Identity crimes: Too many victims, limited resources
The Identity Theft Resource Center (ITRC) has documented incidents of identity theft reported during 2022 and the first quarter of 2023, highlighting the use of strategies by …
KeePass flaw allows retrieval of master password, PoC is public (CVE-2023-32784)
A vulnerability (CVE-2023-32784) in the open-source password manager KeePass can be exploited to retrieve the master password from the software’s memory, says the …
TP-Link routers implanted with malicious firmware in state-sponsored attacks
A Chinese state-sponsored APT group implanted malicious firmware into TP-Link routers as part of attack campaigns aimed at European foreign affairs entities, say Check Point …
Scammers exploit AI trend with fake ChatGPT apps on Google Play, Apple App Store
Sophos researchers uncovered multiple apps masquerading as legitimate, ChatGPT-based chatbots to overcharge users. These apps have popped up in the Google Play and Apple App …
Inactive Google accounts will be deleted
A week after Twitter announced it will be removing idle accounts after 30 days of inaction, Google has updated its account inactivity policy. Updates to the Google account …
Infamous cybercrime marketplace offers pre-order service for stolen credentials
Infostealer malware, which consist of code that infects devices without the user’s knowledge and steals data, remains widely available to buy through underground forums and …
The CIS Benchmarks Community consensus process
The Center for Internet Security (CIS) recently celebrated 20 years of bringing confidence to the connected world with consensus-based security guidance. The first CIS …
Fraudsters send fake invoice, follow up with fake exec confirmation
Fraudsters are trying out a new approach to convince companies to pay bogus invoices: instead of hijacking existing email threads, they are creating convincing ones …
Attack automation becomes a prevalent threat against APIs
The second half of 2022 marked a significant turning point in the security landscape. In several high-profile incidents, application programming interfaces (APIs) emerged as a …
Lacroix manufacturing facilities shut down following cyberattack
French electronics manufacturer Lacroix closed three factories as a result of a cyberattack they “intercepted” over the weekend, the company has announced on …
WhatsApp allows users to lock sensitive chats
Meta has unveiled Chat Lock within WhatsApp, a feature that allows users to keep sensitive and intimate conversations safe from prying eyes. WhatsApp Chat Lock (Source: …
Google Cloud CISO on why the Google Cybersecurity Certificate matters
As part of Google’s commitment to building a strong cybersecurity workforce, the Google Cybersecurity Certificate offers an affordable and accessible pathway to a career …
Featured news
Sponsored
Don't miss
- Hottest cybersecurity open-source tools of the month: November 2024
- Researchers reveal exploitable flaws in corporate VPN clients
- Black Friday shoppers targeted with thousands of fraudulent online stores
- RomCom hackers chained Firefox and Windows zero-days to deliver backdoor
- How to recognize employment fraud before it becomes a security issue