Security News
In an email interview with TechRepublic, Jake Williams, faculty member at IANS Research and former NSA offensive hacker, said, "The publication highlights the challenges with comparing the features provided by vendors. CISA seems to be putting vendors on notice that they want vendors to be clear about what standards they do and don't support in their products, especially when a vendor only supports portions of a given standard." According to CISA and the NSA, the definitions and policies of the different variations of MFAs are unclear and confusing.
Microsoft says the recent wave of blue screens impacting some Windows users is not caused by issues in its August 2023 optional updates. Microsoft first acknowledged this known issue on Wednesday, saying that affected platforms include Windows 11 22H2 and Windows 10 21H2/22H2.
The U.S. government has banned European commercial spyware manufacturers Intellexa and Cytrox, citing risks to U.S. national security and foreign policy interests. Google's Threat Analysis Group linked the Cytrox in May 2022 with multiple zero-day vulnerabilities used to deploy Predator spyware on Android devices.
The U.S. government on Tuesday added two foreign commercial spyware vendors, Cytrox and Intellexa, to an economic blocklist for weaponizing cyber exploits to gain unauthorized access to devices and "Threatening the privacy and security of individuals and organizations worldwide." Cytrox is the maker of a mobile mercenary spyware called Predator that's analogous to NSO Group's Pegasus.
Cybercriminals are increasingly posing as multi-factor authentication vendors and small businesses are becoming more popular targets, according to VIPRE. Attachment-based malspam is on the rise. The report also concluded that attachment-based malspam is on the rise, by a significant 22% when compared to malspam with links.
Here's a look at the current top facial recognition software vendors, as well as use cases for the technology. Facial recognition software vendors Amazon Rekognition: Best overall facial recognition software.
An international law enforcement operation has resulted in the arrest of 288 vendors who are believed to be involved in drug trafficking on the dark web, adding to a long list of criminal enterprises that have been shuttered in recent years. "This represents the most funds seized and the highest number of arrests in any coordinated international action," U.S. Attorney General Merrick B. Garland said.
An international law enforcement operation codenamed 'SpecTor' has arrested 288 dark web vendors and customers worldwide, with police seizing €50.8 million in cash and cryptocurrency. "The vendors arrested as a result of the police action against Monopoly Market were also active on other illicit marketplaces, further impeding the trade of drugs and illicit goods on the dark web."
In Brief We thought it was probably the case when the news came out, but now it's been confirmed: The X Trader supply chain attack behind the 3CX compromise last month wasn't confined to the telco developer. For those unfamiliar with the incident, 3CX reported a supply chain attack that saw its 3CX DesktopApp compromised with a trojanized version of the X Trader futures trading app published by Trading Technologies.
The group's trophies included nearly 200GB of source code from Samsung, the source code for Nvidia's DLSS technology, and 250 internal projects from Microsoft. There may be vulnerabilities in the way software applications handle functions and data that could be present in the source code.