Cybersecurity

Chrome adopts app-bound encryption to stymie cookie-stealing malware

Windows users now get macOS-grade secret security Google says it's enhancing the security of sensitive data managed by Chrome for Windows users to fight the scourge of infostealer malware targeting cookies.…

Embedding AI security from the get go

Watch this Palo Alto Networks keynote to understand the importance of visibility, control and governance in AI application and service development Sponsored Post  The dawn of artificial intelligence is upon us, but its development has only just begun.…

‘Error’ in Microsoft’s DDoS defenses amplified 8-hour Azure outage

A playbook full of strategies and someone fumbles the implementation Do you have problems configuring Microsoft's Defender? You might not be alone: Microsoft admitted that whatever it's using for its defensive implementation exacerbated yesterday's Azure instability.…

UK Electoral Commission slapped for basic cybersecurity fails

It took 13 months to notice 40 million voters' data was compromised The UK's Electoral Commission has received a formal slap on the wrist for a litany of security failings that led to the theft of personal data belonging to around 40 million voters.…

DigiCert gives unlucky folks 24 hours to replace doomed certificates after code blunder

For the want of an underscore DigiCert has given some unlucky customers 24 hours to replace their SSL/TLS security certificates it previously issued them – due to a five-year-old blunder in its backend software.…

‘LockBit of phishing’ EvilProxy used in more than a million attacks every month

Leaves a trail of ransomware infections, data theft, business email compromise in its wake Insight  The developers of EvilProxy – a phishing kit dubbed the "LockBit of phishing" – have produced guides on using legitimate Cloudflare services to disguise malicious traffic. This adds to the ever-growing arsenal of…

Ransomware gangs are loving this dumb but deadly make-me-admin ESXi vulnerability

Get those patches applied – all the big dogs are abusing it Do you have your VMware ESXi hypervisor joined to Active Directory? Well, the latest news from Microsoft serves as a reminder that you might not want to do that given the recently patched vulnerability that has…

Proofpoint phishing palaver plagues millions with ‘perfectly spoofed’ emails from IBM, Nike, Disney, others

They DKIM here, they DKIM there A huge phishing campaign exploited a security blind-spot in Proofpoint's email filtering systems to send an average of three million "perfectly spoofed" messages a day purporting to be from Disney, IBM, Nike, Best Buy, and Coca-Cola – all of which are Proofpoint…

Malaysia is working on an internet ‘kill switch’, says minister

Follows requirement for social media and messaging platforms to get a license Legislation for an internet "kill switch" will reach Malaysia’s Parliament in October, according to the country's minister for Law and Institutional Reform.…

Meta’s AI safety system defeated by the space bar

'Ignore previous instructions' thwarts Prompt-Guard model if you just add some good ol' ASCII code 32 Meta's machine-learning model for detecting prompt injection attacks – special prompts to make neural networks behave inappropriately – is itself vulnerable to, you guessed it, prompt injection attacks.…

Copyright © 2024 Lugapel