iPhone ‘VoiceOver’ Feature Could Read Passwords Aloud – Dark Reading
CVE-2024-44204 is one of two new Apple iOS security vulnerabilities that showcase an unexpected coming together of privacy snafus and accessibility features. – Read More
Cyber
Insider Threat Damage Balloons as Visibility Gaps Widen – Dark Reading
A growing number of organizations are taking longer to get back on their feet after an attack, and they’re paying high price tags to do so — up to $2M…
Microsoft, DOJ Dismantle Russian Hacker Group Star Blizzard – Dark Reading
The successful disruption of notorious Russian hacker group Star Blizzard’s operations arrives one month out from the US presidential election — one of the APT’s prime targets. – Read More
Cybersecurity Is Serious — but It Doesn’t Have to Be Boring – Dark Reading
Thoughtfully applied, humor breaks through security fatigue, increases engagement, and fosters a culture of security awareness. – Read More
U.S. and Microsoft Seize 107 Russian Domains in Major Cyber Fraud Crackdown – The Hacker News
Microsoft and the U.S. Department of Justice (DoJ) on Thursday announced the seizure of 107 internet domains used by state-sponsored threat actors with ties to Russia to facilitate computer fraud…
Criminals Are Testing Their Ransomware Campaigns in Africa – Dark Reading
The booming economies of Africa, rich in natural resources and brimming with potential, are attracting not just investors, but also cybercriminals. Here’s why. – Read More
Hackers steal sensitive customer data from thousands of online stores that use Adobe tools – CSO Online
Distinct groups of cybercriminals have been exploiting the CosmicSting flaw in Adobe’s Commerce and Magento software to steal customers’ payment information. According to research by Sansec, miscreants have used the…
DOJ seizes 41 Russian-controlled domains in cyber-espionage crackdown – CSO Online
The US Department of Justice (DOJ) has seized 41 internet domains used by Russian intelligence agents and their allies for cyberattacks on the US. This marks a major move to…
How to Get Going with CTEM When You Don’t Know Where to Start – The Hacker News
Continuous Threat Exposure Management (CTEM) is a strategic framework that helps organizations continuously assess and manage cyber risk. It breaks down the complex task of managing security threats into five…
Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors – The Hacker News
Cloudflare has disclosed that it mitigated a record-breaking distributed denial-of-service (DDoS) attack that peaked at 3.8 terabits per second (Tbps) and lasted 65 seconds. The web infrastructure and security company…
WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks – The Hacker News
A new high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable malicious actors to execute arbitrary JavaScript code under certain conditions. The flaw,…
Nordkoreanische Cyberspione ködern Entwickler – CSO Online
Nordkoreanische Hacker werden immer kreativer, wenn es darum geht, Daten zu ergaunern FOTOGRIN – shutterstock.com Softwareentwickler sind wertvolle Ziele für staatlich unterstützte Angreifer, da ihre Computer oft sensible Informationen und…
Over 80% of phishing sites now target mobile devices – CSO Online
Mobile-targeted phishing (M-ishing) attacks are seeing a significant rise with more than four out of every five phishing sites now specifically targeting mobile devices, according to a report by Zimperium…
DPRK’s APT37 Targets Cambodia With Khmer, ‘VeilShell’ Backdoor – Dark Reading
It’s North Korea versus Cambodia, with Windows default settings and sheer patience allowing the bad guys to avoid easy detection. – Read More
Thousands of DrayTek Routers at Risk From 14 Vulnerabilities – Dark Reading
Several of the flaws enable remote code execution and denial-of-service attacks while others enable data theft, session hijacking, and other malicious activity. – Read More