The House of Lords in the UK is urging the government to enact legislation regarding the use of facial recognition technology
The House of Lords in the UK is urging the government to enact legislation regarding the use of facial recognition technology by law enforcement agencies. Baroness Hamwee, chair of the House of Lords Justice and Home Affairs Committee, expressed grave ...
Read more
Insights, Techniques, and Enhancements for Tripwire’s State Analyzer
During the recent Tripwire Energy and NERC Compliance Working Group, a session was conducted to showcase some useful insights and methods for optimizing the latest version of Tripwire State Analyzer (TSA) to better suit your organization’s needs. The most recent ...
Read more
Enhancing Cloud Security: A Framework for Continuous Improvement
Cloud security optimization involves the meticulous selection and allocation of appropriate resources to workloads or applications, aiming to minimize costs while enhancing performance and efficiency. These resources encompass computational power, memory, storage, and network capabilities. The process of cloud optimization ...
Read more
Gaining Board Approval: Articulating Cybersecurity’s Return on Investment
Despite the escalating frequency of data breaches, ransomware incidents, and assorted cyber perils, persuading Boards of Directors to invest in robust cybersecurity measures remains a challenge for many businesses. This hurdle primarily stems from the necessity to demonstrate tangible Return ...
Read more
Will Cybercrime’s Ascendancy Persist?
At the turn of the millennium, cybercrime was scarcely a concern. The Good Friday Agreement was fresh, the US had just expelled a Russian diplomat for espionage, and fears of the Y2K bug loomed. It wasn’t until five months later ...
Read more
Hackers Exploited ColdFusion Vulnerability to Breach Federal Agency Servers
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding the active exploitation of a significant Adobe ColdFusion vulnerability by unidentified threat actors aiming to gain initial access to government servers. CISA stated, “The ColdFusion vulnerability (CVE-2023-26360) ...
Read more
New Bluetooth Vulnerability Enables Hackers to Compromise Android, Linux, macOS, and iOS Devices
An urgent Bluetooth security flaw has surfaced, posing a significant threat to Android, Linux, macOS, and iOS devices. Identified as CVE-2023-45866, the flaw centers around an authentication bypass issue, allowing attackers to establish connections with vulnerable devices and inject keystrokes ...
Read more
Caution: New Insights Unveiled Regarding Zero-Click Outlook RCE Exploits
Recently disclosed technical details shed light on two security vulnerabilities in Microsoft Windows that have since been patched, but could still be combined by malicious actors to achieve remote code execution on the Outlook email service without any user interaction. ...
Read more
Researchers Unveil Discovery of Outlook Vulnerability Exposing NTLM Passwords
A recently addressed security loophole in Microsoft Outlook has been identified as a potential avenue for threat actors to obtain NT LAN Manager (NTLM) v2 hashed passwords when accessing a specially designed file. This security concern, denoted as CVE-2023-35636 (CVSS ...
Read more
Malicious Software Exploits Google MultiLogin Vulnerability to Retain Access Despite Password Resets
Information-stealing malware is actively leveraging an undocumented Google OAuth endpoint called MultiLogin to hijack user sessions, allowing continuous access to Google services even after a password reset. CloudSEK reports that this critical exploit facilitates session persistence and cookie generation, empowering ...
Read more