Cybersecurity

Sidestepping SharePoint Security: Two New Techniques to Evade Exfiltration Detection | Varonis

Varonis Threat Labs discovered two techniques in SharePoint that allow users to circumvent audit logs and avoid triggering download events while exfiltrating files.   These techniques can bypass the detection and enforcement policies of traditional tools, such as cloud access security brokers, data loss prevention, and SIEMs, by hiding downloads as less suspicious access and sync […]

Cybersecurity

BSAM: Open-source methodology for Bluetooth security assessment – Help Net Security

Many wireless headsets using Bluetooth technology have vulnerabilities that may allow malicious individuals to covertly listen in on private conversations, Tarlogic Security researchers have demonstrated last week at RootedCON in Madrid. “Many of the examples presented during the conference were real tests on devices that attendees – most of them cybersecurity experts – were carrying […]

Cybersecurity

Eken camera doorbells allow ill-intentioned individuals to spy on you

Eken camera doorbells allow ill-intentioned individuals to spy on you Pierluigi Paganini March 03, 2024 Camera doorbells manufactured by the Chinese company Eken Group Ltd under the brands EKEN and Tuck are affected by major vulnerabilities. Researchers from Consumer Reports (CR) discovered severe vulnerabilities in doorbell cameras manufactured by the Chinese company Eken Group Ltd. […]

Cybersecurity

Qualcomm chip vulnerability enables remote attack by voice call

Qualcomm disclosed a critical vulnerability on New Year’s Day that would allow remote attacks via malicious voice calls over LTE networks. The January 2024 security bulletin lists a total of 26 vulnerabilities, including four critical vulnerabilities, affecting Qualcomm chipsets. Patches have already been made available to original equipment manufacturers (OEMs) whose devices use Qualcomm chips, […]

Cybersecurity

Atos Unify Vulnerabilities Could Allow Hackers to Backdoor Systems

Two vulnerabilities discovered earlier this year in Atos Unify products could allow malicious actors to cause disruption and even backdoor the targeted system. The flaws were found in the unified communications and collaboration solution by researchers at SEC Consult, an Austria-based cybersecurity consulting firm that is part of the Atos Group’s Eviden business. The vulnerabilities […]

  • 1
  • 2