Security News

Tesla hacks make big bank at Pwn2Own's first automotive-focused event
2024-01-29 01:29

Five $60,000 bounties - the second-highest monetary awards behind Synacktiv's $100k Tesla hacks - were awarded for attacks on EV chargers manufactured by Emporia, ChargePoint, Ubiquiti, Phoenix and JuiceBox. Three attacks against Automotive Grade Linux were also attempted, with only one succeeding.

Microsoft releases first Windows Server 2025 preview build
2024-01-26 20:01

Microsoft has released Windows Server Insider Preview 26040, the first Windows Server 2025 build for admins enrolled in its Windows Insider program. This build is the first pushed for the next Windows Server Long-Term Servicing Channel Preview, which comes with both the Desktop Experience and Server Core installation options for Datacenter and Standard editions, Annual Channel for Container Host and Azure Edition.

Apple fixes first zero-day bug exploited in attacks this year
2024-01-22 19:20

Apple released security updates to address this year's first zero-day vulnerability exploited in attacks that could impact iPhones, Macs, and Apple TVs. The zero-day fixed today is tracked as CVE-2024-23222 and is a WebKit confusion issue that attackers could exploit to gain code execution on targeted devices. "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited," Apple said today.

Google fixes first actively exploited Chrome zero-day of 2024
2024-01-16 19:13

Google has released security updates to fix the first Chrome zero-day vulnerability exploited in the wild since the start of the year. The company fixed the zero-day for users in the Stable Desktop channel, with patched versions rolling out worldwide to Windows, Mac, and Linux users less than a week after being reported to Google.

FTC secures first databroker settlement banning sale of sensitive location data
2024-01-15 15:34

Infosec in brief The US Federal Trade Commission has secured its first data broker settlement agreement, prohibiting X-Mode Social from sharing or selling sensitive location data. In its complaint, the FTC accused X-Mode, which sold its assets to successor firm Outlogic in 2021, of selling raw non-anonymized location data collected through its own apps and an SDK for embedding in third-party applications.

Tech upgrades for first responders are a necessity, not a luxury
2023-12-29 04:30

Public safety professionals want technology upgrades and adoption of federal standards for first responder IT security, reporting and efficiency, according to Mark43. "We heard a resounding response from first responders across the country: They are concerned about their public safety agency's ability to withstand cyberattacks and natural disasters, given the ever-increasing number and severity of bad actors attacking public infrastructure as well as the uptick in extreme weather incidents," said Matthew Polega, President, Mark43.

First American takes IT systems offline after cyberattack
2023-12-21 19:06

First American Financial Corporation, the second-largest title insurance company in the United States, took some of its systems offline today to contain the impact of a cyberattack. "First American has experienced a cybersecurity incident," the company said in a statement published on a website dedicated to the cyberattack.

Title insurance giant First American offline after cyberattack
2023-12-21 19:06

First American Financial Corporation, the second-largest title insurance company in the United States, took some of its systems offline today to contain the impact of a cyberattack. "First American has experienced a cybersecurity incident," the company said in a statement published on a website dedicated to the cyberattack.

Playbook: Your First 100 Days as a vCISO - 5 Steps to Success
2023-12-11 11:45

In an increasingly digital world, no organization is spared from cyber threats. Yet, not every organization has the luxury of hiring a full-time, in-house CISO. This gap in cybersecurity...

Hacking the Human Mind: Exploiting Vulnerabilities in the 'First Line of Cyber Defense'
2023-12-07 11:44

Humans are complex beings with consciousness, emotions, and the capacity to act based on thoughts. In the ever-evolving realm of cybersecurity, humans consistently remain primary targets for...