It has been reported that when Apple released iOS 15, a Spanish security researcher disclosed an iPhone lock screen bypass that can be exploited to grant attackers access to a user’s notes. In an interview with The Record, Jose Rodriguez said he published details about the lock screen bypass after Apple downplayed similar lock screen bypass […]
One year ago this Thursday, NIST released a historic update of its security and privacy controls, NIST SP800-53 Revision 5. This update added a new focus on application security by requiring the use of IAST and RASP technology. How have these new guidelines affected application security over the last year?
ITPro is reporting that a critical flaw in vCenter Server could give hackers infrastructure access. Organizations using VMware in their infrastructure have been warned of a critical vulnerability in the analytics service of vCenter Server. This vulnerability can be used by anyone who can reach vCenter Server over the network to gain access, regardless of the […]
When reports recently circulated about Apple’s plans to implement a new feature to automatically scan personal devices for abusive content, the tech giant subsequently backtracked and put the plans on hold. Some of the industry’s top players, including WhatsApp CEO Will Cathcart, weighed in on the measures, voicing concerns over the data privacy and rights […]
BACKGROUND: In a new report “Characterizing Malicious URL Campaigns”, researchers analyzed a data set of 311 M records containing 77 M URLs that had been submitted to the online virus checking website VirusTotal between December 2019 and January 2020. Key findings: 17M unique pieces of content were flagged Attacks seem rampant in the United States […]
BACKGROUND: Right now there are some very critical VMware vulnerabilities that are ripe for exploitation and have some serious implications for anyone using vCenter. In light of this news, please see a comment from cybersecurity expert.
BACKGROUND: It has been reported that CISA sent out an advisory yesterday, centered around the Conti ransomware, providing detailed information for the cybersecurity community about the ransomware group and its affiliates. Both CISA and the FBI said they have seen more than 400 attacks involving Conti’s ransomware targeting US organisations as well as international enterprises. The FBI has previously […]
BACKGROUND: Last night Channel 4 reported on how MPs launch attack on Google and Facebook for failing to tackle online fraud “MPs have launched a blistering attack on the social media giant Google for failing to tackle online fraud. A member of the Treasury Select Committee accused Google of profiting from advertising fraud. Google says […]
17 of the top 20 UK universities fail to actively block fraudulent emails from reaching recipients Proofpoint, Inc. a leading cyber security and compliance company, today released research identifying that only 15 percent of the UK’s top 20 universities have implemented the recommended and strictest level of DMARC (Domain-based Message Authentication, Reporting & Conformance) protection, which prevents […]