Are your password policies having a positive impact on the cybersecurity posture of your org? Learn more from Specops Software about how to align password policies with wider cybersecurity KPIs. […]
Category Archives: Security
Auto Added by WPeMatico
The United Kingdom’s Information Commissioner’s Office (ICO) revealed today that the Electoral Commission was breached in August 2021 because it failed to patch its on-premise Microsoft Exchange Server against ProxyShell vulnerabilities. […]
A new version of the Android spyware ‘Mandrake’ has been found in five applications downloaded 32,000 times from Google Play, the platform’s official app store. […]
Microsoft Outlook can be turned into a C2 beacon to remotely execute code, as demonstrated by a new red team post-exploitation framework named “Specula,” released today by cybersecurity firm TrustedSec. […]
HSA provider HealthEquity has determined that a cybersecurity incident disclosed earlier this month has compromised the information of 4,300,000 people. […]
A massive phishing campaign dubbed “EchoSpoofing” exploited a security gap in Proofpoint’s email protection service to dispatch millions of spoofed emails impersonating big entities like Disney, Nike, IBM, and Coca-Cola, to target Fortune 100 companies. […]
Threat actors are exploiting a misconfiguration in Selenium Grid, a popular web app testing framework, to deploy a modified XMRig tool for mining Monero cryptocurrency. […]
X has quietly begun training its Grok AI chat platform using members’ public posts without first alerting anyone that it is doing it by default. Here’s how to block Grok from using your data. […]
A security issue in the latest version of WhatsApp for Windows allows sending Python and PHP attachments that are executed without any warning when the recipient opens them. […]
26
Jul
Jul
Google says it recently fixed an authentication weakness that allowed crooks to circumvent the email verification required to create a Google Workspace account, and leverage that to impersonate a domain holder at third-party services that allow logins through Google’s “Sign in with Google” feature. Last week, KrebsOnSecurity heard from a reader who said they received a […]