Security News > 2022 > November

Threat actors are capitalizing on a popular TikTok challenge to trick users into downloading information-stealing malware, according to new research from Checkmarx. "Instructions to get the 'unfilter' software deploy WASP stealer malware hiding inside malicious Python packages," Checkmarx researcher Guy Nachshon said in a Monday analysis.

Threat actors are capitalizing on a popular TikTok challenge to trick users into downloading information-stealing malware, according to new research from Checkmarx. The trend, called Invisible Challenge, involves applying a filter called Invisible Body that just leaves behind a silhouette of the person's body.

Assuming you're not a target leads to lax security practices in many SMBs who lack the knowledge or expertise to put simple security steps in place. According to a Cyber Security Breaches Survey, businesses that hold electronic personal data of their customers are more likely than average to have had breaches.

Assuming you're not a target leads to lax security practices in many SMBs who lack the knowledge or expertise to put simple security steps in place. According to a Cyber Security Breaches Survey, businesses that hold electronic personal data of their customers are more likely than average to have had breaches.

A pre-authentication RCE flaw in Oracle Access Manager that has been fixed in January 2022 is being exploited by attackers in the wild, the Cybersecurity and Infrastructure Security Agency has confirmed by adding the vulnerability to its Known Exploited Vulnerabilities Catalog.The vulnerability is in the OpenSSO Agent component of the Oracle Access Manager product, which is widely used by corporations for single sign-on as part of the Oracle Fusion Middleware suite.

Below, you'll find four key resources you can use to take your email security to the next level. Electronic communication policy While communication tools such as email are convenient, they can also be dangerous.

According to NordPass' latest list of top 200 most common passwords in 2022, "Password" is the most popular choice, followed by "123456", "123456789", "Guest" and "Qwerty". 2022 is ending and 2023 is almost upon us, but despite yearly entreates to users to up their password game, weak and oftenused passwords are obviously still a problem.

The Russian criminal crew Sandworm is launching another attack against organizations in Ukraine, using a ransomware that analysts at Slovakian software company ESET are calling RansomBoggs. "There are similarities with previous attacks conducted by #Sandworm: a PowerShell script used to distribute the.NET ransomware from the domain controller is almost identical to the one seen last April during the #Industroyer2 attacks against the energy sector" that were attributed to Sandworm.

Ireland's Data Protection Commission has levied fines of €265 million against Meta Platforms for failing to safeguard the personal data of more than half a billion users of its Facebook service, ramping up privacy enforcement against U.S. tech firms. The fines follow an inquiry initiated by the European regulator on April 14, 2021, close on the heels of a leak of a "Collated dataset of Facebook personal data that had been made available on the internet."

Ireland's Data Protection Commission has levied fines of €265 million against Meta Platforms for failing to safeguard the personal data of more than half a billion users of its Facebook service, ramping up privacy enforcement against U.S. tech firms. The fines follow an inquiry initiated by the European regulator on April 14, 2021, close on the heels of a leak of a "Collated dataset of Facebook personal data that had been made available on the internet."