Hot Topics

Mobile Security

Mobile Security

David Boies, founding partner and chairman of Boies Schiller Flexner, LLP

Chrome’s Incognito Mode Isn’t as Private as You Think — but Google’s Not Sorry

| | adtech, Advertising, Advertising and AdTech, adverts, breach of privacy, browser, browser abuse, Chrome, cookie, Cookie Consent, cookieconsent, cookies, customer privacy, Data Privacy, FLEDGE, FLoC, GOOG, google, Google Ad, Google AdSense, Google advertising, Google Chrome, Google Chrome Security, Incognito, Incognito Mode, Link History, Privacy, Privacy Sandbox, SB Blogwatch, Topics, tracking cookies, web cookie
Short term gain for long term pain? Class action attorney David Boies asked for $5,000 per user, but got nothing—except some assurances Google will delete data it no longer needs ...
Security Boulevard
software supply chain malware

The Cybersecurity Industry Starts Picking Through Malicious XZ Utils Code

| | Linux, open source code, software supply chain attack
The open source community, federal agencies and cybersecurity researchers are busy trying to get their hands around the security near-miss of the backdoor found in versions of the popular XZ Utils data ...
Security Boulevard
phishing cybersecurity

‘Darcula’ PhaaS Campaign Sinks Fangs into Victims

| | Phishing-as-a-Service (PhaaS), postal service, RaaS
A sprawling phishing-as-a-service (PhaaS) campaign that has been running since at least last summer is using more than 20,000 fake domains to target a wide range of organizations in more than 100 ...
Security Boulevard
Multiple, unskippable notifications

Apple OTP FAIL: ‘MFA Bomb’ Warning — Locks Accounts, Wipes iPhones

| | 2fa, 2FA bypass, 2FA Flaws, 2FA phishing, 2FA solution, 2FA/MFA, Apple, apple bug, Apple Data Security, apple hack, apple hacker, Apple iCloud, Apple ID, Apple ID failure, Apple iOS, Apple iPad, Apple iPhone, bypass 2FA, MFA, MFA Bombing, mfa fatigue, MFA hacks, mfa protection, mfasecurity, Multi-Factor Authentication (MFA), OTP, OTP circumvention bot, OTP interception bot, phishing-resistant MFA, push otp, SB Blogwatch, TOTP, two-factor-authentication.2fa
Rethink different: First, fatigue frightened users with multiple modal nighttime notifications. Next, call and pretend to be Apple support ...
Security Boulevard
vulnerability zero day

Google: Zero-Day Attacks Rise, Spyware and China are Dangers

| | China-linked Hackers, google-security, spyware, Zero Day Attacks
The number of zero-day vulnerabilities that are exploited jumped in 2023, with enterprises becoming a larger target and spyware vendors and China-backed cyberespionage groups playing an increasingly bigger role, according to Google ...
Security Boulevard
Smokey Bear / This-is-fine crossover

Revealed: Facebook’s “Incredibly Aggressive” Alleged Theft of Snapchat App Data

| | Brian J. Dunne, class action, class action lawsuit, DeleteFacebook, facebook, facebook fine, free vpn app, Ghostbusters, IAPP, Man In The Middle, man in the middle attack, man in the middle attacks, Mark Zuckerberg, Meta, mitm, MitM Attack, mitm attacks, mitm tool, mitm tools, Onavo, Onavo VPN, SB Blogwatch, Snapchat, SSL Bump, VPN
Meta MITM IAAP SSL bump: Zuck ordered “Project Ghostbusters”—with criminal consequences, says class action lawsuit ...
Security Boulevard
cloud security, cloud, cloud environment, data privacy, data protection, cloud security teams, security, cloud-native, Palo Alto Dell zero trust Network Security multi-cloud zero-trustQualys multi-cloud Wi-Fi 6 access point zero-trust cloud security remote data protection

Navigating the Complexities of Data Privacy: Balancing Innovation and Protection

| | Data Privacy, data protections, GDPR, regulations
As the digital landscape expands exponentially, so do efforts to safeguard personal data, notably through regulations and other actions ...
Security Boulevard
Scary skeletons

Telegram Privacy Nightmare: Don’t Opt In to P2PL

| | 2-step verification, 2fa, 2FA apps, 2FA bypass, 2FA Flaws, 2FA/MFA, Access control and Identity Management, Cloud MFA, digital identity verification, iam, ID verification, MFA, , mfasecurity, Multi-Factor Authentication (MFA), P2P, SB Blogwatch, SMS, SMS messages, SMS Toll Fraud, Telegram, Telegram app, two-factor-authentication.2fa, Verify 2FA
Scary SMS shenanigans: Avoid Telegram’s new “Peer-To-Peer Login” program if you value your privacy or your cellular service ...
Security Boulevard
China cyberespionage

US, UK Accuse China of Years-Long Cyberespionage Campaign

| | china espionage, Department of Justice (DOJ), UK cybersecurity
The United States, the UK, and other countries this week accused a state-sponsored Chinese threat group of running a massive global hacking campaign for more than a decade that targeted political figures, ...
Security Boulevard
a PRC flag flies in a stiff breeze

China Steals Defense Secrets ‘on Industrial Scale’

| | china, china espionage, China-linked Hackers, Chinese, Chinese Communists, chinese government, chinese hacker, Chinese hackers, Chinese Intelligence, Chinese state-sponsored hacking group, Chinese Threat Actors, ConnectWise, ConnectWise Vulnerabilities, CVE-2022-0185, CVE-2022-3052, CVE-2023-22518, CVE-2024-1709, Data Stolen By China, Dawn Calvary, f5, F5 BIG-IP, F5 BIG-IP vulnerability, Genesis Day, gov.uk, Mandiant, MSS, MSS Hackers, Peoples Republic of China, PRC, PRC Espionage, SB Blogwatch, ScreenConnect, Teng Snake, uk, UNC302, UNC5174, Uteus, Xiaoqiying
UNC5174 ❤ UNC302: CVSS 10 and 9.8 vulnerabilities exploited by Chinese threat actor for People’s Republic ...
Security Boulevard
Load more