Security News > 2023 > June
Zoom has introduced a new range of privacy enhancements and tools to make sure users have control over their data and their privacy preferences. One of the notable general privacy enhancements is the implementation of a data subject access requests tool.
The landscape of OT security tools is far less developed than its information technology counterpart. With OT systems opening to the world and cyberthreats surging, the lack of OT-specific security tools has emerged as an urgent problem.
Google has released a security update for Chrome web browser to address the third zero-day vulnerability that hackers exploited this year. Withholding technical information is the usual stance from Google when a new security issue is found.
In 2013 and 2014, I wrote extensively about new revelations regarding NSA surveillance based on the documents provided by Edward Snowden. He had been working on the Edward Snowden archive for a couple of months, and had a pile of more technical documents that he wanted help interpreting.
The fallout of the MOVEit Transfer hack via CVE-2023-34362 by the Cl0p gang is expanding, as several UK-based companies have now confirmed that some of their data has been stolen. Caitlin Condon, Senior Manager of Security Research at Rapid7, told Help Net Security that the company has responded to MOVEit Transfer alerts across a wide range of organizations, from small businesses to enterprises with tens of thousands of assets.
Google on Monday released security updates to patch a high-severity flaw in its Chrome web browser that it said is being actively exploited in the wild.Tracked as CVE-2023-3079, the vulnerability has been described as a type confusion bug in the V8 JavaScript engine.
You might imagine from the considerable number of email security tools on the market that the problem is being kept relatively in check, but you'd be wrong. Too many existing email security tools are based around analysis of historical attack data, so can only spot what they've seen before.
Threat actors associated with the Cyclops ransomware have been observed offering an information stealer malware that's designed to capture sensitive data from infected hosts. Cyclops ransomware is notable for targeting all major desktop operating systems, including Windows, macOS, and Linux.
The intersection of LLMs with corporate security and privacy warrants a deeper dive. Techniques like differential privacy can ensure that LLMs learn from data without exposing individual information.
A Chinese-speaking phishing gang dubbed PostalFurious has been linked to a new SMS campaign that's targeting users in the U.A.E. by masquerading as postal services and toll operators, per Group-IB. The fraudulent scheme entails sending users bogus text messages asking them to pay a vehicle trip fee to avoid additional fines. The messages also contain a shortened URL to conceal the actual phishing link.