Security News
The U.S. Cybersecurity and Infrastructure Security Agency on Monday added a critical security flaw impacting OSGeo GeoServer GeoTools to its Known Exploited Vulnerabilities catalog, based on evidence of active exploitation. GeoServer is an open-source software server written in Java that allows users to share and edit geospatial data.
A smartphone's unique Bluetooth fingerprint could be used to track the device's user-until now. A team of researchers has developed a simple firmware update that can completely hide the Bluetooth fingerprint, eliminating the vulnerability.
This article provides an overview of the major data breaches we covered in 2024 so far, highlighting incidents involving Trello, AnyDesk, France Travail, Nissan, MITRE, Dropbox, BBC Pension Scheme, TeamViewer, Advance Auto Parts, and AT&T. Find out what led to the breaches and how they affected the breached organizations. French national unemployment agency France Travail and Cap emploi, a government employment service for people with disabilities, have suffered a data breach that might have exposed personal data of 43 million people.
The FBI on Monday revealed it has gained access to a phone it says was used by Thomas Matthew Crooks - the man who shot at and wounded former US president Donald Trump on July 13 in an apparent failed assassination attempt. The bureau hasn't explained how it got into the cellphone, though it is known to have previously acquired capabilities that allow it to access locked devices - and even view encrypted content - despite the use of passwords and/or biometric authentication.
While previous Olympic games have faced cybersecurity threats, the Games of the XXXIII Olympiad, also known as Paris 2024, will see the largest number of threats, the most complex threat landscape, the largest ecosystem of threat actors, and the highest degree of ease for threat actors to execute attacks, according to IDC. To defend against these attacks and avoid significant disruptions, IDC estimates that revenue from cybersecurity services in France will increase by $94 million in 2024 as a result of the Olympic Games, adding just over two percentage points to total cybersecurity services spending. Paris 2024 will be the most connected games ever, including but not limited to back-of-house systems, financial systems, critical national infrastructure, city infrastructure, sport technology, broadcast technology, and merchandising and ticketing.
The DarkGate malware family has become more prevalent in recent months, after one of its main competitors was taken down by the FBI. The malware was discovered by endpoint security outfit enSilo's security maven Adi Zeligson in 2018 - but it has evolved over the years. Blackford's threat-hunting team recently detected a gang it tracks as TA571 using DarkGate to gain access to more than 1,000 organizations.
Kaspersky has confirmed it will shutter its American operations and cut US-based jobs following President Biden's ban on the Russian business last month. "Starting from July 20 Kaspersky will gradually wind down its US operations and eliminate US-based positions," the rep told us.
Russian cybersecurity company and antivirus software provider Kaspersky Lab will start shutting down operations in the United States on July 20. [...]
The Iranian-backed MuddyWatter hacking group has partially switched to using a new custom-tailored malware implant to steal files and run commands on compromised systems. "We discovered several versions of the malware being distributed, with differences between each version showing improvements and bug fixes," Check Point said.
Citations of scientific work abide by a standardized referencing system: Each reference explicitly mentions at least the title, authors' names, publication year, journal or conference name, and page numbers of the cited publication. References in a scientific publication allow authors to justify methodological choices or present the results of past studies, highlighting the iterative and collaborative nature of science.