September 2024

Google Chrome gets a mind of its own for some security fixes

Browser becomes more proactive about trimming unneeded permissions and deceptive notifications Google has enhanced Chrome's Safety Check so that it can make some security decisions on the user's behalf.…

Transport for London confirms 5,000 users’ bank data exposed, pulls large chunks of IT infra offline

NCA confirms arrest of 17-year-old 'on suspicion of Computer Misuse Act offences' – now bailed Transport for London's ongoing cyber incident has taken a dark turn as the organization confirmed that some data, including bank details, might have been accessed, and 30,000 employees' passwords will need to be…

EU kicks off an inquiry into Google’s AI model

Privacy regulator taking a closer look at data privacy and PaLM 2 The European Union's key regulator for data privacy, Ireland's Data Protection Commission (DPC), has launched a cross-border inquiry into Google's AI model to ascertain if it complies with the bloc's rules.…

About that Windows Installer ‘make me admin’ security hole. Here’s how it’s exploited

What kind of OS can be hijacked by clicking a link at just the right time? Microsoft's In this week's Patch Tuesday Microsoft alerted users to, among other vulnerabilities, a flaw in Windows Installer that can be exploited by malware or a rogue user to gain SYSTEM-level privileges…

Mind your header! There’s nothing refreshing about phishers’ latest tactic

It could lead to a costly BEC situation Palo Alto's Unit 42 threat intel team wants to draw the security industry's attention to an increasingly common tactic used by phishers to harvest victims' credentials.…

Hunters International claims ransom on Chinese mega-bank’s London HQ

Allegedly swiped more than 5.2M files and threatens to publish the lot Ransomware gang Hunters International reportedly claims to have stolen more than 5.2 million files belonging to the London branch of the Industrial and Commercial Bank of China (ICBC), a Chinese state-owned bank and financial service corporation,…

So you paid a ransom demand … and now the decryptor doesn’t work

A really big oh sh*t moment, for sure For C-suite execs and security leaders, discovering your organization has been breached, your critical systems locked up and your data stolen, then receiving a ransom demand, is probably the worst day of your professional life.…

How $20 and a lapsed domain allowed security pros to undermine internet integrity

What happens at Black Hat… While trying to escape the Las Vegas heat during Black Hat last month, watchTowr Labs researchers decided to poke around for weaknesses in the WHOIS protocol. They claim to have found a way to undermine certificate authorities, which the world trusts to keep…

Mind the talent gap: Infosec vacancies abound, but hiring is flat

ISC2 argues security training needs to steer toward what hiring managers want The shortfall between the number of working security professionals and the number of security job openings has reached 4.8 million – a new high, according to cyber security non-profit ISC2.…

India to train 5,000 ‘Cyber Commandos’

Minister reckons dedicated cops necessary to protect digital transactions India has announced a plan to train a specialized wing of 5000 "Cyber Commandos" in the next five years, as part of its efforts to address cyber crime.…

Copyright © 2024 Lugapel