Summary of Tech Article: The Security Systems Flaw A new report by Osterman Research, commissioned by Silverfort, reveals a flaw in the deployment of Multi-Factor Authentication (MFA) and Privileged Access Management (PAM) solutions. These solutions are not being comprehensively deployed enough to provide resilience to identity-based threats. Failing to deploy these systems comprehensively can lead
Read More
– Retool, a software development company, fell victim to a social engineering attack leading to a breach of 27 cloud accounts. – The San Francisco firm pointed fingers at a newly introduced Google Account cloud synchronization feature which was launched in April 2023, amplifying the breach. – Retool labelled this Google feature a ‘dark pattern’.
Read More
Cyber Bandit UNC3944 Sails to Ransomware Territory The cyber threat actor UNC3944 is shifting focus to ransomware deployment as a fresh revenue churning strategy. This change signals a stronger inclination towards pilfering large volumes of sensitive data for extortion. UNC3944 appears to have a firm grasp of Western business practices, suggesting a geographic connection to
Read More
The Cryptocurrency Plot Thickens: Lazarus Group Nabs $240m The Lazarus Group, linked with North Korea, has reportedly stolen a whopping $240 million in cryptocurrency since June 2023. Sources like Certik, Elliptic, and ZachXBT suspect the notorious hacking group stole $31 million in digital assets from the CoinEx exchange on September 12, 2023. The thefts from
Read More
Bite-Sized Trouble: TikTok Faced with Hefty GDPR Fine Over Child Data Misuse Major Points of the Story: TikTok handed a €345 million (about $368 million) penalty by the Irish Data Protection Commission (DPC). The fine follows a violation of the European Union’s General Data Protection Regulation (GDPR) in relation to TikTok’s misuse of children’s data.
Read More
Google Patches Exploited Critical Bug in Chrome Browser Google has recently rolled out an out-of-band security patch to fix a significant security breach that was being exploited in Chrome. A heap buffer overflow issue, tracked as CVE-2023-4863, has been found in the WebP image format, which could lead to arbitrary code execution or a browser
Read More
Anatomy of a New Phishing Attack via Facebook Messenger Main points: – A new form of phishing attack is spreading via Facebook Messenger. – The attack originates from a Vietnamese group and uses fake/hijacked personal accounts to send messages. – These messages come with a small yet potent file attachment. – The Python-based stealer contained
Read More
Charming Kiten Targets Israel, Brazil, and U.A.E with New Backdoor Named “Sponsor” In internet espionage, it’s not all about cool names and quirky codenames but Charming Kiten really takes the cake! This Iranian threat actor has been linked to a new wave of cyber-attacks recently targeting entities in Brazil, Israel, and the U.A.E. This time,
Read More
– APIs have grown in popularity due to our increased reliance on web applications and digital platforms. – APIs facilitate communication between different applications, playing a crucial part in modern software development. – The surge in API use has coincided with a rise in API breaches. The Age of APIs: Connecting Our Digital World Remember
Read More
Google Unleashes Privacy Sandbox in Chrome: A Private Measure Four Months in the Making Main Points: * Google’s Privacy Sandbox has officially started its rollout to most of its Chrome web browser users. * The initiative was first announced nearly four months ago by Google. * Google emphasizes the criticality of simultaneously bolstering privacy and
Read MoreNo products in the cart.