ESET products and research have been protecting Ukrainian IT infrastructure for years. Since the start of the war in February 2022, we have prevented and investigated a significant number of attacks launched by Russia-aligned groups. We have also published some of the most interesting findings on WeLiveSecurity: Even though our main focus remains on analyzing…
Read MoreFeb 23, 2024NewsroomData Privacy / iOS Security Details have emerged about a now-patched high-severity security flaw in Apple’s Shortcuts app that could permit a shortcut to access sensitive information on the device without users’ consent. The vulnerability, tracked as CVE-2024-23204 (CVSS score: 7.5), was addressed by Apple on January 22, 2024, with the release of…
Read MoreDigital Security You would never give your personal ID to random strangers, right? So why provide the ID of your computer? Unsuspecting users beware, IP grabbers do not ask for your permission. 22 Feb 2024 • , 6 min. read A common message that any user of a social platform like Discord might see sometimes…
Read MoreFeb 23, 2024NewsroomPrivacy / Regulatory Compliance The U.S. Federal Trade Commission (FTC) has hit antivirus vendor Avast with a $16.5 million fine over charges that the firm sold users’ browsing data to advertisers after claiming its products would block online tracking. In addition, the company has been banned from selling or licensing any web browsing…
Read MoreMS-ISAC ADVISORY NUMBER: 2024-018 DATE(S) ISSUED: 02/08/2024 OVERVIEW: Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of…
Read MoreApply appropriate updates provided by Juniper to vulnerable systems immediately after appropriate testing. (M1051: Update Software) Safeguard 7.1 : Establish and Maintain a Vulnerability Management Process: Establish and maintain a documented vulnerability management process for enterprise assets. Review and update documentation annually, or when significant enterprise changes occur that could impact this Safeguard. Safeguard 7.2:…
Read MoreAfter more than two years the Australian government is back to the top five sectors with the most reported data breaches to the Office of the Australian Information Commissioner (OAIC). The Australian government is also the only of the five sectors that had human error as the top cause of data breaches. The Notifiable Data…
Read MoreAfter a year in which AI has become ubiquitous, it’s time to prove that we know how to use it, and to move towards a more professional use of it in our work routine, Check Point CEO Gil Shwed told attendees at the company’s CPX 2024 event in Vienna on Wednesday. The company presented a…
Read MoreMS-ISAC ADVISORY NUMBER: 2024-023 DATE(S) ISSUED: 02/22/2024 OVERVIEW: Multiple vulnerabilities have been discovered in ConnectWise ScreenConnect, the most severe of which could allow for remote code execution. ConnectWise ScreenConnect is ConnectWise’s remote desktop and mobile support solutions to allow technicians to perform remote support, gain remote access and run remote meetings. Successful exploitation of the…
Read MoreA huge reward is being offered for information leading to the identification or location of any of the leaders of the LockBit ransomware gang. The bounty offer comes from the US State Department, following this week’s disruption of the criminal organisation’s activities. LockBit, which has been operating since 2020, has targeted thousands of victims around…
Read More