Many apps abuse the background processing feature to transmit device data to their servers, potentially enabling fingerprinting and persistent tracking, which is strictly prohibited in iOS.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-01-26 20:06:532024-01-26 20:06:53iPhone Apps Abuse iOS Push Notifications to Collect User Data
The threat actor, known as APT29 or BlueBravo, uses diverse methods including compromised accounts, OAuth applications, and password spraying to gain and maintain access, making traditional indicators of compromise-based detection ineffective.
The stolen data includes raw genotype data, health reports, and information from DNA Relatives and Family Tree profiles, potentially exposing personal and ancestral information of affected customers.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-01-26 17:06:342024-01-26 17:06:34Update: Hackers Stole Raw Genotype Data, Health Reports in 23andMe Data Breach
Refined tactics, increased collaboration between groups, and continued success exploiting zero-days is helping ICS ransomware attackers inflict more damage, researchers find.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-01-26 16:06:422024-01-26 16:06:42CISO Corner: Deep Dive Into SecOps, Insurance, & CISOs’ Evolving Role
The integration of different disciplines of cybersecurity and fraud management is a necessary evolution in the face of increasingly sophisticated digital threats.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-01-26 16:06:412024-01-26 16:06:41Redefining Cybersecurity for a Comprehensive Security Posture
Noteworthy stories that might have slipped under the radar: guidance on secure use of AI, HHS grant money stolen by hackers, CISA director target of swatting.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-01-26 14:09:352024-01-26 14:09:35In Other News: Secure Use of AI, HHS Hacking, CISA Director Swatting
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
iPhone Apps Abuse iOS Push Notifications to Collect User Data
/in General NewsMany apps abuse the background processing feature to transmit device data to their servers, potentially enabling fingerprinting and persistent tracking, which is strictly prohibited in iOS.
Cyware News – Latest Cyber News – Read More
Microsoft Warns of Widening APT29 Espionage Attacks Targeting Global Firms
/in General NewsThe threat actor, known as APT29 or BlueBravo, uses diverse methods including compromised accounts, OAuth applications, and password spraying to gain and maintain access, making traditional indicators of compromise-based detection ineffective.
Cyware News – Latest Cyber News – Read More
Update: Hackers Stole Raw Genotype Data, Health Reports in 23andMe Data Breach
/in General NewsThe stolen data includes raw genotype data, health reports, and information from DNA Relatives and Family Tree profiles, potentially exposing personal and ancestral information of affected customers.
Cyware News – Latest Cyber News – Read More
ICS Ransomware Danger Rages Despite Fewer Attacks
/in General NewsRefined tactics, increased collaboration between groups, and continued success exploiting zero-days is helping ICS ransomware attackers inflict more damage, researchers find.
darkreading – Read More
Pegasus Spyware Targets Togolese Journalists’ Mobile Devices
/in General NewsAn investigation into 2021 intrusions uncovered multiple infections on the phones of journalists in the African country.
darkreading – Read More
CISO Corner: Deep Dive Into SecOps, Insurance, & CISOs’ Evolving Role
/in General NewsOur collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps.
darkreading – Read More
Redefining Cybersecurity for a Comprehensive Security Posture
/in General NewsThe integration of different disciplines of cybersecurity and fraud management is a necessary evolution in the face of increasingly sophisticated digital threats.
darkreading – Read More
In Other News: Secure Use of AI, HHS Hacking, CISA Director Swatting
/in General NewsNoteworthy stories that might have slipped under the radar: guidance on secure use of AI, HHS grant money stolen by hackers, CISA director target of swatting.
The post In Other News: Secure Use of AI, HHS Hacking, CISA Director Swatting appeared first on SecurityWeek.
SecurityWeek – Read More
Westermo Switch Vulnerabilities Can Facilitate Attacks on Industrial Organizations
/in General NewsCISA informs organizations that Westermo Lynx switches are affected by eight vulnerabilities and some devices are reportedly exposed to the internet.
The post Westermo Switch Vulnerabilities Can Facilitate Attacks on Industrial Organizations appeared first on SecurityWeek.
SecurityWeek – Read More
Critical Jenkins Vulnerability Leads to Remote Code Execution
/in General NewsA critical vulnerability in Jenkins’ built-in CLI allows remote attackers to obtain cryptographic keys and execute arbitrary code.
The post Critical Jenkins Vulnerability Leads to Remote Code Execution appeared first on SecurityWeek.
SecurityWeek – Read More