Security News

Both Google’s Pixel’s Markup Tool and the Windows Snipping Tool have vulnerabilities that allow people to partially recover content that was edited out of images.

Microsoft has released an out-of-band update to address a privacy-defeating flaw in its screenshot editing tool for Windows 10 and Windows 11. "If you take a screenshot of your bank statement, save it to your desktop, and crop out your account number before saving it to the same location, the cropped image could still contain your account number in a hidden format that could be recovered by someone who has access to the complete image file," Microsoft explains.

Tom Gillis, senior vice president for Cisco Security, said enterprises are in the midst of a strategic shift away from security through collections of individual software security tools and cloud solutions for securing assets. "For decades, new problems in security have arisen and small companies come up with innovative solutions to address these. But buying individual best-in-breed solutions from new vendors puts the burden on the customer to ingest all of these solutions and integrate them," Gillis said.

Security experts are increasingly resorting to unauthorized AI tools, possibly because they are unhappy with the level of automation implemented in their organization's security operation centers, according to a study conducted by Wakefield Research. Security pros are using AI tools without authorization.

Over 60% of organizations have been operating in a cloud environment for three or more years, but technical complexities and maintaining comprehensive security still hamper their cloud migration efforts, according to the 2023 State of Cloud-Native Security Report. In the report, the ideal cloud security solution is scalable and able to handle immediate security needs and additional use cases as the company expands cloud applications and uses.

ESET researchers have analyzed MQsTTang, a custom backdoor that they attribute to the China-aligned Mustang Panda APT group. Due to the nature of the decoy filenames used, researchers believe that political and governmental organizations in Europe and Asia are also being targeted.

Microsoft has added two new utilities to the open-source PowerToys toolset to help Windows users paste text without formatting and make moving the mouse across multiple screens or on ultra-wide monitors easier. As its name implies, the new "Paste as Plain Text" tool can quickly paste the most recent clipboard content as unformatted text into any app.

In this Help Net Security video, Frank Catucci, CTO, and Dan Murphy, Distinguished Architect at Invicti Security, break down the different types of application security testing tools, explore the...

Such tools are essential for evaluating the performance of deep reinforcement learning algorithms. The method is emerging as a powerful decision-support tool for cybersecurity experts - a defense agent with the ability to learn, adapt to quickly changing circumstances, and make decisions autonomously.

Europol supported the German, Dutch and US authorities in taking down the infrastructure of the prolific HIVE ransomware.In the last year, HIVE ransomware has been identified as a major threat as it has been used to compromise and encrypt the data and computer systems of large IT and oil multinationals in the EU and the USA. Since June 2021, over 1 500 companies from over 80 countries worldwide have fallen victim to HIVE associates and lost almost EUR 100 million in ransom payments.