Cybersecurity

Two Harvard students took Meta’s commercially available Ray Ban smart glasses and built facial recognition software that automatically looks up someone’s face and identifies them, including personal information. Read it at @404mediaco@mastodon.social (Registration may be required). #Meta #SmartGlasses #Cybersecurity #Tech #Technology https://flip.it/WDXr7Z

The UN General Assembly recently approved the Pact For the Future, a declaration pledging concrete actions toward a safer, more peaceful, sustainable, and inclusive future.

The Pact includes a worldwide commitment to ensure that digital technologies contribute to sustainable development and human rights, while addressing risks like digital divides, #cybersecurity, and misuse of technology.

How do you think this will impact you in the next 5-10 years?

https://www.un.org/global-digital-compact/en #OpenSource #OSS

The FCC announced a $31.5 million settlement with T-Mobile over multiple data breaches that compromised the personal information of millions of U.S. consumers from 2021-2023. More from @BleepingComputer@infosec.exchange. #FCC #TMobile #Cybersecurity #Tech https://flip.it/MGWkCJ

Disclosing details of a #vulnerability I discovered 1 year ago:

N-able Ecosystem Agent Improper Certificate Validation #CVE_2024_5445 vulnerability leads to #RCE as SYSTEM user.

Vulnerability details: https://sintonen.fi/advisories/n-able-ecosystem-agent-improper-certificate-validation.txt

N-able has rated this vulnerability CVSS 3.8, but the practical impact of this vulnerability is grave as it allows attackers in privileged network position to fully compromise vulnerable systems. While arguing for such low score N-able presentative stated that: "The vulnerability reported does not constitute an RCE, the Ecosystem agent is designed to run installation packages in a privileged context and the agent is doing what it should do when it receives such packages to install over the APIs."

I think this is somewhat disingenuous.

#infosec #cybersecurity

Critical printing system bugs affect hundreds of thousands of Linux machines⤵️
#Linux #cybersecurity #technology #infosec

https://cnews.link/critical-printing-system-bugs-linux-affected/

FBI warns of sophisticated Iranian hackers targeting personal accounts⤵️
#FBI #cybersecurity #Iran #infosec #hacking

https://cnews.link/iranian-hackers-targeting-personal-accounts/

The Irish Data Protection Commission has fined Meta with a $101.5 million penalty after investigating a 2019 security breach in which the company mistakenly stored users' passwords in plain text. Via @Engadget. #Meta #Cybersecurity #Tech #Technology https://flip.it/ZD45rD

Security researchers have found a set of vulnerabilities that could allow bad actors to hack into Kia vehicles made after 2013.

#Kia #hack #vulnerabilities #CyberSecurity #datasecurity #infosec

https://cnews.link/hackers-could-exploit-kia-vulnerabilities-3/

A group of independent security researchers were able to scan virtually any internet-connected Kia vehicle’s license plate and within seconds gain the ability to track that car’s location, unlock the car, honk its horn, or start its ignition at will. More from @WIRED (Subscription may be required). #Kia #Hack #Tech #Technology #Cybersecurity https://flip.it/2fswDC

CISA has warned that hackers continue to be capable of compromising industrial control systems using "unsophisticated methods" - suggesting that much more still needs to be done to secure them properly.

Meanwhile, hackers claim to have changed chlorine levels at Lebanese water facilities...

Read more in my article on the Tripwire blog: https://www.tripwire.com/state-of-security/cisa-warns-hackers-targeting-industrial-systems-unsophisticated-methods

#cybersecurity #ics #ot #wws

The Donald Trump presidential campaign has been aware of a hack since mid-August.

#Trump #hack #Iran #cybersecurity #infosec

https://cnews.link/trump-campaign-hack-iran-ongoing-3/

Deepfake Ukrainian diplomat targeted US senator on Zoom call.

Read more in my article on the Bitdefender blog: https://www.bitdefender.com/blog/hotforsecurity/deepfake-ukrainian-diplomat-targeted-us-senator-on-zoom-call/

#cybersecurity #deepfake

Microsoft has discovered a new threat actor that previously operated as an affiliate for other ransomware-as-a-service gangs.

#Microsoft #ransomware #CyberAttack #CyberSecurity #infosec

https://cnews.link/former-affiliate-upgrades-and-launches-its-own-attacks-1/

Gemini, a powerful Google Workspace AI assistant, can be manipulated to produce misleading or malicious unintended responses.

#Google #Gemini #AI #CyberSecurity #infosec

https://cnews.link/hidden-prompts-emails-docs-google-gemini-haywire-3/

Losses from hacks and fraud in the crypto industry decreased significantly in the third quarter of this year compared to Q3 of 2023.

#cyrpto #hack #fraud #CyberSecurity #infosec

https://cnews.link/fewer-losses-crypto-hacks-2/

The US Treasury Department has announced sanctions against several Russian crypto companies.

#US #Crypto #CyberSecurity #ransomware #infosec

https://cnews.link/us-sanctions-russian-crypto-exchanges-ransomware-2/

When UK rail stations' Wi-Fi was defaced by hackers the only casualty was the truth.

Read more in my article on the Bitdefender blog: https://www.bitdefender.com/blog/hotforsecurity/when-uk-rail-stations-wi-fi-was-defaced-by-hackers-the-only-casualty-was-the-truth/

#cybersecurity #hacking

Handala Hack leaked 60,000 thousand ‘secret emails’ allegedly belonging to Gabriel "Gabi" Ashkenazi and exposed Benny Gantz.

#Israeli #dataleak #DataSecurity #CyberSecurity #infosec

https://cnews.link/pro-palestinian-hackers-claim-hacked-israeli-politicians-1/

Run to the hills! Run to the hills! Pull the communication cord!

Oh, hang on... it's just some kids who've defaced a hotspot login page...

#cybersecurity #hype

Malicious attackers are trying to capitalize on public interest surrounding charges against the rap star Sean “Diddy” Combs.

#hackers #SeanCombs #Malware #CyberSecurity #infosec

https://cnews.link/hackers-hiding-malware-in-fake-deleted-diddy-files-1/

▪️ @cybernews@infosec.exchange research ▪️ A massive leak has exposed 95 million records belonging to French citizens.

#cybersecurity #dataleak #datasecurity #infosec #France

https://cnews.link/french-records-exposed-mysterious-data-hoarder/

MoneyGram is making some progress restoring operations after a full-blown cyberattack incapacitated its networks over the weekend.

#MoneyGram #US #cyberattack #cybersecurity #infosec

https://cnews.link/moneygram-cyberattack-outage-unprocessed-payments-3/

Cybersecurity executives say they are taking legal steps to protect themselves from “unprecedented” pressures of a shifting threat landscape.

#AI #CyberSecurity #threats #infosec

https://cnews.link/ai-threats-pushing-cyber-pros-1/

Cyber Pros need to turbocharge their skills with AI if they want to stay competitive.

#AI #hackers #CyberSecurity #infosec

https://cnews.link/ai-makes-ethical-hackers-twice-as-productive-1/

Two men arrested one month after $230 million of cryptocurrency stolen from a single victim.

The men were allegedly less than careful hiding their behaviour - spending $500,000 a night in nightclubs, buying hundreds of bottles of champagne, gifting designer handbags (and even a pink Lamborgini) to random women they bumped into on a night out...

Read more in my article on the Bitdefender blog:

https://www.bitdefender.com/blog/hotforsecurity/two-men-arrested-one-month-after-230-million-of-cryptocurrency-stolen-from-a-single-victim/

#cybersecurity #cryptocurrency