Non-profit privacy watchdog noyb (None of Your Business) has filed a formal complaint against Mozilla, accusing the tech company of enabling a controversial tracking feature in its Firefox browser without user consent. The feature, dubbed “Privacy Preserving Attribution” (PPA), was introduced in a recent update and has sparked concern over the browser’s handling of user privacy. Despite its name, the feature allows Firefox to track user behavior across websites—taking control of tracking from individual websites and shifting it to the browser itself. While Mozilla claims this approach is less invasive than traditional cookie tracking, noyb argues that users were not…
Author: ISB Staff Reporter
Hackers have allegedly carried out a second Dell data breach within a week, compromising sensitive internal files via Atlassian tools. Allegedly, data from Jira, Jenkins, and Confluence has been exposed. Dell is currently investigating the initial breach. On 19 September 2024, Hackread.com published a report claiming a Dell data breach involving sensitive information on 10,863 employees. Hot on the heels of that incident, the same hacker responsible for the first breach now alleges that Dell has been breached again. The hacker, using the alias “grep” on the notorious Breach Forums platform, made these claims on 22 September. In the post,…
The PECB Conference 2024 is set to take place from 30 September to 3 October at the Van der Valk Hotel Breukelen in Amsterdam. This annual event will gather global experts, thought leaders, and professionals to explore the latest trends and challenges in cybersecurity, data protection, AI, and regulatory developments such as the EU AI Act. The conference will feature over 25 international speakers and more than 20 interactive sessions, with participants expected from over 100 countries. The agenda will cover a wide range of topics crucial for today’s rapidly evolving digital landscape, providing attendees with valuable insights and practical…
Recognizing that cyber criminals increasingly exploit software vulnerabilities, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has taken the lead with a new resource for software customers—the “Secure by Demand Guide.” The Guide is part of CISA’s ongoing effort to strengthen the cybersecurity resilience of businesses, organizations, and government agencies nationwide. The guide aims to help software customers actively strengthen the security of the software products they acquire. Key Recommendations for Software Customers CISA’s Guide offers software customers several ways to enhance their security through more thoughtful procurement practices. Here are the core takeaways: 1. Prioritize Security as a Key…
Attackers are employing AI-generated scripts, leveraging malvertising to distribute rogue PDF tools, and embedding malware in image files. These developments mark a significant shift in the threat landscape, accelerating the frequency and complexity of cyberattacks. This was revealed by HP’s latest Threat Insights Report, based on data from April to June 2024, which offers valuable information to help businesses stay ahead of cybercriminals’ evolving methods. Key Findings: AI Lowers the Barrier for Cybercriminals HP’s threat research identified that AI-assisted malware development is no longer speculative. A recent campaign targeting French speakers used VBScript and JavaScript scripts, which analysts believe were…
In a troubling development, the Necro Trojan has resurfaced on Google Play, infecting popular applications and reaching millions of Android devices worldwide. Kaspersky’s cybersecurity researchers discovered the Necro malware in various apps, including some available on official app stores like Google Play and others distributed through unofficial websites. This is not the first time Necro has exploited official channels—its previous attack in 2019 impacted over 100 million users. This new wave of infections is similarly alarming, with affected apps reaching over 11 million devices. Malware Hidden in Popular Apps The latest version of the Necro Trojan has been found in…
Red Canary has released a midyear update to its 2024 Threat Detection Report, revealing key cybersecurity trends and evolving threats. Among the most notable findings is the rise of Atomic Stealer, an infostealer targeting macOS devices, which entered the top ten most common threats, ranking at number nine. The report also highlights changes in the top MITRE ATT&CK® techniques, with identity and cloud-native attacks dominating the list. New techniques include Email Hiding Rule, where adversaries exploit compromised accounts by altering email settings to conceal their activities. The report identified three significant changes in the top ten threats over the past…
Social media and video streaming services (SMVSSs), including Amazon, Alphabet-owned YouTube, Meta’s Facebook and TikTok, are engaging in a “vast surveillance of users” to profit off their personal information. The report also raised concerns about the lack of meaningful privacy safeguards for children and teens. “These surveillance practices can endanger people’s privacy, threaten their freedoms, and expose them to a host of harms, from identity theft to stalking,” said FTC Chair Lina Khan in a statement. The findings stem from a special investigation launched in December 2020, targeting nine major companies in the U.S. to understand how their platforms impact…
In a major cyber operation, the U.S. Justice Department announced the successful takedown of a botnet controlled by People’s Republic of China (PRC) state-sponsored hackers. The botnet, dubbed “Raptor Train” by Black Lotus Labs, spanned over 200,000 devices globally. It was linked to hackers working for Integrity Technology Group, a Beijing-based company known in cybersecurity circles as “Flax Typhoon.” It infected various consumer devices like home routers, IP cameras, and DVRs, forming a network that hackers used for malicious activities disguised as normal internet traffic. In response, U.S. authorities launched a court-authorized operation, effectively neutralizing the botnet by sending disabling…
Tensions in Lebanon soared on Wednesday as handheld radios used by Hezbollah fighters exploded across the country’s south, marking the deadliest day since cross-border skirmishes with Israel began nearly a year ago, reported Reuters. The explosions left 20 dead and over 450 injured, according to Lebanon’s health ministry, further stoking fears of a broader conflict with Israel. This latest incident follows a similar wave of blasts on Tuesday when thousands of pagers used by Hezbollah members detonated, killing 12 people, including two children, and wounding nearly 3,000 others. Lebanon’s Red Cross reported a massive response, dispatching 30 ambulance teams to…
