Sun.Dec 31, 2023

article thumbnail

Google agreed to settle a $5 billion privacy lawsuit

Security Affairs

Google has agreed to settle a $5 billion privacy lawsuit, which alleged that the company monitored individuals using the Chrome “incognito” mode. Google agreed to settle a $5 billion privacy lawsuit over claims that the company monitored online activity of people who used the ‘incognito’ mode in its Chrome web browser. The class action, filed in 2020 by law firm Boies Schiller Flexner, alleges that the IT giant deceived users, leading them to believe their online activiti

article thumbnail

Google Fixes Nearly 100 Android Security Issues

WIRED Threat Level

Plus: Apple shuts down a Flipper Zero Attack, Microsoft patches more than 30 vulnerabilities, and more critical updates for the last month of 2023.

Hacking 140
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Security Affairs newsletter Round 452 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

article thumbnail

The Three Keys to Success in Cybersecurity

Security Boulevard

In this episode, host Tom Eston shares the three key lessons he’s learned over his 18-year career in cybersecurity: effective communication, continuous learning, and empathy. He talks about the importance of understanding and reaching both technical and non-technical audiences, the necessity of continuous learning despite your role, and the power of empathy in contributing to […] The post The Three Keys to Success in Cybersecurity appeared first on Shared Security Podcast.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

PingRAT: secretly passes C2 traffic through firewalls using ICMP payloads

Penetration Testing

PingRAT PingRAT secretly passes C2 traffic through firewalls using ICMP payloads. Features: Uses ICMP for Command and Control Undetectable by most AV/EDR solutions Written in Go Use Server Client Download Copyright (C) 2023 The post PingRAT: secretly passes C2 traffic through firewalls using ICMP payloads appeared first on Penetration Testing.

Firewall 111
article thumbnail

New JinxLoader Targeting Users with Formbook and XLoader Malware

The Hacker News

A new Go-based malware loader called JinxLoader is being used by threat actors to deliver next-stage payloads such as Formbook and its successor XLoader. The disclosure comes from cybersecurity firms Palo Alto Networks Unit 42 and Symantec, both of which highlighted multi-step attack sequences that led to the deployment of JinxLoader through phishing attacks.

Malware 110

More Trending

article thumbnail

Android game dev’s Google Drive misconfig highlights cloud security risks

Bleeping Computer

Japanese game developer Ateam has proven that a simple Google Drive configuration mistake can result in the potential but unlikely exposure of sensitive information for nearly one million people over a period of six years and eight months. [.

Risk 100
article thumbnail

Apache DolphinScheduler Hit by Severe CVE-2023-49299 Flaw

Penetration Testing

In the rapidly evolving world of data orchestration, Apache DolphinScheduler has emerged as a vanguard, revolutionizing the way we handle complex data workflows. Renowned for its agile, low-code high-performance workflow capabilities, and robust user... The post Apache DolphinScheduler Hit by Severe CVE-2023-49299 Flaw appeared first on Penetration Testing.

article thumbnail

USENIX Security ’23 – Alexander Bienstock, Sarvar Patel, Joon Young Seo, Kevin Yeo ‘Near-Optimal Oblivious Key-Value Stores For Efficient PSI, PSU And Volume-Hiding Multi-Maps’

Security Boulevard

Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott ; and via the organizations YouTube channel. Permalink The post USENIX Security ’23 – Alexander Bienstock, Sarvar Patel, Joon Young Seo, Kevin Yeo ‘Near-Optimal Oblivious Key-Value Stores For Efficient PSI, PSU And Volume-Hiding Multi-Maps’ appeared first on Security

article thumbnail

Patch Up Your OpenOffice: Four Vulnerabilities You Don’t Want to Ignore

Penetration Testing

In the realm of open-source office software suites, Apache OpenOffice stands as a stalwart, widely acclaimed for its comprehensive array of functionalities ranging from word processing to database management. This versatile suite, available in... The post Patch Up Your OpenOffice: Four Vulnerabilities You Don’t Want to Ignore appeared first on Penetration Testing.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

MS Excel Vulnerability Exploited To Distribute Agent Tesla

Security Boulevard

Threat actors with malicious intent have now been exploiting an old MS Excel vulnerability as part of their phishing campaign. The aim of such exploits is to deliver an infostealer malware dubbed Agent Tesla. As per recent reports, a memory corruption vulnerability is being used as an active part of exploits in an attempt to […] The post MS Excel Vulnerability Exploited To Distribute Agent Tesla appeared first on TuxCare.

article thumbnail

CVE-2023-7163: A Maximum Threat to D-Link D-View’s Network Security

Penetration Testing

D-Link D-View is a network management software suite designed to help businesses and organizations of all sizes monitor, manage, and troubleshoot their wired and wireless networks. A recent discovery has cast a shadow over... The post CVE-2023-7163: A Maximum Threat to D-Link D-View’s Network Security appeared first on Penetration Testing.

article thumbnail

Microsoft Acts Against Malware: MSIX ms-appinstaller Handler Disabled

Penetration Testing

In a digital landscape where cyber threats are constantly evolving, Microsoft’s latest Threat Intelligence report, covering activity since mid-November 2023, sheds light on the sophisticated strategies employed by cybercriminals. The report reveals a disturbing... The post Microsoft Acts Against Malware: MSIX ms-appinstaller Handler Disabled appeared first on Penetration Testing.