Collaborate Disseminate
A new macOS-specific variant of the well known XLoader malware is being delivered disguised as the “OfficeNote” app. “Multiple submissions of this sample have appeared on VirusTotal throughout July, indicating that the malware has bee… Continue reading Bogus OfficeNote app delivers XLoader macOS malware
The overarching mission of the US-based non-profit organization the Tor Project is to advance human rights and make open-source, privacy preserving software available to people globally, so that they can browse the internet privately, protect themselve… Continue reading Delivering privacy in a world of pervasive digital surveillance: Tor Project’s Executive Director speaks out
Several vulnerabilities in Samsung’s Exynos chipsets may allow attackers to remotely compromise specific Samsung Galaxy, Vivo and Google Pixel mobile phones with no user interaction. “With limited additional research and development, we believe t… Continue reading Samsung, Vivo, Google phones open to remote compromise without user interaction
Everyone wants extraordinary online experiences without sacrificing the security of their personal information. Yet according to Ping Identity’s 2022 Consumer Survey, 77% of people feel they will never be in full control of their privacy online and sti… Continue reading What a perfect day in data privacy looks like
Two vulnerabilities (CVE-2022-4873, CVE-2022-4874) found in three NetComm router models could be exploited to achieve remote code execution on vulnerable devices, and there’s a public PoC chaining them, CERT/CC has warned. The good news is that t… Continue reading Vulnerable NetComm routers and a public PoC exploit (CVE-2022-4873, CVE-2022-4874)
The August 2022 LastPass breach has resulted in potentially catastrophic consequences for the company and some of its users: attackers have made off with unencrypted customer data and copies of backups of customer vault data. The information couldnR… Continue reading LastPass says attackers got users’ info and password vault data
Australian health insurance provider Medibank has confirmed that another batch of the customer data stolen in the recent breach has been leaked. “We are conducting further analysis on the files today and at this stage believe there are 6 zipped f… Continue reading All of Medibank’s stolen data leaked, Australia increases maximum penalties for data breaches
Consumers worldwide want frictionless online experiences without sacrificing the security of personal information, according to a recent survey from Ping Identity. With 63% feeling better about services that use multi-factor authentication (MFA) at log… Continue reading Consumers want convenience without sacrificing security
When the Federal Trade Commission (FTC) releases new regulations or changes to existing ones, the implications may not be obvious to the average business or company employees. The FTC and privacy The FTC is a federal agency that protects consumers from… Continue reading Cybersecurity engineering under the Federal Trade Commission
According to NordPass’ latest list of top 200 most common passwords in 2022, “password” is the most popular choice, followed by “123456”, “123456789”, “guest” and “qwerty“. 2022 is endin… Continue reading The top 200 most common passwords in 2022 are bad, mkay?