North Koreans Target Devs Worldwide With Spyware, Job Offers – Dark Reading
DEV#POPPER is back, looking to deliver a comprehensive, updated infostealer to coding job seekers by way of a savvy social engineering gambit. – Read More
Cyber
ESET Reveals Latest Cloud-Native Authentication Solution – Dark Reading
Post Content – Read More
Protect AI Acquires SydeLabs to Red Team Large Language Models – Dark Reading
Post Content – Read More
AI-Driven Executive Impersonations Emerge As Significant Threat to Business Payment Processes – Dark Reading
Post Content – Read More
North Korean cyberspies trick developers into installing malware with fake job interviews – CSO Online
Attackers behind a campaign that targets developers from around the world using fake job interviews have expanded their toolset with an information stealing script that also supports Linux and macOS…
Meta Agrees to $1.4B Settlement With Texas Over Biometric Privacy – Dark Reading
The process took two years, but this is the first successful settlement obtained under Texas’ Capture or Use of Biometric Identifier Act, which forbids the capture of biometric data without…
Siri Bug Enables Data Theft on Locked Apple Devices – Dark Reading
Malicious actors could potentially exploit this vulnerability if they gain physical access to a user’s device. – Read More
Microsoft: Azure DDoS Attack Amplified by Cyber Defense Error – Dark Reading
The sustained cyberattack, likely made worse by a mitigation snafu, disrupted several Azure cloud services for nearly eight hours on July 30. – Read More
Smart Cars Share Driver Data, Prompting Calls for Federal Scrutiny – Dark Reading
Two US senators accuse carmakers of deceptive language and shifty practices in sharing and resale of driver data. – Read More
As the skills gap grows, organizations should do these 3 things to enhance resiliency – CSO Online
The cybersecurity industry needs nearly four million professionals to fill vacant roles, and as adversaries advance their tactics, this figure is set to increase. Meanwhile, this skills shortage significantly impacts…
Dangerous XSS Bugs in RedCAP Threaten Academic & Scientific Research – Dark Reading
The security vulnerabilities, CVE-2024-37394, CVE-2024-37395, and CVE-2024-37396, could lay open proprietary and sensitive research to data thieves. – Read More
DigiCert to Revoke 83,000+ SSL Certificates Due to Domain Validation Oversight – The Hacker News
Certificate authority (CA) DigiCert has warned that it will be revoking a subset of SSL/TLS certificates within 24 hours due to an oversight with how it verified if a digital…
Would Making Ransom Payments Illegal Result in Fewer Attacks? – Dark Reading
If paying a ransom is prohibited, organizations won’t do it — eliminating the incentive for cybercriminals. Problem solved, it seems. Or is it? – Read More
North Korea-Linked Malware Targets Developers on Windows, Linux, and macOS – The Hacker News
The threat actors behind an ongoing malware campaign targeting software developers have demonstrated new malware and tactics, expanding their focus to include Windows, Linux, and macOS systems. The activity cluster,…
Don’t Let Your Domain Name Become a “Sitting Duck” – Krebs on Security
More than a million domain names — including many registered by Fortune 100 firms and brand protection companies — are vulnerable to takeover by cybercriminals thanks to authentication weaknesses at…