Security News

The findings highlight the lack of data management oversight across industries, especially for financial services organizations that often handle exorbitant amounts of personally identifiable information. This "Stale data" poses serious consumer data security issues for individuals and businesses, opening the door to identity theft and data security breaches-especially during tax season when so much personal data is being shared across digital platforms.

Many security vulnerabilities result from human error, and the majority of these are reflected in the application layer. These errors may occur at any stage in the software development life cycle, from code to cloud.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Google has announced a new version of its browser for organizations, Chrome Enterprise Premium, which comes with extended security controls for a monthly fee per user. The product is a step up from Chrome Enterprise, now demoted to Chrome Enterprise Core, and provides threat and data protection, increased control options, and reporting capabilities.

Google is rolling out a new Workspace feature that requires multiple admins to approve high-risk setting changes to prevent unauthorized or accidental modifications that could reduce security. Google Workspace is a comprehensive suite of cloud-based productivity and collaboration tools, integrating services such as Gmail, Google Drive, Google Docs, Sheets, Slides, Google Meet, and Google Calendar, offering a unified solution for businesses, educational institutions, and individuals.

Researchers have demonstrated the "First native Spectre v2 exploit" for a new speculative execution side-channel flaw that impacts Linux systems running on many modern Intel processors. Spectre V2 is a new variant of the original Spectre attack discovered by a team of researchers at the VUSec group from VU Amsterdam.

A threat actor is using a PowerShell script that was likely created with the help of an artificial intelligence system such as OpenAI's ChatGPT, Google's Gemini, or Microsoft's CoPilot. Accessing the shortcut file triggered PowerShell to run a remote script.

From small companies to large corporations, public sectors, government and defense sectors, cybersecurity is the only barrier to protecting valuable digital resources and assets. With an ever-evolving regulatory landscape, cybersecurity has also become essential for organizations to meet compliance and avoid legal risks, fines and reputational damages.

Varonis Threat Labs researchers have uncovered two techniques attackers can use can use for covert data and file exfiltration from companies' SharePoint server. "These techniques can bypass the detection and enforcement policies of traditional tools, such as cloud access security brokers, data loss prevention, and SIEMs, by hiding downloads as less suspicious access and sync events," they noted.

An active Android malware campaign dubbed eXotic Visit has been primarily targeting users in South Asia, particularly those in India and Pakistan, with malware distributed via dedicated websites...