Security News > 2023 > October

In the wake of Google's announcement of new rules for bulk senders, Microsoft is urging Microsoft 365 email senders to implement SPF, DKIM and DMARC email authentication methods. "These Domain Name Service email authentication records verify that you are the legitimate sender of your email and prevent spoofing and phishing attacks," Microsoft noted.

Google is asking bug hunters and exploit writers to develop 0-day and n-day exploits in Chrome's V8 JavaScript engine and Google Cloud's Kernel-based Virtual Machine. The exploit writers should make their exploitation attempts against a V8 version running on Google infrastructure.

With the help of the wallet, the user can limit the disclosure of his data to those attributes that are necessary for the provision of the service, e.g., a user's legal age or a successfully completed university degree. This selective disclosure enables an individual to share parts of a larger data set.

As connected cars become a standard feature in the market, the significance of automotive cybersecurity rises, playing an essential role in ensuring the safety of road users. In this Help Net Security video, Samantha Beaumont, Principal Security Consultant at IOActive, sheds light on the challenges and possible solutions to the cybersecurity threats that modern vehicles encounter.

As the landscape of online security continues to evolve, there is a noticeable shift in people's perceptions of cybersecurity, with an increasing awareness of its vital role in staying safe online, according to a survey conducted by the National Cybersecurity Alliance and CybSafe. "Additionally, the perception of high costs associated with online protection from our findings highlights the importance of showcasing and delivering affordable cybersecurity solutions accessible for everyone," Alashe added.

While the threat landscape is evolving for most on the front lines, little has changed in recent years, according to ISACA. The research finds that of the cybersecurity professionals who said they were experiencing an increase or decrease in cybersecurity attacks as compared to a year ago, 52% say they are experiencing more cyberattacks. 62% of respondents report that their cybersecurity team is understaffed.

A Gaza-based threat actor has been linked to a series of cyber attacks aimed at Israeli private-sector energy, defense, and telecommunications organizations. Microsoft, which revealed details of...

Cyber insurance is a type of insurance policy that provides financial protection and support to individuals and organizations in the event of cyber incidents, including data breaches, hacking, ransomware attacks, and other cyber threats. It typically covers expenses such as data recovery, legal fees, notification costs, public relations efforts, and regulatory fines, helping policyholders manage the financial impact and recovery process following a cyberattack or data breach.

Infosec in brief Bot defense software vendor Human Security last week detailed an attack that "Sold off-brand mobile and Connected TV devices on popular online retailers and resale sites preloaded with a known malware called Triada." Human named the campaign to infect and distribute the Android devices BADBOX. The infected devices were sold for under $50. Human's researchers found over 200 models with pre-installed malware, and when it went shopping for seven particular devices found that 80 percent of units were infected with BADBOX. Analysis of infected devices yielded intel on an ad fraud module Human's researchers named PEACHPIT. At its peak, PEACHPIT ran on a botnet spanning 121,000 devices a day on Android.

In a bid to upgrade user experience, the Chrome team is developing an "Organise Tabs" feature, soon to be seen at the top left corner of the browser, adjacent to the tab search function. This new feature may potentially introduce an automatic tab group creation once tabs are systematically categorised.