Google, however, refuted the allegations. “We’ve reviewed the research and determined that Chrome’s behavior does not violate Apple’s policy, and the data is not being used for fingerprinting,” a Google spokesperson said. “Instead, this data is being used to ensure proper device functionality.” According to Google, the data being sent off-device is not being derived…
Read More
May 08, 2024NewsroomWeb Security / Vulnerability A high-severity flaw impacting the LiteSpeed Cache plugin for WordPress is being actively exploited by threat actors to create rogue admin accounts on susceptible websites. The findings come from WPScan, which said that the vulnerability (CVE-2023-40000, CVSS score: 8.3) has been leveraged to set up bogus admin users with…
Read More
In general terms, after exploiting a vulnerability or misconfiguration, the attackers execute a series of infection scripts that prepare the environment, eliminate competing malware, and deploy a cryptomining program and the Kinsing trojan which is used for remote control. These are usually accompanied by a rootkit that’s meant to hide the files and processes of…
Read More
“This is key to advancing both our platform quality and capability such that we can protect the digital estates of our customers and build a safer world for all.” The message is that Microsoft’s priority is no longer ensuring that legacy technology will be accepted and allowed to continue to be acceptable in a modern…
Read More
RSA Conference, San Francisco, May 7, 2024 – Hunters, the pioneer in modern SOC platforms, today announced its full adoption of the Open Cybersecurity Schema Framework (OCSF), coupled with the launch of groundbreaking OCSF-native Search capability. This strategic advancement underscores Hunters’ commitment to standardizing and enhancing cybersecurity operations through open, integrated data sharing frameworks. Uri…
Read MoreApply appropriate updates provided by Google to vulnerable systems immediately after appropriate testing. (M1051: Update Software) Safeguard 7.1: Establish and Maintain a Vulnerability Management Process: Establish and maintain a documented vulnerability management process for enterprise assets. Review and update documentation annually, or when significant enterprise changes occur that could impact this Safeguard. Safeguard 7.4: Perform…
Read MoreWe recommend the following actions be taken Apply appropriate updates provided by Mozilla to vulnerable systems immediately after appropriate testing. (M1051: Update Software)o Safeguard 7.1: Establish and Maintain a Vulnerability Management Process: Establish and maintain a documented vulnerability management process for enterprise assets. Review and update documentation annually, or when significant enterprise changes occur that…
Read More
Image: DocGo Mobile medical care firm DocGo confirmed it suffered a cyberattack after threat actors breached its systems and stole patient health data. DocGo is a healthcare provider that offers mobile health services, ambulance services, and remote monitoring for patients in thirty US states and across the United Kingdom. In a Tuesday evening FORM 8-K filing…
Read More
“OFAC’s regulations generally prohibit all dealings by US persons or within the United States (including transactions transiting the United States) that involve any property or interests in property of blocked persons. In addition, persons that engage in certain transactions with the individual designated today may themselves be exposed to designation.” Sanctions may affect ability of…
Read More
Hackers have been targeting WordPress sites with an outdated version of the LiteSpeed Cache plugin to create administrator users and gain control of the websites. LiteSpeed Cache (LS Cache) is advertised as a caching plugin used in over five million WordPress sites that helps speed up page loads, improve visitor experience, and boost Google Search ranking. Automattic’s security…
Read More