Author: nlqip

Oct 07, 2024Ravie LakshmananCybersecurity / Weekly Recap Ever heard of a “pig butchering” scam? Or a DDoS attack so big it could melt your brain? This week’s cybersecurity recap has it all – government showdowns, sneaky malware, and even a dash of app store shenanigans. Get the scoop before it’s too late! ⚡ Threat of…

Read More

Oct 07, 2024Ravie LakshmananOpen Source / Software Security A critical security flaw has been disclosed in the Apache Avro Java Software Development Kit (SDK) that, if successfully exploited, could allow the execution of arbitrary code on susceptible instances. The flaw, tracked as CVE-2024-47561, impacts all versions of the software prior to 1.11.4. “Schema parsing in…

Read More

Oct 07, 2024Ravie LakshmananData Privacy / Advertising Europe’s top court has ruled that Meta Platforms must restrict the use of personal data harvested from Facebook for serving targeted ads even when users consent to their information being used for advertising purposes, a move that could have serious consequences for ad-driven companies operating in the region.…

Read More

Payment platform MoneyGram says there is no evidence that ransomware is behind a recent cyberattack that led to a five-day outage in September. MoneyGram is an American payment and money transfer platform that allows people to send and receive money through an extensive network of 350,000 physical locations in 200 countries or via its mobile app…

Read More

Users were left alarmed this week on receiving unexpected emails from Google Pay stating that they had successfully “added a new card” to their Google account. The notification left users panicking and voicing their concerns on social media amid concerns they had been victims of a compromise. For many, the payment card being referred to had been issued…

Read More

A 21-year-old man from Indiana named Evan Frederick Light pleaded guilty to stealing $37,704,560 worth of cryptocurrency from 571 victims in a 2022 cyberattack. According to an announcement by the U.S. Department of Justice, Light stole the cryptocurrency from an unnamed investment holdings company based in Sioux Falls, South Dakota. In a Statement of Fact…

Read More

Comcast Cable Communications and Truist Bank have disclosed they were impacted by a data breach at FBCS, and are now informing their respective customers that their data has been compromised. The case concerns a data breach at Financial Business and Consumer Solutions (FBCS), a debt collection agency in the U.S. that partners with various companies…

Read More

Video As highlighted by new ESET research this week, attributing a cyberattack to a specific threat actor is a complex affair 04 Oct 2024 Attributing a cyberattack to a specific threat actor is no easy task, as highlighted by new ESET research published this week. ESET experts recently uncovered a new China-aligned APT group that…

Read More

Oct 05, 2024Ravie LakshmananData Privacy / Mobile Security Apple has released iOS and iPadOS updates to address two security issues, one of which could have allowed a user’s passwords to be read out aloud by its VoiceOver assistive technology. The vulnerability, tracked as CVE-2024-44204, has been described as a logic problem in the new Passwords…

Read More

HACKING 101 BY NO STARCH PRESS Now that Black Friday and Cyber Monday are over, you may still be searching for some great deals. If so, you’ll hardly find a better deal than this one. Humble Bundle has teamed up with the great tech publisher, No Starch Press, to offer deeply discounted hacking e-books for…

Read More