Cybersecurity

WhatsApp finally fixes View Once flaw that allowed theft of supposedly vanishing pics

And it only took four months, tut WhatsApp has fixed a problem with its View Once feature, designed to protect people's privacy with automatically disappearing pictures and videos.…

Crooks stole AWS credentials from misconfigured sites then kept them in open S3 bucket

ShinyHunters-linked heist thought to have been ongoing since March Exclusive  A massive online heist targeting AWS customers during which digital crooks abused misconfigurations in public websites and stole source code, thousands of credentials, and other secrets remains "ongoing to this day," according to security researchers.…

OpenWrt orders router firmware updates after supply chain attack scare

A couple of bugs lead to a potentially bad time OpenWrt users should upgrade their images to the same version to protect themselves from a possible supply chain attack reported to the open source Wi-Fi router project last week.…

Microsoft dangles $10K for hackers to hijack LLM email service

Outsmart an AI, win a little Christmas cash Microsoft and friends have challenged AI hackers to break a simulated LLM-integrated email client with a prompt injection attack – and the winning teams will share a $10,000 prize pool.…

How Chinese insiders are stealing data scooped up by President Xi’s national surveillance system

'It's a double-edged sword,' security researchers tell The Reg Feature  Chinese tech company employees and government workers are siphoning off user data and selling it online - and even high-ranking Chinese Communist Party officials and FBI-wanted hackers' sensitive information is being peddled by the Middle Kingdom's thriving illegal…

Micropatchers share 1-instruction fix for NTLM hash leak flaw in Windows 7+

Microsoft's OS sure loves throwing your creds at remote systems Updated  Acros Security claims to have found an unpatched bug in Microsoft Windows 7 and onward that can be exploited to steal users' OS account credentials.…

Facing sale or ban, TikTok tossed under national security bus by appeals court

Video slinger looks to Supremes for salvation, though anything could happen under Trump A US federal appeals court has rejected a challenge to the law that prevents popular apps that collect data on Americans from being controlled by a foreign adversary.…

Salt Typhoon forces FCC’s hand on making telcos secure their networks

Proposal pushes stricter infosec safeguards after Chinese state baddies expose vulns The head of America's Federal Communications Commission (FCC) wants to force telecoms operators to tighten network security in the wake of the Salt Typhoon revelations, and to submit an annual report detailing measures taken.…

Badass Russian techie outsmarts FSB, flees Putinland all while being tracked with spyware

Threatened with life in prison, Kyiv charity worker gives middle finger to state spies A Russian programmer defied the Federal Security Service (FSB) by publicizing the fact his phone was infected with spyware after being confiscated by authorities.…

Protect your clouds

Get best practice advice on how to safeguard your cloud infrastructure from SANS Sponsored Post  According to the 2024 IBM Cost of the Data Breach Report 40 percent of data breaches identified between March 2023 and February 2024 involved data stored across multiple environments, including the cloud.…

Copyright © 2024 Lugapel