Security News

Cop shop rapped for 'completely avoidable' web form blunder
2024-03-15 11:34

The London Mayor's Office for Policing and Crime is being rapped by regulators for untidy tech practices that made public the personal data of hundreds of people who filed complaints against the Metropolitan Police Service. Between November 11-14 2022, an unnamed employee of the GLA had meant to permit four colleagues access to data shared via the web forms but instead made both forms open to anyone on the internet.

Guide: On-Prem is Dead. Have You Adjusted Your Web DLP Plan?
2024-03-11 11:33

As the shift of IT infrastructure to cloud-based solutions celebrates its 10-year anniversary, it becomes clear that traditional on-premises approaches to data security are becoming obsolete....

Web-based PLC malware: A new potential threat to critical infrastructure
2024-03-07 11:45

"Our Web-Based PLC malware resides in PLC memory, but ultimately gets executed client-side by various browser-equipped devices throughout the ICS environment. From there, the malware uses ambient browser-based credentials to interact with the PLC's legitimate web APIs to attack the underlying real-world machinery," the researchers explained. "While previous attacks on PLCs infect either the control logic or firmware portions of PLC computation, our proposed malware exclusively infects the web application hosted by the emerging embedded webservers within the PLCs," the researchers noted.

A New Way To Manage Your Web Exposure: The Reflectiz Product Explained
2024-03-06 11:30

An in-depth look into a proactive website security solution that continuously detects, prioritizes, and validates web threats, helping to mitigate security, privacy, and compliance risks. ...

Over 225,000 Compromised ChatGPT Credentials Up for Sale on Dark Web Markets
2024-03-05 10:38

More than 225,000 logs containing compromised OpenAI ChatGPT credentials were made available for sale on underground markets between January and October 2023, new findings from Group-IB show....

Web Check: Open-source intelligence for any website
2024-02-26 06:00

Web Check offers thorough open-source intelligence and enables users to understand a website's infrastructure and security posture, equipping them with the knowledge to understand, optimize, and secure their online presence. Web Check provides insight into the inner workings of any specified website, enabling users to identify possible security vulnerabilities, scrutinize the underlying server architecture, inspect security settings, and discover the various technologies employed by the site.

Cutting kids off from the dark web – the solution can only ever be social
2024-02-16 12:01

The murder of 16-year-old schoolgirl Brianna Ghey has kickstarted a debate around limiting children's access to the dark web in the UK, with experts highlighting the difficulty in achieving this. Ciaran Martin, the National Cyber Security Centre's first CEO and current Oxford University professor, weighed into the discussion on Thursday, saying that there is no single technology-based solution and that there should be a greater focus on the dark web in the country's schools.

Save $500 on This Unique Web-Based Cybersecurity Training Program for a Limited Time
2024-02-06 10:00

TL;DR: Learn how to stop cyber criminals with the Cyber Security Specialist Workshop, featuring 16 live training sessions, now just $499.99 for a limited time. Want a career that offers longevity as well as a great salary to boot? Then start preparing now for the opportunities that come with the Cyber Security Specialist Workshop, offered at half price for a limited time.

Free ransomware recovery tool White Phoenix now has a web version
2024-01-31 08:06

White Phoenix is a free ransomware recovery tool for situations where files are encrypted with intermittent encryption. Intermittent encryption occurs when ransomware chooses not to encrypt every part of each file but instead encrypts sections, frequently in blocks of a set size or just the start of the targeted files.

Hundreds of network operators’ credentials found circulating in Dark Web
2024-01-30 08:41

After the recent incident involving Orange España and the leakage of credentials from the RIPE NCC portal, which led to a major outage, the cybersecurity community needs to reconsider the digital identity protection for staff engaged in network engineering and IT infrastructure management. Cybersecurity experts outlined the risks originating from Dark Web actors leveraging compromised credentials belonging to ISP/Telcom engineers, Data-Center Technicians, Network Engineers, IT Infrastructure Managers and Outsourcing companies.