Security News

OpenTable is adding your first name to previously anonymous reviews
2024-04-11 22:15

Restaurant reservation platform OpenTable says that all reviews on the platform will no longer be fully anonymous starting May 22nd and will now show members' profile pictures and first names. "At OpenTable, we strive to build a community in which diners can help other diners discover new restaurants, and reviews are a big part of that," reads the OpenTable email seen by BleepingComputer.

History of RSA Conference. Bruce Schneier. The First ‘Exhibitor’ in 1994.
2024-04-11 05:52

Bruce Schneier was at the first ever RSA Conference in 1991, and he was the first 'exhibitor' in 1994 when he asked Jim Bidzos, Creator of the RSA Conference, if he could sell copies of his book "Applied Cryptography." Bidzos set Schneier up in the hotel lobby where the conference was being held-and the rest is history. Listen to some great RSA Conference memories on this episode of the History of RSA Conference.

Researchers Uncover First Native Spectre v2 Exploit Against Linux Kernel
2024-04-10 09:26

Cybersecurity researchers have disclosed what they say is the "first native Spectre v2 exploit" against the Linux kernel on Intel systems that could be exploited to read sensitive data from the...

Building Your Privacy-Compliant Customer Data Platform (CDP) with First-Party Data
2024-02-28 12:02

In today's digital era, data privacy isn't just a concern; it's a consumer demand. Businesses are grappling with the dual challenge of leveraging customer data for personalized experiences while...

EU adopts first cybersecurity certification scheme for safer tech
2024-02-02 04:30

The European Commission adopted the implementing regulation concerning the EU cybersecurity certification scheme on Common Criteria. ENISA is grateful for the guidance and support from Member States via the European Cybersecurity Certification Group and for the contributions of the Stakeholder Cybersecurity Certification Group.

Tesla hacks make big bank at Pwn2Own's first automotive-focused event
2024-01-29 01:29

Five $60,000 bounties - the second-highest monetary awards behind Synacktiv's $100k Tesla hacks - were awarded for attacks on EV chargers manufactured by Emporia, ChargePoint, Ubiquiti, Phoenix and JuiceBox. Three attacks against Automotive Grade Linux were also attempted, with only one succeeding.

Microsoft releases first Windows Server 2025 preview build
2024-01-26 20:01

Microsoft has released Windows Server Insider Preview 26040, the first Windows Server 2025 build for admins enrolled in its Windows Insider program. This build is the first pushed for the next Windows Server Long-Term Servicing Channel Preview, which comes with both the Desktop Experience and Server Core installation options for Datacenter and Standard editions, Annual Channel for Container Host and Azure Edition.

Apple fixes first zero-day bug exploited in attacks this year
2024-01-22 19:20

Apple released security updates to address this year's first zero-day vulnerability exploited in attacks that could impact iPhones, Macs, and Apple TVs. The zero-day fixed today is tracked as CVE-2024-23222 and is a WebKit confusion issue that attackers could exploit to gain code execution on targeted devices. "Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited," Apple said today.

Google fixes first actively exploited Chrome zero-day of 2024
2024-01-16 19:13

Google has released security updates to fix the first Chrome zero-day vulnerability exploited in the wild since the start of the year. The company fixed the zero-day for users in the Stable Desktop channel, with patched versions rolling out worldwide to Windows, Mac, and Linux users less than a week after being reported to Google.

FTC secures first databroker settlement banning sale of sensitive location data
2024-01-15 15:34

Infosec in brief The US Federal Trade Commission has secured its first data broker settlement agreement, prohibiting X-Mode Social from sharing or selling sensitive location data. In its complaint, the FTC accused X-Mode, which sold its assets to successor firm Outlogic in 2021, of selling raw non-anonymized location data collected through its own apps and an SDK for embedding in third-party applications.