Month: August 2024
CVE-2024-7971, which also received a CVSS rating of 8.8 out of 10, was fixed by Google last week in the same release that also patched CVE-2024-7965. Both the flaws were fixed in Chrome version 128.0.6613.84/.85 for Windows/macOS systems and version 128.0.6613.84 Linux users. The other eight vulnerabilities that make up the list of zero-days Google…
Read MoreThe Present and Future of TV Surveillance Ars Technica has a good article on what’s happening in the world of television surveillance. More than even I realized. Tags: privacy, surveillance, television, tracking Posted on August 27, 2024 at 7:08 AM • 0 Comments Sidebar photo of Bruce Schneier by Joe MacInnis. Source link lol
Read More
A handful of Russian government institutions have partnered up with Standoff 365 and BI.ZONE, which indicates a change in the perception bug bounty programs and the Russian hacking community, which until recently was seen as a threat to security rather than a means of enhancing it. In February 2023, the Ministry of Digital Development enrolled 10 of…
Read More
How to protect your business against phishing A big part of protecting your business, employees, and customers from phishing attacks is by leveraging industry standards and implementing best practices whenever possible. Standards like Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting, and Conformance (DMARC) are all intended to fight the…
Read More
Aug 27, 2024Ravie LakshmananVulnerability / Browser Security Google has revealed that a security flaw that was patched as part of a security update rolled out last week to its Chrome browser has come under active exploitation in the wild. Tracked as CVE-2024-7965, the vulnerability has been described as an inappropriate implementation bug in the V8…
Read More
Aug 27, 2024Ravie LakshmananAI Security / Vulnerability Details have emerged about a now-patched vulnerability in Microsoft 365 Copilot that could enable the theft of sensitive user information using a technique called ASCII smuggling. “ASCII Smuggling is a novel technique that uses special Unicode characters that mirror ASCII but are actually not visible in the user…
Read More
Video, Mobile Security The world of Android threats is quite vast and intriguing. In this episode, Becks and Lukáš demonstrate how easy it is to take over your phone, with some added tips on how to stay secure 26 Aug 2024 Android threats are a serious business. Among them is the Blue Ducky script, which…
Read More
Risks from exposed documents In his report Fowler noted that the potential risks of invoice fraud from stolen documents affect both business-to-customer (B2C) and business-to-business (B2B) transactions. “Exposed invoices and internal business documents can potentially serve as a template for criminals to target victims using internal information that only the business and the customer would…
Read More
Today, Google revealed that it patched the tenth zero-day exploited in the wild in 2024 by attackers or security researchers during hacking contests. Tracked as CVE-2024-7965 and reported by a security researcher known only as TheDog, the now-patched high-severity vulnerability is described as an inappropriate implementation in Google Chrome’s V8 JavaScript engine that can let remote attackers exploit heap corruption…
Read More
Patelco Credit Union warns customers it suffered a data breach after personal data was stolen in a RansomHub ransomware attack earlier this year. Though the organization did not name the attackers, the RansomHub gang claimed responsibility on August 15, 2024, when they published all of the stolen data on their extortion portal. Patelco is an…
Read More