Browsing tag
The U.K. National Cyber Security Centre (NCSC) is calling on manufacturers of smart devices to comply with new legislation that prohibits them from using default passwords, effective April 29, 2024. “The law, known as the Product Security and Telecommunications Infrastructure act (or PSTI act), will help consumers to choose smart devices that have been designed […]
Google on Monday revealed that almost 200,000 app submissions to its Play Store for Android were either rejected or remediated to address issues with access to sensitive data such as location or SMS messages over the past year. The tech giant also said it blocked 333,000 bad accounts from the app storefront in 2023 for […]
The Android banking trojan known as Vultur has resurfaced with a suite of new features and improved anti-analysis and detection evasion techniques, enabling its operators to remotely interact with a mobile device and harvest sensitive data. “Vultur has also started masquerading more of its malicious activity by encrypting its C2 communication, using multiple encrypted payloads […]
Last year, the Open Worldwide Application Security Project (OWASP) published multiple versions of the “OWASP Top 10 For Large Language Models,” reaching a 1.0 document in August and a 1.1 document in October. These documents not only demonstrate the rapidly evolving nature of Large Language Models, but the evolving ways in which they can be […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed state government organization’s network environment was compromised via an administrator account belonging to a former employee. “This allowed the threat actor to successfully authenticate to an internal virtual private network (VPN) access point,” the agency said in a joint advisory published Thursday […]
Hackers with links to the Kremlin are suspected to have infiltrated information technology company Hewlett Packard Enterprise’s (HPE) cloud email environment to exfiltrate mailbox data. “The threat actor accessed and exfiltrated data beginning in May 2023 from a small percentage of HPE mailboxes belonging to individuals in our cybersecurity, go-to-market, business segments, and other functions,” […]
Governments from Australia, the U.K., and the U.S. have imposed financial sanctions on a Russian national for his alleged role in the 2022 ransomware attack against health insurance provider Medibank. Alexander Ermakov (aka blade_runner, GistaveDore, GustaveDore, or JimJones), 33, has been tied to the breach of the Medibank network as well as the theft and […]
Explore how an advanced exposure management solution saved a major retail industry client from ending up on the naughty step due to a misconfiguration in its cookie management policy. This wasn’t anything malicious, but with modern web environments being so complex, mistakes can happen, and non-compliance fines can be just an oversight away.Download the full […]
Wing Security recently announced that basic third-party risk assessment is now available as a free product. But it raises the questions of how SaaS is connected to third-party risk management (TPRM) and what companies should do to ensure a proper SaaS-TPRM process is in place. In this article we will share 5 tips to manage […]
A new variant of the Agent Tesla malware has been observed delivered via a lure file with the ZPAQ compression format to harvest data from several email clients and nearly 40 web browsers. “ZPAQ is a file compression format that offers a better compression ratio and journaling function compared to widely used formats like ZIP […]
Download the free guide, “It’s a Generative AI World: How vCISOs, MSPs and MSSPs Can Keep their Customers Safe from Gen AI Risks.” ChatGPT now boasts anywhere from 1.5 to 2 billion visits per month. Countless sales, marketing, HR, IT executive, technical support, operations, finance and other functions are feeding data prompts and queries into […]
The new ‘Data Protection Bill’ formulated by Narendra Modi’s led BJP government seeks to snatch away privacy, anonymity, and discretion from Indian citizens and companies operating in India. Mozilla, an active advocate of privacy protection, strongly criticized the new reforms made in the Data Protection Law, introduced in the Indian Parliament, earlier today. The reforms […]
Hello Ladies, let’s talk about periods, privacy, and Facebook. Are you using an app on your smartphone to keep tracks on your periods? Well, it’s worrying, because it might be sharing your extremely sensitive information like menstrual cycle and sexual activities with Facebook. A new investigative report from UK-based advocacy group Privacy International revealed how […]
The intrusive activities of companies like Facebook are getting further and further. A group of information security experts has revealed that some menstrual period tracking mobile apps have shared multiple confidential details with the social media giant, including use of birth control methods, dates periods and some symptoms of users. There are multiple menstrual monitoring […]
On Thursday, a German security journalist Ronald Eikenberg reported a flaw in Kaspersky antivirus software that could have leaked data of millions of Kaspersky users. According to his report, Kaspersky injected a unique identifier into the HTML of every website a user visited. Therefore, making it ridiculously easy for perpetrators to keep track of their […]
Slowly and steadily, many silicon valley tech giants have come forward about their use of human contractors to listen to audio recordings of users. And Microsoft is the latest one to public the truth. Following numerous reports on the subject, Microsoft has admitted that some humans do listen to Skype and Cortana audio recordings. But […]
$5 billion, that is a huge sum of money for anyone who reads this hackercombat.com article. An amount of money that is so huge, you can buy a dozen car every day for many decades to come, but will never break your bank if you are Facebook. Yes, $5 billion in fine is what Facebook […]
It’s hard to argue with German authorities when their people’s privacy is concerned. On many occasions, Germany has valued its people’s rights on the Internet over striking deals with multinational data-sucking corporations. The German privacy watchdog has now banned Microsoft Office 365 in the state of Hesse over privacy concerns. In its statement, HBDI (Hesse […]
When you use Google Assistant to get answers to your queries and perform daily tasks, not only the device is listening to your commands but Google contractors could also listen to your conversation with the Assistant. A report by Belgian broadcaster VRT News has revealed that recordings of Google Assistant on Home-branded speakers and smartphones […]
Facebook invited lots of criticism earlier this year for having paid users in the 13 to 35 age group for permission to install a “Facebook Research” VPN on their phones. The users were paid up to $20 a month. Upon being widely criticized for accessing data of such users, Facebook had to defend its stand. […]
Did you patronize one of the Rally’s food joints and Checkers Drive-In restaurants since December 2015? Then this news is for you: The two drive-through food chains with 100+ branches in the United States had 15% of their cash registers infected by POS malware since late 2015. Customer information was harvested by the malware, with […]