“The sophisticated nature of this attack and the use of highly future-proof crypto algorithms (Ed448 vs the more standard Ed25519) led many to believe that the attack may be a nation-state level cyberattack,” researchers from security firm JFrog noted in an analysis. Who is affected by the XZ Utils backdoor? The backdoor is present in…
Read MoreThe content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. The intricate world of cybercrime continues to evolve, and with it emerges a disturbing trend known as “digital arrests.” In this scam, fraudsters…
Read MoreCISA released one Industrial Control Systems (ICS) advisory on April 2, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations. Source link lol
Read MoreApr 02, 2024NewsroomFirmware Security / Vulnerability The malicious code inserted into the open-source library XZ Utils, a widely used package present in major Linux distributions, is also capable of facilitating remote code execution, a new analysis has revealed. The audacious supply chain compromise, tracked as CVE-2024-3094 (CVSS score: 10.0), came to light last week when…
Read MoreApr 02, 2024NewsroomCyber Espionage / Threat Intelligence A threat activity cluster tracked as Earth Freybug has been observed using a new malware called UNAPIMON to fly under the radar. “Earth Freybug is a cyberthreat group that has been active since at least 2012 that focuses on espionage and financially motivated activities,” Trend Micro security researcher…
Read MoreOn Tuesday, 26 March, Amazon was supposed to have delivered an iPhone 15 and an accompanying Otterbox case to my home. Amazon said it would require a signature upon delivery. So, I naturally ensured that I was home all day so I could sign for the delivery – which I had spent over £700 on.…
Read MoreCloud solutions are more mainstream – and therefore more exposed – than ever before. In 2023 alone, a staggering 82% of data breaches were against public, private, or hybrid cloud environments. What’s more, nearly 40% of breaches spanned multiple cloud environments. The average cost of a cloud breach was above the overall average, at $4.75…
Read More“The Google Chrome settlement is part of a broader trend of consumers filing complaints about their data being used in ways they don’t expect,” said Stephanie Liu, senior analyst at Forrester. “The heart of this lawsuit was about Incognito Mode’s claim of ‘Now you can browse privately.’ (Google updated the language in response to the lawsuit.)…
Read MoreSecuriti Data Command Center DSPM Data Command Center adds a variety of breach and compliance management features to its tool, and it supports data streaming technologies such as Confluent, Kafka, Kinesis, and Google PubSub. It comes with 350 content classifiers that support multiple languages along with more than a thousand pre-defined detection rules. It integrates…
Read MoreApr 02, 2024NewsroomBrowser Security / Data Security Google has agreed to purge billions of data records reflecting users’ browsing activities to settle a class action lawsuit that claimed the search giant tracked them without their knowledge or consent in its Chrome browser. The class action, filed in 2020, alleged the company misled users by tracking…
Read More