Author: nlqip
Oct 07, 2024Ravie LakshmananOpen Source / Software Security A critical security flaw has been disclosed in the Apache Avro Java Software Development Kit (SDK) that, if successfully exploited, could allow the execution of arbitrary code on susceptible instances. The flaw, tracked as CVE-2024-47561, impacts all versions of the software prior to 1.11.4. “Schema parsing in…
Read More
Oct 07, 2024Ravie LakshmananData Privacy / Advertising Europe’s top court has ruled that Meta Platforms must restrict the use of personal data harvested from Facebook for serving targeted ads even when users consent to their information being used for advertising purposes, a move that could have serious consequences for ad-driven companies operating in the region.…
Read More
Payment platform MoneyGram says there is no evidence that ransomware is behind a recent cyberattack that led to a five-day outage in September. MoneyGram is an American payment and money transfer platform that allows people to send and receive money through an extensive network of 350,000 physical locations in 200 countries or via its mobile app…
Read More
Users were left alarmed this week on receiving unexpected emails from Google Pay stating that they had successfully “added a new card” to their Google account. The notification left users panicking and voicing their concerns on social media amid concerns they had been victims of a compromise. For many, the payment card being referred to had been issued…
Read More
A 21-year-old man from Indiana named Evan Frederick Light pleaded guilty to stealing $37,704,560 worth of cryptocurrency from 571 victims in a 2022 cyberattack. According to an announcement by the U.S. Department of Justice, Light stole the cryptocurrency from an unnamed investment holdings company based in Sioux Falls, South Dakota. In a Statement of Fact…
Read More
Comcast Cable Communications and Truist Bank have disclosed they were impacted by a data breach at FBCS, and are now informing their respective customers that their data has been compromised. The case concerns a data breach at Financial Business and Consumer Solutions (FBCS), a debt collection agency in the U.S. that partners with various companies…
Read More
Video As highlighted by new ESET research this week, attributing a cyberattack to a specific threat actor is a complex affair 04 Oct 2024 Attributing a cyberattack to a specific threat actor is no easy task, as highlighted by new ESET research published this week. ESET experts recently uncovered a new China-aligned APT group that…
Read More
Oct 05, 2024Ravie LakshmananData Privacy / Mobile Security Apple has released iOS and iPadOS updates to address two security issues, one of which could have allowed a user’s passwords to be read out aloud by its VoiceOver assistive technology. The vulnerability, tracked as CVE-2024-44204, has been described as a logic problem in the new Passwords…
Read More
HACKING 101 BY NO STARCH PRESS Now that Black Friday and Cyber Monday are over, you may still be searching for some great deals. If so, you’ll hardly find a better deal than this one. Humble Bundle has teamed up with the great tech publisher, No Starch Press, to offer deeply discounted hacking e-books for…
Read More
An important step toward securing the Internet was achieved on December 4, 2020, when President Trump signed an IoT security bill into law. The Internet of Things Cybersecurity Improvement Act of 2020 has been in the works since 2017 and was passed by the U.S. House of Representatives in September 2020 and the U.S. Senate…
Read More