Category: Security

January 12, 2024

GitLab has released security updates to address two critical vulnerabilities, including one that could be exploited to take over accounts without requiring any user interaction. Tracked as CVE-2023-7028, the flaw has been awarded the maximum severity of 10.0 on the […]

January 8, 2024

You might not be totally safe from hackers even after you reset your Google password. There was allegedly an exploit in Google cookies that allowed bad actors to access Google services even after users reset their passwords, according to a […]

December 21, 2023

After raising its security game with a feature-packed update in October, our #1 best VPN has just extended its advanced protections to Mac users. ExpressVPN initially unveiled its new adult site tools and ad-blocker across its Windows, iOS, and Android […]

December 19, 2023

Threat actors are increasingly making use of GitHub for malicious purposes through novel methods, including abusing secret Gists and issuing malicious commands via git commit messages. “Malware authors occasionally place their samples in services like Dropbox, Google Drive, OneDrive, and […]

December 12, 2023

Let’s begin with a thought-provoking question: among a credit card number, a social security number, and an Electronic Health Record (EHR), which commands the highest price on a dark web forum? Surprisingly, it’s the EHR, and the difference is stark: […]

December 11, 2023

The Federal Trade Commission (FTC) warned the public against scanning any old QR code in a consumer alerts blog last week. Naturally, the warning comes down to security and privacy — bad actors can put QR codes in inconspicuous places […]

December 8, 2023

Ransomware attacks have become a significant and pervasive threat in the ever-evolving realm of cybersecurity. Among the various iterations of ransomware, one trend that has gained prominence is Ransomware-as-a-Service (RaaS). This alarming development has transformed the cybercrime landscape, enabling individuals […]

December 7, 2023

Understanding what defines our humanity, recognizing how our qualities can be perceived as vulnerabilities, and comprehending how our minds can be targeted provide the foundation for identifying and responding when we inevitably become the target. The human mind is a […]

December 5, 2023

You no longer have to go to a bank to make a payment, thanks to fintech apps like Venmo and PayPal. Seemingly inspired by these apps, the internet is now filled with dangerous SpyLoan apps that pretend to be there […]

December 4, 2023

It’s been over 10 years since Shannon Lietz introduced the term DevSecOps, aiming to get security a seat at the table with IT developers and operators. The question is, how far has security come since then? Do DevSecOps teams have […]

November 30, 2023

According to fraud control platform Arkose Labs, a staggering 73 percent of Internet traffic to websites and apps measured between January 2023 and September 2023 was related to bots performing malicious activities like SMS toll fraud, scraping, and card testing. […]

November 30, 2023

Welcome to a world where Generative AI revolutionizes the field of cybersecurity. Generative AI refers to the use of artificial intelligence (AI) techniques to generate or create new data, such as images, text, or sounds. It has gained significant attention […]

November 30, 2023

Wing Security recently announced that basic third-party risk assessment is now available as a free product. But it raises the questions of how SaaS is connected to third-party risk management (TPRM) and what companies should do to ensure a proper […]

November 22, 2023

A new research has uncovered multiple vulnerabilities that could be exploited to bypass Windows Hello authentication on Dell Inspiron 15, Lenovo ThinkPad T14, and Microsoft Surface Pro X laptops. The flaws were discovered by researchers at hardware and software product […]

November 17, 2023

Threat actors are leveraging manipulated search results and bogus Google ads that trick users who are looking to download legitimate software such as WinSCP into installing malware instead. Cybersecurity company Securonix is tracking the ongoing activity under the name SEO#LURKER. […]

November 15, 2023

Microsoft has released fixes to address 63 security bugs in its software for the month of November 2023, including three vulnerabilities that have come under active exploitation in the wild. Of the 63 flaws, three are rated Critical, 56 are […]

November 13, 2023

Since the proliferation of large language models (LLMs), like OpenAI’s GPT-4, Meta’s Llama 2, and Google’s PaLM 2, we have seen an explosion of generative AI applications in almost every industry, cybersecurity included. However, for a majority of LLM applications, […]

November 13, 2023

Effective marketing operations today are driven by the use of Software-as-a-Service (SaaS) applications. Marketing apps such as Salesforce, Hubspot, Outreach, Asana, Monday, and Box empower marketing teams, agencies, freelancers, and subject matter experts to collaborate seamlessly on campaigns and marketing […]

November 8, 2023

Oracle is open-sourcing Jipher, a Java Cryptography Architecture (JCA) provider built for security and performance that has been used by the company’s cloud platform, the company said on November 7. Jipher was developed for environments with FIPS (Federal Information Processing […]

November 6, 2023

Bug hunters at the VMware Threat Analysis Unit (TAU) discovered 34 unique vulnerable Windows drivers, with 237 different file hashes belonging to legacy devices. Even though many of these drivers have revoked or expired security certificates, companies and other organizations […]