Multi-factor & Risk-based Authentication , Security Operations Calls Grow to Block Browser-Based Password Storage as Malware Comes Calling Mathew J. Schwartz (euroinfosec) • March 1, 2024 Hackers want you to store passwords in browsers. (Image: Shutterstock) Typing passwords is a drag. Ever-helpful browser makers and online services know this and offer to save […]
Governance & Risk Management , Government , Industry Specific Officials Express Concern Over Growing Potential for Chinese Maritime Cyberthreats Chris Riotta (@chrisriotta) • February 29, 2024 The U.S. Coast Guard told a House panel on Feb. 29, 2024, that it’s expanding its cybersecurity capabilities. (Image: Shutterstock) The U.S. Coast Guard is expanding its […]
Eken camera doorbells allow ill-intentioned individuals to spy on you Pierluigi Paganini March 03, 2024 Camera doorbells manufactured by the Chinese company Eken Group Ltd under the brands EKEN and Tuck are affected by major vulnerabilities. Researchers from Consumer Reports (CR) discovered severe vulnerabilities in doorbell cameras manufactured by the Chinese company Eken Group Ltd. […]
U.S. cybersecurity and intelligence agencies have warned of Phobos ransomware attacks targeting government and critical infrastructure entities, outlining the various tactics and techniques the threat actors have adopted to deploy the file-encrypting malware. “Structured as a ransomware as a service (RaaS) model, Phobos ransomware actors have targeted entities including municipal and county governments, emergency services, […]
Taiwan’s Defense Ministry is urging Chunghwa Telecom, the the island’s largest telecom company, to improve its cybersecurity following a data breach that compromised government-related information. The hackers, reportedly believed to be backed by the Chinese government, made off with 1.7TB of data following the Chunghwa compromise and have put it all up for sale on […]
Police seized Crimemarket, the largest German-speaking cybercrime marketplace Pierluigi Paganini March 01, 2024 German police seized the largest German-speaking cybercrime marketplace Crimemarket and arrested one of its operators. The Düsseldorf Police announced that a large-scale international law enforcement operation led to the seizure of the largest German-speaking cybercrime marketplace. “Under the direction of the North Rhine-Westphalia […]
CISA adds Microsoft Streaming Service bug to its Known Exploited Vulnerabilities catalog Pierluigi Paganini March 01, 2024 U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft Streaming Service vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2023-29360 (CVSS Score 8.4) Microsoft Streaming Service Untrusted pointer dereference vulnerability […]
Mar 02, 2024NewsroomSpyware / Privacy A U.S. judge has ordered NSO Group to hand over its source code for Pegasus and other products to Meta as part of the social media giant’s ongoing litigation against the Israeli spyware vendor. The decision, which marks a major legal victory for Meta, which filed the lawsuit in October […]
The UK Department for Science, Innovation and Technology (DSIT) has revealed what its future Cybersecurity Governance Code of Practice will look like and the five principals it will include. While the document is undergoing final review, Jack Harrigan, head of cyber governance & accountability at DSIT, shared a glimpse of what final version during the […]