Most Advanced iPhone Exploit Ever, Google’s $5 Billion Settlement, Apple’s Journal App
Tom Eston | | api, Apple, Cyber Security, Cybersecurity, Data Privacy, Digital Privacy, Episodes, Exploit, google, Google Privacy Lawsuit, Information Security, Infosec, ios, iPhone, iPhone Exploit, Journal, Journaling, Mobile, Mobile App, New Year, Podcast, Podcasts, Privacy, security, technology, Weekly Edition
In this episode, we discuss the most sophisticated iPhone exploit ever, Google’s agreement to settle a $5 billion lawsuit about tracking users in ‘incognito’ mode, and a new iOS app, Journal. The ...
GKE Case Highlights Risks of Attackers Chaining Vulnerabilities
Palo Alto Network’s cybersecurity recently outlined two vulnerabilities it found in Google Kubernetes Engine (GKE) that, individually, don’t represent much of a threat. However, if a threat actor who already had access ...
Security Boulevard
Google Cloud Report Spotlights 2024 Cybersecurity Challenges
Google Cloud suggests that it will become simpler for cybersecurity teams to leverage AI to better defend IT environments ...
Security Boulevard
Google Whistles While OAuth Burns — ‘MultiLogin’ 0-Day is 70+ Days Old
Richi Jennings | | access-token-manipulation, authentication token, Business Associate Agreements, Chrome, chrome 0-day, chrome phishing, Chrome Security, Chromium, Chromium-Based Browsers, Federated Identity, federated sso, google, Google Account, google account security, Google Advanced Protection, infostealer, infostealers, OAuth, oauth 2.0, oauth abuse, Oauth Application Abuse, oauth refresh token, OAuth Token Vunerability, Prisma, Protecting OAuth Tokens, SB Blogwatch, securing oauth
What a Mickey Mouse operation: Infostealer scrotes having a field day with unpatched vulnerability ...
Security Boulevard
Shifting from reCAPTCHA to hCaptcha
We are adding another CAPTCHA vendor and helping our customers migrate from Google’s reCAPTCHA to hCaptcha. Why We Are Making This Change We continuously evaluate our security measures to ensure they align ...
Apple Finally Adopts RCS, AI Powered Scams Targeting the Elderly
Tom Eston | | AI, AI-Powered, android, Apple, Cyber Security, Cybersecurity, Data Privacy, Digital Privacy, Elderly, Episodes, Fraud, google, imessage, Information Security, Infosec, MMS, Podcast, Podcasts, Privacy, RCS, Rich Communication Services, Scams, security, Seniors, SMS, social engineering, technology, Voice Cloning, Weekly Edition
In this episode, Tom shows off AI generated images of a “Lonely and Sad Security Awareness Manager in a Dog Pound” and the humorous outcomes. The conversation shifts to Apple’s upcoming support ...
Google to Force-Block Ad Blockers — Time to Get Firefox?
Richi Jennings | | ad blockers, ad-blocker, ad-blocking, adblock, adblockers, adblocking, adblocks, adtech, Advertising and AdTech, Chrome, Chrome extension, chrome extensions, google, Manifest V3, SB Blogwatch, uBlock Origin
Manifest V3: Destiny. Huge advertising monopoly flexes muscles: “Manifest V2” extensions to be nuked, but “V3” cripples ad blockers ...
Security Boulevard
Okta Hacked Again, Quishing Is The New Phishing, Google Play Protect Real-Time Scanning
Tom Eston | | android, Cyber Security, Cybersecurity, Data breach, Data Privacy, Digital Privacy, Episodes, Fraud, google, Google Play, Google Play Protect, hacked, Information Security, Infosec, Okta, Phishing, Podcast, Podcasts, Privacy, QR code, QR Codes, quishing, Real-time App Analysis, Scams, scanning, security, technology, Weekly Edition
In this episode, we explore the recent Okta breach where hackers obtained sensitive customer data via unauthorized access to the Okta support system. Next, we discuss the emerging threat of “quishing,” a ...
VICTORY: Google WEI ‘Stealth DRM’ Plan is Dead (or is it?)
Richi Jennings | | adtech, attestation, Chrome, digital rights management, DRM, environment attestation, freedom to tinker, google, IntegrityToken, SB Blogwatch, Web Environment Integrity, WebView Media Integrity API, WEI, wmi
WEI is dead — long live WMI: Google backs down on Web Environment Integrity API, but its replacement is also problematic ...
Security Boulevard
Google Expands Bug Bounty Program to Find Generative AI Flaws
Google, a big player in the rapidly expanding world of Ai, is now offer rewards to researchers who find vulnerabilities in its generative AI software. Like Microsoft, Amazon, and other rivals, Google ...
Security Boulevard