Security News

Raj Samani, SVP, Chief Scientist, Rapid7, discusses the tactics observed from a recent case of espionage, and what can be learned from such observations. This video was recorded at IRISSCON 2022, an annual conference organized by IRISSCERT. The all-day event focuses on providing attendees with an overview of the current cyber threats facing businesses in Ireland and what they can do to help deal with those threats.

Google has agreed to pay a total of $29.5 million to settle two different lawsuits brought by Indiana and Washington, D.C., over its "Deceptive" location tracking practices. The search and advertising giant is required to pay $9.5 million to D.C. and $20 million to Indiana after the states sued the company for charges that the company tracked users' locations without their express consent.

LastPass says attackers got users' info and password vault dataThe information couldn't come at a worst time, as businesses are winding down their activities and employees and users are thick in the midst of last-minute preparations for end-of-year holidays. New Microsoft Exchange exploit chain lets ransomware attackers inRansomware-wielding attackers are using a new exploit chain that includes one of the ProxyNotShell vulnerabilities to achieve remote code execution on Microsoft Exchange servers.

Advertisers have responded by pioneering a new method for tracking users across the Web, known as user ID smuggling, which does not require third-party cookies. Researchers at UC San Diego have for the first time sought to quantify the frequency of UID smuggling in the wild, by developing a measurement tool called CrumbCruncher.

Apple tracked users without their consent and deserves to be fined €6 million, according to a top advisor to France's data privacy watchdog. The Commission nationale de l'informatique et des libertés launched an investigation into Apple after a complaint filed by France Digitale, a lobby group supporting startups, accused the company of violating EU privacy laws last year.

Israeli fortifications in the West Bank are becoming a bit more faceless, as the military has reportedly deployed robotic turrets capable of firing stun grenades, less-than-lethal bullets, and tear gas at Palestinians protesting their presence. The remote-controlled auto guns were recently spotted at the Al-Aroub refugee camp in the southern West Bank, and in the city of Hebron, where locals speaking to the Associated Press told tales of weapons that fire without warning and frequently coat hillsides in tear gas.

Advanced persistent threats are a type of attack that's usually carried out or sponsored by a nation-state, and unlike other types of malware attacks, these pose their own challenges. Typically, an APT threat actor will perform some kind of reconnaissance on their target, and then target their victim by sending, for example, a spear-phishing email.

Internet giant Google has agreed to pay a record $391.5 million to settle with 40 states in the U.S. over charges the company misled users about the collection of personal location data. "Google misled its users into thinking they had turned off location tracking in their account settings, when Google continued to collect their location information," Oregon Attorney General Ellen Rosenblum said Monday.

Google has agreed to pay $391.5 million to settle a privacy lawsuit filed by a coalition of attorneys general from 40 U.S. states. The settlement shows that the U.S. attorneys general discovered while investigating a 2018 Associated Press article that the search giant misled Android users and tracked their locations since at least 2014 even when they thought location tracking was disabled.

Royal Mail, UK's leading mail delivery service, has been experiencing ongoing outages with its online tracking services down for more than 24 hours at the time of writing. With Royal Mail's Track & Trace website offline, British residents are unable to track their parcels, letters and mail deliveries.