Security-Enhanced Linux is a kernel security module created by the National Security Agency to provide a mechanism for access control policies. SELinux includes a set of kernel modifications and user tools to help configure access control policies on Linux. SELinux can cause problems with applications that behave outside the norm. Web servers, like Nginx or […]
Developer platform Retool disclosed it suffered a breach last month that involved vishing attack on an employee and affected 27 cloud customers. In a blog post Wednesday, Retool revealed it was targeted in a spear phishing attack on August 27. A threat actor impersonating an IT staff member conducted SMS-based phishing and a successful vishing […]
Mobile Verification Toolkit (MVT) is a collection of utilities to simplify and automate the process of gathering forensic traces helpful to identify a potential compromise of Android and iOS devices. MVT supports using public indicators of compromise (IOCs) to scan mobile devices for potential traces of targeting or infection by known spyware campaigns. MVT is […]
A ransomware attack on a third-party supplier has compromised the personal details of thousands of officers with Greater Manchester Police (GMP) in North West England. Although neither financial information nor home addresses were exposed in the incident according to GMP, the risk of officers’ personal details being obtained by organized crime groups — including those […]
The volume of cybersecurity vulnerabilities is rising, with close to 30% more vulnerabilities found in 2022 vs. 2018. Costs are also rising, with a data breach in 2023 costing $4.45M on average vs. $3.62M in 2017. In Q2 2023, a total of 1386 victims were claimed by ransomware attacks compared with just 831 in Q1 […]
Sep 15, 2023THNPrivacy / Online Security Google has agreed to pay $93 million to settle a lawsuit filed by the U.S. state of California over allegations that the company’s location-privacy practices misled consumers and violated consumer protection laws. “Our investigation revealed that Google was telling its users one thing – that it would no longer […]
Glitterballs at the ready The mysterious Manzo Edits series is onto volume three, but you don’t need to wait until its release date – September 21 – to get a taste. Vaudafunk, one of the Italian label’s edit crew, has kindly shared his super shiny disco jam ‘Disco Manina’ in full for lucky Juno Daily […]
Sep 15, 2023THNOnline Security / Malware An ongoing campaign is targeting Facebook Business accounts with bogus messages to harvest victims’ credentials using a variant of the Python-based NodeStealer and potentially take over their accounts for follow-on malicious activities. “The attacks are reaching victims mainly in Southern Europe and North America across different segments, led by […]
The Internet of Things (IoT) is transforming efficiency in various sectors like healthcare and logistics but has also introduced new security risks, particularly IoT-driven DDoS attacks. This article explores how these attacks work, why they’re uniquely problematic, and how to mitigate them. What Is IoT? IoT (Internet of Things) refers to online, interconnected devices that […]