Major industries, including finance, IT, industrial and government sectors, report over two critical security incidents with direct human involvement per day, new research from Kaspersky shows. The Managed Detection and Response Analyst Report for 2023 details that more than one in five (22.9%) of high-severity incidents in 2023 were reported by the government sector, closely … Read more
Popular collaboration tools such as Microsoft Teams, Zoom, Slack and Google may be required to implement end-to-end encryption and interoperability if used by US federal agencies. Legislation put forward by US Senator Ron Wyden, titled as the Secure and Interoperable Government Collaboration Technology Act is looking to boost security for such tools following a number … Read more
Chief Information Security Officers (CISO) are becomingly ever more concerned the increasing use of Generative AI tools could lead to more cybersecurity incidents. A new pape by security experts Metomic surveying more than 400 CISOs in the UK and the US found security breaches linked to generative AI worry almost three-quarters (72%) of the respondents. … Read more
Almost a billion mobile users, holding various devices, could have had their communications revealed to malicious third parties, a report from cybersecurity researchers Citizen Lab claims. It says different device manufacturers have used different keyboard apps which were relaying unencrypted communications, transmitting keystrokes via plaintext, and similar. Tencent QQ Pinyin, Baidu IME, iFlytek IME, Samsung … Read more
Russian state-sponsored threat actors were observed abusing an old printer vulnerability to drop custom malware on target endpoints. The malware helped them exfiltrate sensitive data and login credentials. This is according to a new report from Microsoft Threat Intelligence, published earlier this week. As per the report, since mid-2019, a group known as Fancy Bear … Read more
Hundreds of thousands of WordPress websites are vulnerable to a critical severity flaw which allows threat actors to upload malware to the site through a bug in a plugin. As reported by BleepingComputer, Japan’s CERT recently found a critical severity flaw (9.8) in the Forminator plugin, built by WPMU DEV. The flaw, now tracked as … Read more
iPhone Stolen Device Protection offers increased safety for your accounts and financial information if someone steals your handset and its passcode. Here’s how to activate the security feature that debuted in iOS 17.3, and — more importantly — why you should do it now. Stolen Device Protection: How to activate You don’t have to take … Read more
Google’s wired Nest security camera has dropped to its lowest price to date. The second-gen device is for indoor use and it’s motion sensitive. It’s capable of capturing 1080p HDR video. You can , which is $30 or 30 percent off the regular price of $100, at Amazon if you opt for the fog or … Read more
For weeks now, unidentified threat actors have been leveraging a critical zero-day vulnerability in Palo Alto Networks’ PAN-OS software, running arbitrary code on vulnerable firewalls, with root privilege. Multiple security researchers have flagged the campaign, including Palo Alto Networks’ own Unit 42, noting a single threat actor group has been abusing a vulnerability called command … Read more
The Blink Mini 2 home security camera was only announced a month ago, and it’s already on sale. The camera is 25 percent off in both colors — black and white — in a deal on Amazon, bringing the already budget-friendly system down to just $30. The Blink Mini 2 can be used indoors or … Read more