 100 Russian Phishing Sites Targeting US

/in

DoJ and Microsoft seized over 100 sites used by Russian hackers for phishing campaigns targeting the U.S. The…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

Over 5,000 Fake Microsoft Notifications Fueling Email Compromise Campaigns

/in

Check Point documented 5,000 emails coming from legitimate-looking organizational domains.

Security | TechRepublic – ​Read More