Incident Response
Facebook’s New Privacy Nightmare: ‘Link History’
Richi Jennings | | adtech, Advertising and AdTech, breach of privacy, browser, browser abuse, customer privacy, Data Privacy, DeleteFacebook, facebook, Facebook data, key loggers, key logging, Keylog, keylogger, keyloggers, keylogging, Link History, Meta, Meta Networks, Meta Pixel, Privacy, SB Blogwatch
How stupid does he think we are? You’ll want to turn off this new app setting ...
Security Boulevard
Google Whistles While OAuth Burns — ‘MultiLogin’ 0-Day is 70+ Days Old
Richi Jennings | | access-token-manipulation, authentication token, Business Associate Agreements, Chrome, chrome 0-day, chrome phishing, Chrome Security, Chromium, Chromium-Based Browsers, Federated Identity, federated sso, google, Google Account, google account security, Google Advanced Protection, infostealer, infostealers, OAuth, oauth 2.0, oauth abuse, Oauth Application Abuse, oauth refresh token, OAuth Token Vunerability, Prisma, Protecting OAuth Tokens, SB Blogwatch, securing oauth
What a Mickey Mouse operation: Infostealer scrotes having a field day with unpatched vulnerability ...
Security Boulevard
Best of 2023: Western Digital Hacked: ‘My Cloud’ Data Dead (Even Local Storage!)
Richi Jennings | | cloud storage, My Cloud, Ransomware, SB Blogwatch, storage, WD, Western Digital, Western Digital My Cloud
Déjà Vu: Hack of WD systems leads to My Cloud service outage. Owners unable to access files ...
Security Boulevard
NSA iPhone Backdoor? Apple Avoids Russian Blame Game
Richi Jennings | | Apple, back door, backdoor, CVE-2023-32434, CVE-2023-32435, CVE-2023-32439, CVE-2023-38606, CVE-2023-41990, FSB, imessage, ios, iPhone, kaspersky, Kaspersky Lab, Kaspersky Security, nsa, Russia, Russian FSB, SB Blogwatch, spyware, triangulation, Zero Click Attack, Zero-Click Exploit
“No Ordinary Vulnerability” — Operation Triangulation research uncovers new details of fantastic attack chain ...
Security Boulevard
Holiday Threats Surge as Christmas-Themed Scams Explode
As the winter holidays approach, malicious spammers have ramped up their efforts with a surge of Christmas-themed scams ...
Security Boulevard
Advancing SOAR Technology: Key 2023 Updates in Incident Response Automation
Pierre Noujeim | | Advanced Analytics, Automation, Cybersecurity, Incident Response, MSSP Solutions, MSSPs, Playbook Customization, Role-Based Access Control, security integration, SOAR, SOAR technology, user experience
In 2023, we’ve achieved a remarkable milestone in the cybersecurity landscape by securing 70% of our new business from security teams eager to upgrade from their existing Security Orchestration, Automation, and Response ...
SSH FAIL: Terrapin Attack Smashes ‘Secure’ Shell Spec
Richi Jennings | | Authentication, CBC, ChaCha20, chaves ssh, CVE-2023-48795, libSSH, Man In The Middle, man in the middle attack, man in the middle attacks, mitm, MitM Attack, mitm attack prevention, mitm attacks, openssh, OpenSSH protocol, SB Blogwatch, SSH, Terrapin
Testy Testudine: Lurking vuln in SSH spec means EVERY implementation must build patches ...
Security Boulevard
Mr. Cooper Hackers Stole ~15 Million Users’ Data
Richi Jennings | | breach disclosure, Centex, Jay Bray, mortgage, Mr. Cooper, Nationstar, pii, PII Leakage, PII Protection, SB Blogwatch
Another day, another huge leak: In October, they called it an “outage;” last month, it became a “cybersecurity incident;” now it’s a full-on PII leak ...
Security Boulevard
Controversial SEC Cyber Disclosure Rules Take Effect
They’ve been detailed, debated, and fretted about for months, but as of today, the Securities and Exchange Commission’s new set of rules dictating how and when public companies must disclose “material” cyberattacks ...
Security Boulevard
X/Twitter Under Investigation by EU in First DSA Move
Richi Jennings | | Digital Services Act, Elon Musk, elon musk twitter, eu, European Commission, European Governments, European legislation, European Security, European Union, European Union (EU), Margrethe Vestager, SB Blogwatch, Schrems, Stupidity of Twitter, Thierry Breton, Twitter, X
DSA VLOP Sinks In. Manipulation, deception, transparency: “We will make full use of our toolbox,” promises Europe ...
Security Boulevard